Pune June 29 Video tape shows fraudster wore helmet while withdrawing money
The ATM card fraudsters who have been on the prowl for some time now have scalped yet another citizen. This time, the victim is Umesh Maini of Koregaon Park. An account holder of IDBI Bank, Maini is currently working in Finland.
A fraudster got an ATM card by submitting a fake application at IDBI Bank in the name of Maini and used it for withdrawing Rs 11.6 lakh from his account over the last two months. While the money was withdrawn from various ATM centres equipped with CCTVs, the police and bank authorities checked the video recordings but could not identify him “because he was wearing a helmet during all the transactions”.
The police said that about two months ago, a man submitted a letter in the name of Umesh Maini to IDBI Bank for a cheque book and ATM card. He had made fake signatures of Maini on the letter. The bank officials thought that signatures were original and issued the ATM card and cheque book to him.
For two months, the man withdrew money from Maini’s account, using the ATM card. The fraud, however, came to light a couple of days ago when Maini’s father-in-law, also a resident of Koregaon Park, checked his account details.
The father-in-law rushed to the Fergusson College Road branch of IDBI Bank and told the bank authorities that someone had been withdrawing money from Maini’s account without consent. An amount of Rs 11.6 lakh was withdrawn from the account between April 24 and June 23 from various ATM centres in the city. IDBI branch manager Dhanajay Prabhakar Lele has lodged a complaint with the Shivajinagar police station.
Police Inspector S P Patil, the investigating officer, said that signature by the fraudster on the application for the ATM looks like original. “There are CCTVs installed in most of the ATM centres of IDBI Bank. We have checked the video records at the ATM centres at the time when money was withdrawn from Maini’s account. The criminal could not be identified because he was wearing a helmet during all the transactions,” said Patil.
Monday, June 30, 2008
Sunday, June 29, 2008
Trouble on the cards for holidaymakers in fraud crackdown - business.scotsman.com – 29 Jun 2008
HUNDREDS of thousands of holidaymakers face having their credit cards rejected by shops, bars and restaurants this summer as card companies engage in an unprecedented crackdown against fraud, writes Nic Cicutti.
Evidence is mounting of a record number of transactions being turned down by card machines across continental Europe in a bid to stamp down on fraudulent use abroad.
Problems in obtaining credit while abroad come as UK holidaymakers look set to wi
ADVERTISEMENT
thdraw a record £7bn from overseas cash machines this year and spend up to £5bn more with their cards during on a foreign break.
Credit card companies deny they are taking part in a coordinated campaign where suspect card use is being rejected. They say such decisions are always at the discretion of individual issuers.
A spokesman at the Apacs, the banks' payment system trade body, says: "We know of no collective strategy to clamp down on card usage abroad. All we can surmise is that issuers are looking at people's transactions and making decisions based on what they see happening in each individual case."
However, in one recent example, dozens of Lambretta scooter riders travelling to a rally in Sweden last week found that their cards were being rejected by petrol stations, restaurants and shops there and in Denmark. In many cases, several cards were turned down in succession, leaving their owners to borrow cash off friends in order to continue their journey.
One rider who attended the event said: "It was incredible. I was in a group of about 10 riders and the further we went on the more people were having their cards rejected at service stations. By the end, almost everyone in our little group had several pieces of useless plastic in their wallets. When we got to the main campsite we discovered lots of others with the same experience."
Despite the introduction of Chip and Pin cards, which were meant to make life much more difficult for criminals, total losses from card fraud while abroad grew by more than 85% in 2007 to £207m. At £532m, total fraud is higher than it has ever been.
The most important growth in fraud has come from overseas. The main reason for this is that not all EU countries (or the US) operate a Chip and Pin system. This means it is possible for criminals to skim your card and counterfeit it by making the old-style magnetic stripe on it.
The card can then be used abroad, especially in Italy, Australia and the US, which have no plans to implement Chip and Pin.
A spokesman at Barclaycard denies that his company is targeting holidaymakers. "That's the very last thing we want to do," he says. "What is happening, however, is that our security systems are becoming increasingly sophisticated an identifying patterns of suspicious transactions.
"Clearly, if in one week you have been using your credit card to do the shopping in a certain supermarket and the next you are in Sweden, paying for petrol several times over in one day, that will be totally different spending pattern and our systems will pick up on that."
The spokesman adds that Barclaycard is to start asking its cardholders to inform the company of when they are planning to go away, where and how long for. In addition, cardholders are being asked to supply a contact number where they can be reached in order for its staff to clarify any potentially dubious transactions before they are accepted or rejected.
Having your card rejected is not the only danger for holidaymakers. Even if a card is accepted, research suggests many could be paying through the nose for the privilege.
The financial website MoneyExpert.com says the cost of withdrawing cash abroad can vary dramatically between providers. With an average cash withdrawal abroad of £103, debit card holders will pay on average an additional £4.12 in charges, and credit card holders £4.33.
Sean Gardner of MoneyExpert.com says: "Withdrawing cash from an ATM or over the counter whilst abroad can be the most convenient way of getting hold of your money. It's also safe and simple. However, most people will have to pay for the privilege and some will pay considerably more than others."
The consumer group Which? says people making purchases on their debit or credit card abroad could face fees of more than £20 if they spend £500 on holiday. Most cards add a foreign exchange loading fee of 2.75%, and debit cards usually add a handling fee for each purchase.
Which? says the best options are Nationwide's debit card, while credit cards from Abbey, Nationwide, the Post Office, Saga or Thomas Cook don't add fees for overseas spending.
How to play your cards right when you go abroad
Before you go overseas:
• Only take cards with you that you intend to use.
• Take your card company's 24-hour phone number with you. Tell the issuer you are going abroad.
• Make sure your card company has your latest contact details.
Evidence is mounting of a record number of transactions being turned down by card machines across continental Europe in a bid to stamp down on fraudulent use abroad.
Problems in obtaining credit while abroad come as UK holidaymakers look set to wi
ADVERTISEMENT
thdraw a record £7bn from overseas cash machines this year and spend up to £5bn more with their cards during on a foreign break.
Credit card companies deny they are taking part in a coordinated campaign where suspect card use is being rejected. They say such decisions are always at the discretion of individual issuers.
A spokesman at the Apacs, the banks' payment system trade body, says: "We know of no collective strategy to clamp down on card usage abroad. All we can surmise is that issuers are looking at people's transactions and making decisions based on what they see happening in each individual case."
However, in one recent example, dozens of Lambretta scooter riders travelling to a rally in Sweden last week found that their cards were being rejected by petrol stations, restaurants and shops there and in Denmark. In many cases, several cards were turned down in succession, leaving their owners to borrow cash off friends in order to continue their journey.
One rider who attended the event said: "It was incredible. I was in a group of about 10 riders and the further we went on the more people were having their cards rejected at service stations. By the end, almost everyone in our little group had several pieces of useless plastic in their wallets. When we got to the main campsite we discovered lots of others with the same experience."
Despite the introduction of Chip and Pin cards, which were meant to make life much more difficult for criminals, total losses from card fraud while abroad grew by more than 85% in 2007 to £207m. At £532m, total fraud is higher than it has ever been.
The most important growth in fraud has come from overseas. The main reason for this is that not all EU countries (or the US) operate a Chip and Pin system. This means it is possible for criminals to skim your card and counterfeit it by making the old-style magnetic stripe on it.
The card can then be used abroad, especially in Italy, Australia and the US, which have no plans to implement Chip and Pin.
A spokesman at Barclaycard denies that his company is targeting holidaymakers. "That's the very last thing we want to do," he says. "What is happening, however, is that our security systems are becoming increasingly sophisticated an identifying patterns of suspicious transactions.
"Clearly, if in one week you have been using your credit card to do the shopping in a certain supermarket and the next you are in Sweden, paying for petrol several times over in one day, that will be totally different spending pattern and our systems will pick up on that."
The spokesman adds that Barclaycard is to start asking its cardholders to inform the company of when they are planning to go away, where and how long for. In addition, cardholders are being asked to supply a contact number where they can be reached in order for its staff to clarify any potentially dubious transactions before they are accepted or rejected.
Having your card rejected is not the only danger for holidaymakers. Even if a card is accepted, research suggests many could be paying through the nose for the privilege.
The financial website MoneyExpert.com says the cost of withdrawing cash abroad can vary dramatically between providers. With an average cash withdrawal abroad of £103, debit card holders will pay on average an additional £4.12 in charges, and credit card holders £4.33.
Sean Gardner of MoneyExpert.com says: "Withdrawing cash from an ATM or over the counter whilst abroad can be the most convenient way of getting hold of your money. It's also safe and simple. However, most people will have to pay for the privilege and some will pay considerably more than others."
The consumer group Which? says people making purchases on their debit or credit card abroad could face fees of more than £20 if they spend £500 on holiday. Most cards add a foreign exchange loading fee of 2.75%, and debit cards usually add a handling fee for each purchase.
Which? says the best options are Nationwide's debit card, while credit cards from Abbey, Nationwide, the Post Office, Saga or Thomas Cook don't add fees for overseas spending.
How to play your cards right when you go abroad
Before you go overseas:
• Only take cards with you that you intend to use.
• Take your card company's 24-hour phone number with you. Tell the issuer you are going abroad.
• Make sure your card company has your latest contact details.
Wards didn't tell consumers about credit card hack - 29 Jun 2008
NEW YORK - An old name in retail was hit by a modern scourge — a hack of its customers' credit card numbers — but didn't inform the consumers, revealing how data breaches might be heavily undercounted even with new notification laws.
At least 51,000 records were exposed in the breach at the parent company of Montgomery Ward. The venerable Wards chain that began in 1872 went out of business in 2001, but in 2004 a catalog company, Direct Marketing Services Inc., bought the brand name out of bankruptcy. It now runs a Wards.com Web site along with six other sites, including three with Sears brands it has acquired: SearsHomeCenter.com, SearsShowplace.com and SearsRoomforKids.com.
Direct Marketing Services' CEO, David Milgrom, said the financial company Citigroup detected the computer invasion in December. By going through HomeVisions.com, another Direct Marketing Services site, hackers had plundered the database that holds account information for all the company's retail properties.
Milgrom said Direct Marketing Services immediately informed its payment processor and Visa and MasterCard. Then, Milgrom said, Direct Marketing Services closely followed a set of guidelines, issued by Visa, on how to respond to a security breach. That included a report to the U.S. Secret Service. He said he believed by the end of December that Direct Marketing Services had met its obligations.
However, those guidelines from Visa are largely technical, and they do not cover a key additional step: that notification laws in nearly every state generally require organizations that have been hacked to come clean to the affected consumers, not just to the financial industry.
Companies that fail to comply can be hit with fines or be sued by affected customers, depending on the state.
As a result, scores of breaches covering hundreds of millions of consumer accounts have been disclosed by banks, universities, corporations and retailers in recent years.
After being asked about those laws by The Associated Press, Milgrom said Direct Marketing Services now plans to contact consumers.
This hack might have stayed quiet except for online chatter detected in June by Affinion Group Inc.'s CardCops, a group of investigators who track payment-card theft for financial institutions. In Internet chat rooms frequented by card thieves, CardCops spotted hackers touting the sale of 200,000 payment cards belonging to one merchant. CardCops then intercepted several hundred of the records, along with the online handles belonging to hackers whose real names remain unknown.
Along with the card numbers, their three-digit "security codes" and expiration dates, the thieves had the cardholders' names, addresses and phone numbers. The data had been organized in the same way, indicating the numbers likely came from the same database. CardCops' president, Dan Clements, also noticed that the vast majority of the cardholders were women, a clue that the records came from a merchant catering to a certain demographic.
When he began calling them, the first eight said they had bought things online or through mail order from Montgomery Ward. At that point, Clements realized, "there's a high probability the entire database of Montgomery Ward was breached."
It is not clear to Clements, though, whether the hackers were inflating their claim when they offered 200,000 records or whether Milgrom's number of 51,000 is accurate.
The credit card industry's response to the breach varied.
A spokeswoman for Discover Financial Services LLC, Mai Lee Ua, said her company had addressed the problem by sending new cards to its cardholders who appeared in the compromised records. Ua said they weren't told which merchant had been breached.
Visa declined to comment. MasterCard issued a statement Friday acknowledging it was aware of the breach at Direct Marketing Services, and had notified the banks that issue MasterCards, telling them to monitor the accounts for suspicious charges.
Linda Jeffers of Latrobe, Pa., decided not to take any chances in waiting. Jeffers, a MasterCard cardholder whose data were found online, canceled her card this month after being contacted by CardCops.
She told the AP she had used the card for Internet shopping only once, from her son's computer — she bought a desk from Montgomery Ward — and was surprised to hear her account had been compromised.
Such silence was the norm in the industry for years. But in response to fears of identity theft, 44 states have passed laws that generally require organizations holding consumer data to tell people when their information has leaked, according to the National Conference of State Legislatures.
Clements and other security analysts say that despite those laws, many breaches still are kept quiet, judging by the data being hawked in online black markets. Avivah Litan, an analyst at Gartner Inc., believes unreported data breaches might still outnumber the ones that do get publicized.
Litan says it especially is the case with online merchants. She believes it happens because of a lack of pressure from credit card companies, which are not responsible for fraudulent charges in "card not present" transactions over the Web and mail order. Until fraud actually appears on the card, they'd rather avoid the cost of voiding compromised cards and giving consumers new ones, she said.
"What it reveals is the convoluted banking system," she said. "If this had taken place at a grocery store, we all would have heard about it."
In fact, because of the silence that still sometimes follows data breaches, even people who have never been informed one of their records has leaked should assume their information is floating online, Litan said.
"Probably every one of our cards is up there somewhere now," she said.
At least 51,000 records were exposed in the breach at the parent company of Montgomery Ward. The venerable Wards chain that began in 1872 went out of business in 2001, but in 2004 a catalog company, Direct Marketing Services Inc., bought the brand name out of bankruptcy. It now runs a Wards.com Web site along with six other sites, including three with Sears brands it has acquired: SearsHomeCenter.com, SearsShowplace.com and SearsRoomforKids.com.
Direct Marketing Services' CEO, David Milgrom, said the financial company Citigroup detected the computer invasion in December. By going through HomeVisions.com, another Direct Marketing Services site, hackers had plundered the database that holds account information for all the company's retail properties.
Milgrom said Direct Marketing Services immediately informed its payment processor and Visa and MasterCard. Then, Milgrom said, Direct Marketing Services closely followed a set of guidelines, issued by Visa, on how to respond to a security breach. That included a report to the U.S. Secret Service. He said he believed by the end of December that Direct Marketing Services had met its obligations.
However, those guidelines from Visa are largely technical, and they do not cover a key additional step: that notification laws in nearly every state generally require organizations that have been hacked to come clean to the affected consumers, not just to the financial industry.
Companies that fail to comply can be hit with fines or be sued by affected customers, depending on the state.
As a result, scores of breaches covering hundreds of millions of consumer accounts have been disclosed by banks, universities, corporations and retailers in recent years.
After being asked about those laws by The Associated Press, Milgrom said Direct Marketing Services now plans to contact consumers.
This hack might have stayed quiet except for online chatter detected in June by Affinion Group Inc.'s CardCops, a group of investigators who track payment-card theft for financial institutions. In Internet chat rooms frequented by card thieves, CardCops spotted hackers touting the sale of 200,000 payment cards belonging to one merchant. CardCops then intercepted several hundred of the records, along with the online handles belonging to hackers whose real names remain unknown.
Along with the card numbers, their three-digit "security codes" and expiration dates, the thieves had the cardholders' names, addresses and phone numbers. The data had been organized in the same way, indicating the numbers likely came from the same database. CardCops' president, Dan Clements, also noticed that the vast majority of the cardholders were women, a clue that the records came from a merchant catering to a certain demographic.
When he began calling them, the first eight said they had bought things online or through mail order from Montgomery Ward. At that point, Clements realized, "there's a high probability the entire database of Montgomery Ward was breached."
It is not clear to Clements, though, whether the hackers were inflating their claim when they offered 200,000 records or whether Milgrom's number of 51,000 is accurate.
The credit card industry's response to the breach varied.
A spokeswoman for Discover Financial Services LLC, Mai Lee Ua, said her company had addressed the problem by sending new cards to its cardholders who appeared in the compromised records. Ua said they weren't told which merchant had been breached.
Visa declined to comment. MasterCard issued a statement Friday acknowledging it was aware of the breach at Direct Marketing Services, and had notified the banks that issue MasterCards, telling them to monitor the accounts for suspicious charges.
Linda Jeffers of Latrobe, Pa., decided not to take any chances in waiting. Jeffers, a MasterCard cardholder whose data were found online, canceled her card this month after being contacted by CardCops.
She told the AP she had used the card for Internet shopping only once, from her son's computer — she bought a desk from Montgomery Ward — and was surprised to hear her account had been compromised.
Such silence was the norm in the industry for years. But in response to fears of identity theft, 44 states have passed laws that generally require organizations holding consumer data to tell people when their information has leaked, according to the National Conference of State Legislatures.
Clements and other security analysts say that despite those laws, many breaches still are kept quiet, judging by the data being hawked in online black markets. Avivah Litan, an analyst at Gartner Inc., believes unreported data breaches might still outnumber the ones that do get publicized.
Litan says it especially is the case with online merchants. She believes it happens because of a lack of pressure from credit card companies, which are not responsible for fraudulent charges in "card not present" transactions over the Web and mail order. Until fraud actually appears on the card, they'd rather avoid the cost of voiding compromised cards and giving consumers new ones, she said.
"What it reveals is the convoluted banking system," she said. "If this had taken place at a grocery store, we all would have heard about it."
In fact, because of the silence that still sometimes follows data breaches, even people who have never been informed one of their records has leaked should assume their information is floating online, Litan said.
"Probably every one of our cards is up there somewhere now," she said.
Asianet Reality show portal hacked - Express News Service - 28 Jun 2008
KOCHI: The portal of popular reality show ‘Idea Star Singer’ telecast on Asianet has been hacked.
The High-tech Cell at Police Headquarters, Thiruvananthapuram, has started investigation into a complaint filed by Asianet regarding the issue.
According to a complaint filed about one month ago, the portal of `Idea Star Singer’ has been hacked by someone.
It has been found that some of the pictures posted on the portal were deleted by someone other than the administrator.
The Police High-tech Cell has sought assistance from C-DAC for analysing the login details of the portals. “We have been inspecting the login details from various IP addresses into this website. We have found that the portal has been logged in more than 2,000 times. The details of login by the administrators, including the time of login and the duration, are available with us. Hence now we have to find out the details of others who logged in on the portal,” high-tech cell sources said.
The investigation team has found out that the password of the portal has been hacked.
Investigation is on to find out the hackers who gained access to the portal. Sources said that the issue began with an e-mail message that received by the portal saying that ‘site is not secure’.
The High-tech Cell at Police Headquarters, Thiruvananthapuram, has started investigation into a complaint filed by Asianet regarding the issue.
According to a complaint filed about one month ago, the portal of `Idea Star Singer’ has been hacked by someone.
It has been found that some of the pictures posted on the portal were deleted by someone other than the administrator.
The Police High-tech Cell has sought assistance from C-DAC for analysing the login details of the portals. “We have been inspecting the login details from various IP addresses into this website. We have found that the portal has been logged in more than 2,000 times. The details of login by the administrators, including the time of login and the duration, are available with us. Hence now we have to find out the details of others who logged in on the portal,” high-tech cell sources said.
The investigation team has found out that the password of the portal has been hacked.
Investigation is on to find out the hackers who gained access to the portal. Sources said that the issue began with an e-mail message that received by the portal saying that ‘site is not secure’.
Israeli hackers penetrate Hamas website - Israel News - 26 Jun 2008
Israeli hackers boasted Thursday about breaking into the website of Izz al-Din al-Qassam, Hamas’ military wing, which now displays a white screen and words in Arabic announcing technical difficulties.
The hacker group, which calls itself Fanat al-Radical (the fanatical radicals), also said that it broke into additional terror organizations’ sites and those of various leftist movements.
In a Ynet interview, a group representative who refused to reveal his name said, “We searched for relevant sites with the criteria we look for, whether leftist or anti-Zionist, and looked for loopholes. Our emphasis was always on the al-Qassam site.
"The criteria are defined as anti-Zionist or anti-Jewish sites that support or assist in harming Zionism and the existence of Israel as a Zionistic, Jewish state”.
According to him, the group consists of young adults from 16 to 18 years of age.
In addition to the Hamas military wing’s site, they also broke into the Balad political party site, that of the Hagada Hasmalit (the left bank), the Kibush (occupation) site and more.
The hacked sites are now equipped with an Israeli flag, the words of the Israeli national anthem "Hatikva" with vowels and pictures of Palestinian babies and children dressed as suicide bombers. A short explanation of why this specific site was broken into to begin with is also included.
The Left Bank site, considered by the group as “another site identifying with the left,” was broken into “due to its blatant anti-Zionist contents.”
More to come
Despite the fact that the slogan, “Kahane was right” appears and with it, the symbol of the Kach party, a yellow and black fist, the groups’ members clarified that they are in no way connected to the Kahane Chai party, “except for many common opinions and agreement with Kahane’s ways, out of the understanding that there is no other choice.”
Fanat al-Radical is a new group of hackers whose members were members of another group called Kamikaz Team. “Since we didn’t want to include politics in Kamikaz, we created a parallel group that supports the destruction of Arab sites.
“This is our first operation under the new name but it isn’t the first time we have done similar things to Arab, anti-Zionistic sites,” said the representative.
When asked if he believes that hacking can lead to change, he said, “We want to convey the message that there are still people who care and who are sick and tired of governmental apathy. We believe in all ways of fighting back and our means is the internet. We will do anything that causes damage.”
The group feels that its first hacking campaign was successful, but they do not intend on stopping here. They said that they plan on orchestrating an additional attack in the future.
Politically and nationally-motivated site hacking is not new. Two months ago the Bank of Israel site was penetrated by a Muslim hacker that left messages against Israeli occupation and of the US invasion of Iraq.
The hacker group, which calls itself Fanat al-Radical (the fanatical radicals), also said that it broke into additional terror organizations’ sites and those of various leftist movements.
In a Ynet interview, a group representative who refused to reveal his name said, “We searched for relevant sites with the criteria we look for, whether leftist or anti-Zionist, and looked for loopholes. Our emphasis was always on the al-Qassam site.
"The criteria are defined as anti-Zionist or anti-Jewish sites that support or assist in harming Zionism and the existence of Israel as a Zionistic, Jewish state”.
According to him, the group consists of young adults from 16 to 18 years of age.
In addition to the Hamas military wing’s site, they also broke into the Balad political party site, that of the Hagada Hasmalit (the left bank), the Kibush (occupation) site and more.
The hacked sites are now equipped with an Israeli flag, the words of the Israeli national anthem "Hatikva" with vowels and pictures of Palestinian babies and children dressed as suicide bombers. A short explanation of why this specific site was broken into to begin with is also included.
The Left Bank site, considered by the group as “another site identifying with the left,” was broken into “due to its blatant anti-Zionist contents.”
More to come
Despite the fact that the slogan, “Kahane was right” appears and with it, the symbol of the Kach party, a yellow and black fist, the groups’ members clarified that they are in no way connected to the Kahane Chai party, “except for many common opinions and agreement with Kahane’s ways, out of the understanding that there is no other choice.”
Fanat al-Radical is a new group of hackers whose members were members of another group called Kamikaz Team. “Since we didn’t want to include politics in Kamikaz, we created a parallel group that supports the destruction of Arab sites.
“This is our first operation under the new name but it isn’t the first time we have done similar things to Arab, anti-Zionistic sites,” said the representative.
When asked if he believes that hacking can lead to change, he said, “We want to convey the message that there are still people who care and who are sick and tired of governmental apathy. We believe in all ways of fighting back and our means is the internet. We will do anything that causes damage.”
The group feels that its first hacking campaign was successful, but they do not intend on stopping here. They said that they plan on orchestrating an additional attack in the future.
Politically and nationally-motivated site hacking is not new. Two months ago the Bank of Israel site was penetrated by a Muslim hacker that left messages against Israeli occupation and of the US invasion of Iraq.
Turkish hackers crack ICANN - vnunet.com- 28 Jun 2008
Turkish hacking group NetDevilz have successfully hacked the web sites for the Internet Corporation for Assigned Names and Numbers (ICANN) and Internet Assigned Numbers Authority (IANA).
The two organizations are key to the running of the internet and the hacking attack is highly embarrassing to the site’s administrators. Visitors to the page were redirected to an atspace.com dotcom domain hosting a message from the hackers.
"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"
It is signed off as by NetDevilz, who describe themselves as a ‘loveable Turkish hacker’s group’.
The attack is particularly embarrassing for the groups involved since this week has seen ICANN approve generic domain names in what it calls ‘a milestone’ in the development of the internet.
The NetDevilz are same group was behind a similar attack earlier this year against the pornography web site Redtube.
by Iain Thomson
The two organizations are key to the running of the internet and the hacking attack is highly embarrassing to the site’s administrators. Visitors to the page were redirected to an atspace.com dotcom domain hosting a message from the hackers.
"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"
It is signed off as by NetDevilz, who describe themselves as a ‘loveable Turkish hacker’s group’.
The attack is particularly embarrassing for the groups involved since this week has seen ICANN approve generic domain names in what it calls ‘a milestone’ in the development of the internet.
The NetDevilz are same group was behind a similar attack earlier this year against the pornography web site Redtube.
by Iain Thomson
Dutch police have arrested a 20-year-old man suspected of hacking on the internet and stealing the details of 50,000 credit cards- 28 Jun 2008.
Dutch police have arrested a 20-year-old man suspected of hacking on the internet and stealing the details of 50,000 credit cards.
The man, detained in Maastricht on Tuesday (local time), is also alleged to have hacked into the server of a US gamemaker and stolen a copy of award-winning videogame Enemy Territory: Quake War - while it was in development.
Police seized the man's computer and a gun during their search of his home.
He is thought to have used the credit card identities, obtained through a British ticketing agency, to make numerous online purchases, racking up $US20 million of infrastructure damage along the way.
The man, detained in Maastricht on Tuesday (local time), is also alleged to have hacked into the server of a US gamemaker and stolen a copy of award-winning videogame Enemy Territory: Quake War - while it was in development.
Police seized the man's computer and a gun during their search of his home.
He is thought to have used the credit card identities, obtained through a British ticketing agency, to make numerous online purchases, racking up $US20 million of infrastructure damage along the way.
Rightist hackers place Israeli flag, Kach images on pro-Palestinian Web sites - haaretz.com -
Rightists on Thursday hacked into three Web sites associated with the Israeli Arab and Palestinan causes, and embedded on their pages an image of the Israeli flag, the words to the Israeli national anthem and the symbol of an outlawed ultra-rightist movement.
The perpetrators hacked into the Web site of the Israeli Arab Balad party; Arabs48.com, an Arabic-language site; and Mahsom.com, which is written in Hebrew. Both site represent the Israeli Arab and Palestinian cause.
In addition to the flag and the words of "Hatikva," the hackers embedded the symbol of the Kach movement, an ultra-rightist organization founded by Rabbi Meir Kahane that was banned from the Knesset in 1988 and later deemed a terrorist organization by Israel. The symbol appeared with the words "Kahane was right."
Pictures were also embedded on the sites showing Palestinian children strapped with explosives under the words "murderers from birth."
In a statement also printed on the site, the rightists wrote, "This site was hacked into due to its blatantly anti-Zionist contents. Israel is not interested in people like you who are burdens on the process of proper decision-making in the government. If you oppose what you call the 'Israeli occupation' then there's no place for you here."
Arabs48.com, which is popular in Arab states and in Israel, prints news on Israel and the Middle East from a pro-Palestinian, pan-Arabist perspective. Mahsom.com is a self-proclaimed alternative media source meant for a primarily Jewish audience.
The manager of Arabs48.com, Az a-Din Badran, said in response that the "hacking of the site is intended to sabotage the a central media outlet, which provides a critical and different look at everything connected to the Arab-Israeli conflict. It seems that the exposure enjoyed by the site, in Israel and in the Arab world, drives the right-wing crazy."
"The site is constantly suffering from repeated hack attempts, which have interfered in the past with the regular maintenance of the site, but not to this extent. We view with great severity the attempt to silence the site, which reflects factual and analytical loyalty to the Arab and Palestinian perspective in the ongoing conflict. The Kahane terrorists and their followers from the Israeli-Zionist right will not weaken our power, like they haven't in the past," the statement continued.
The perpetrators hacked into the Web site of the Israeli Arab Balad party; Arabs48.com, an Arabic-language site; and Mahsom.com, which is written in Hebrew. Both site represent the Israeli Arab and Palestinian cause.
In addition to the flag and the words of "Hatikva," the hackers embedded the symbol of the Kach movement, an ultra-rightist organization founded by Rabbi Meir Kahane that was banned from the Knesset in 1988 and later deemed a terrorist organization by Israel. The symbol appeared with the words "Kahane was right."
Pictures were also embedded on the sites showing Palestinian children strapped with explosives under the words "murderers from birth."
In a statement also printed on the site, the rightists wrote, "This site was hacked into due to its blatantly anti-Zionist contents. Israel is not interested in people like you who are burdens on the process of proper decision-making in the government. If you oppose what you call the 'Israeli occupation' then there's no place for you here."
Arabs48.com, which is popular in Arab states and in Israel, prints news on Israel and the Middle East from a pro-Palestinian, pan-Arabist perspective. Mahsom.com is a self-proclaimed alternative media source meant for a primarily Jewish audience.
The manager of Arabs48.com, Az a-Din Badran, said in response that the "hacking of the site is intended to sabotage the a central media outlet, which provides a critical and different look at everything connected to the Arab-Israeli conflict. It seems that the exposure enjoyed by the site, in Israel and in the Arab world, drives the right-wing crazy."
"The site is constantly suffering from repeated hack attempts, which have interfered in the past with the regular maintenance of the site, but not to this extent. We view with great severity the attempt to silence the site, which reflects factual and analytical loyalty to the Arab and Palestinian perspective in the ongoing conflict. The Kahane terrorists and their followers from the Israeli-Zionist right will not weaken our power, like they haven't in the past," the statement continued.
The inside story of ATM fraud - sunnewsonline.com - 28 Jun 2008
Until the unthinkable happened, Adah Obande had always prided himself as a streetwise Nigerian. So streetwise he had never been a victim of pickpocket, burglary, room-to- let fraud, 419 scam or some high profile swindle. Caution was second nature to him; after all he was a security personnel trained to be one step ahead of criminals and their modus operandi. Both in his professional and private life his reflexes had never failed him as he had never lost a possession to a thief. However, his ironclad confidence was put to the test shortly after his return to Lagos from the last Christmas holiday.
Prior to the Yuletide, Obande had left the sum of N288,000 in his bank account. The last withdrawals he remembered doing were for the sum of N50,000.
Specifically, he withdrew first the sum of N20,000 from the Obalende branch of his bank. Then on 22nd December, the very day he set off for the village, he made another withdrawal of N30,000, this time using the Automated Teller Machine (ATM) at the Falomo branch of the same bank.
If his arithmetic was correct, Obande still had a tidy sum to start the New Year on a bright note. Unknown to him, he was in for a shock treatment as he glided across the polish floor of the bank to the counter. The cashier punched her buttons and then gave Obande an awkward look. “Sir, are you expecting any lodgement?” she asked as pleasantly as she could.
Obande was not expecting any deposit. He still had N288,000 left with the bank. Or so he thought. His account was in the red. He urged the cashier to check again, insisting there was a mistake somewhere. It was only a matter of minutes before the full explanation was given to him. The man almost had a heart attack as he was told that the N288,000 had been withdrawn via the ATM.
Before this shocker in the banking hall, Obande indeed had tried to withdraw some money in the morning of January 7th, 2008, using the ATM. At first, he had thought there was a problem with his ATM card because no matter how hard he punched, the machine kept telling him his account was empty. When he realized he might be in for a long haul, Obande accepted the advice of the bank staff at the Falomo branch of the bank to proceed to the bank’s headquarter at Marina. There he was handed over to one Mr. Tony who in recent times has found his job a little bit more fatiguing. Like his counterparts in almost all the banks, his desk is flooded on a daily basis with ATM-related complaints.
Investigations into Obande account would reveal that two faceless companies swept his N288,000 using the ATM.
The companies, or rather their addresses were given as www.immigration.com and www.earocontractor.com. The victim swore the companies did not belong to him. He never worked for them and had no business relationship with them. The theft was later reported to the Special Fraud Unit of the Nigeria Police.
On Thursday, June 5, between the hours of 1.20-3.10 p.m, this reporter was in the premises of the Opebi branch of First Bank, observing ATM users and their seeming frustrations. Of the 26 customers that used the cash dispenser within this period, not a few came out cursing under their breath. The issues ranged from cards trapped inside the machine to PIN (Personal Identification Number) rejection.
One particular customer, a middle-aged man was left with little choice but to cause a scene as he protested that the machine had cheated him.
Before his very eyes, the ATM machine had processed his request but instead of dispensing the cash, the machine merely opened his mouth, brandished the crisp notes for the eager customer to see, and then swallowed the money all by itself. For his troubles, the bewildered customer received instead a receipt of transaction showing he had just successfully withdrawn N15,000. A security guard, who from his grin was obviously familiar with the various ATM antics, did his best to calm and reassure the agitated customer. He would lead him inside the bank’s building to lay complaint on yet another ATM ruse.
If the myriad incidences witnessed that day at Opebi could be glossed over as part of the teething problem of e-payment system introduced to the economy only a few years ago, the same cannot be said of the loss last week of N175,000 to ATM fraudsters.
The victim, this time, is a media practitioner. The man, Mr. Iheanachor, told SATURDAY SUN that on the particular day, he had first attempted to withdraw some money using the ATM in the premises of Guarantee Trust Bank in the Okota area of Lagos. When that proved unsuccessful, he proceeded to Zenith Bank at the same Okota. The outcome was grimly the same. A third attempt, this time at Eko Bank in the same neighbourhood fetched him N20,000 cash. For him, the end would have justified all the troubles but for a text message that came some hours later from his bankers, Intercontinental Bank, informing him that N175,000 had been withdrawn from his account via the ATM. From bank records, the N175,000 was withdrawn in eight transactions. The account holder said he knew nothing about those withdrawals. The matter is under investigation.
On the rise
Every week, hundreds of bank customers across the major cities are finding their deposits or a substantial part of it stolen by faceless crooks. Sources within the Special Fraud Unit (SFU) confirmed that ATM fraud is on the increase in Nigeria. The statistic is alarming. The Central Bank of Nigeria (CBN) puts the losses to ATM-related theft last year alone at hundreds of millions of naira. It is about the commonest headache to all the banks in Nigeria and one seen by experts as capable of eroding in the long run the enviable gains of recapitalisation. At the moment,
By EMMANUEL MAYAH
Prior to the Yuletide, Obande had left the sum of N288,000 in his bank account. The last withdrawals he remembered doing were for the sum of N50,000.
Specifically, he withdrew first the sum of N20,000 from the Obalende branch of his bank. Then on 22nd December, the very day he set off for the village, he made another withdrawal of N30,000, this time using the Automated Teller Machine (ATM) at the Falomo branch of the same bank.
If his arithmetic was correct, Obande still had a tidy sum to start the New Year on a bright note. Unknown to him, he was in for a shock treatment as he glided across the polish floor of the bank to the counter. The cashier punched her buttons and then gave Obande an awkward look. “Sir, are you expecting any lodgement?” she asked as pleasantly as she could.
Obande was not expecting any deposit. He still had N288,000 left with the bank. Or so he thought. His account was in the red. He urged the cashier to check again, insisting there was a mistake somewhere. It was only a matter of minutes before the full explanation was given to him. The man almost had a heart attack as he was told that the N288,000 had been withdrawn via the ATM.
Before this shocker in the banking hall, Obande indeed had tried to withdraw some money in the morning of January 7th, 2008, using the ATM. At first, he had thought there was a problem with his ATM card because no matter how hard he punched, the machine kept telling him his account was empty. When he realized he might be in for a long haul, Obande accepted the advice of the bank staff at the Falomo branch of the bank to proceed to the bank’s headquarter at Marina. There he was handed over to one Mr. Tony who in recent times has found his job a little bit more fatiguing. Like his counterparts in almost all the banks, his desk is flooded on a daily basis with ATM-related complaints.
Investigations into Obande account would reveal that two faceless companies swept his N288,000 using the ATM.
The companies, or rather their addresses were given as www.immigration.com and www.earocontractor.com. The victim swore the companies did not belong to him. He never worked for them and had no business relationship with them. The theft was later reported to the Special Fraud Unit of the Nigeria Police.
On Thursday, June 5, between the hours of 1.20-3.10 p.m, this reporter was in the premises of the Opebi branch of First Bank, observing ATM users and their seeming frustrations. Of the 26 customers that used the cash dispenser within this period, not a few came out cursing under their breath. The issues ranged from cards trapped inside the machine to PIN (Personal Identification Number) rejection.
One particular customer, a middle-aged man was left with little choice but to cause a scene as he protested that the machine had cheated him.
Before his very eyes, the ATM machine had processed his request but instead of dispensing the cash, the machine merely opened his mouth, brandished the crisp notes for the eager customer to see, and then swallowed the money all by itself. For his troubles, the bewildered customer received instead a receipt of transaction showing he had just successfully withdrawn N15,000. A security guard, who from his grin was obviously familiar with the various ATM antics, did his best to calm and reassure the agitated customer. He would lead him inside the bank’s building to lay complaint on yet another ATM ruse.
If the myriad incidences witnessed that day at Opebi could be glossed over as part of the teething problem of e-payment system introduced to the economy only a few years ago, the same cannot be said of the loss last week of N175,000 to ATM fraudsters.
The victim, this time, is a media practitioner. The man, Mr. Iheanachor, told SATURDAY SUN that on the particular day, he had first attempted to withdraw some money using the ATM in the premises of Guarantee Trust Bank in the Okota area of Lagos. When that proved unsuccessful, he proceeded to Zenith Bank at the same Okota. The outcome was grimly the same. A third attempt, this time at Eko Bank in the same neighbourhood fetched him N20,000 cash. For him, the end would have justified all the troubles but for a text message that came some hours later from his bankers, Intercontinental Bank, informing him that N175,000 had been withdrawn from his account via the ATM. From bank records, the N175,000 was withdrawn in eight transactions. The account holder said he knew nothing about those withdrawals. The matter is under investigation.
On the rise
Every week, hundreds of bank customers across the major cities are finding their deposits or a substantial part of it stolen by faceless crooks. Sources within the Special Fraud Unit (SFU) confirmed that ATM fraud is on the increase in Nigeria. The statistic is alarming. The Central Bank of Nigeria (CBN) puts the losses to ATM-related theft last year alone at hundreds of millions of naira. It is about the commonest headache to all the banks in Nigeria and one seen by experts as capable of eroding in the long run the enviable gains of recapitalisation. At the moment,
By EMMANUEL MAYAH
Two Romanians remanded for credit card scam - cyprus-mail.com
TWO MEN, a 45-year-old and a 21-year-old, both from Romania are in remand, suspected of stealing over €22,000 from ATMs in Limassol using fake credit cards.
The two men were arrested yesterday, after police received information from a bank clerk that someone was trying to withdraw money from an ATM using a fake credit card.
Police arrived at the scene immediately and saw the 45-year-old walking in the area; he was stopped and searched. The 45-year-old was accompanied by a 21-year-old compatriot of his who was traced in a hotel and arrested, said Andreas Angelides, Limassol Police Chief.
Police searched the men’s hotel room and found €22,000 and UK?4,000. Following investigation it was found that 37 transactions were made using fake credit cards at ATMs throughout Limassol.
Angelides also confirmed that police are investigating the men’s involvement in similar cases that took place in Larnaca, as well as the possibility that they belong to an international network.
Europol had previously alerted Cyprus police on the operation of an international network that steals money from ATMs using fake cards. Europol and Interpol have been informed of yesterday’s arrests.
The two suspects yesterday appeared before Limassol District Court, which issued an eight day remand.
By Anna Hassapi
The two men were arrested yesterday, after police received information from a bank clerk that someone was trying to withdraw money from an ATM using a fake credit card.
Police arrived at the scene immediately and saw the 45-year-old walking in the area; he was stopped and searched. The 45-year-old was accompanied by a 21-year-old compatriot of his who was traced in a hotel and arrested, said Andreas Angelides, Limassol Police Chief.
Police searched the men’s hotel room and found €22,000 and UK?4,000. Following investigation it was found that 37 transactions were made using fake credit cards at ATMs throughout Limassol.
Angelides also confirmed that police are investigating the men’s involvement in similar cases that took place in Larnaca, as well as the possibility that they belong to an international network.
Europol had previously alerted Cyprus police on the operation of an international network that steals money from ATMs using fake cards. Europol and Interpol have been informed of yesterday’s arrests.
The two suspects yesterday appeared before Limassol District Court, which issued an eight day remand.
By Anna Hassapi
Friday, June 27, 2008
China's cyber warfare against India - indiapost.com
China's intensified cyber warfare against India is becoming a serious threat to national security. The desire to possess 'electronic dominance' over India has compelled Chinese hackers to attack many crucial Indian websites and over the past one and a half years, they have mounted almost daily attacks on Indian computer networks - both government and private.
In October 2007, for example, Chinese hackers defaced over 143 Indian websites. Phishing is a term derived from fishing, and is a fraudulent activity on the Internet to acquire personal information. In phishing, the hackers use spoofed e-mails to lure innocent Internet users and get their personal information like bank account number, credit card details, and password and so on.
In April 2008, Indian intelligence agencies detected Chinese hackers breaking into the computer network of the Ministry of External Affairs forcing the government to think about devising a new strategy to fortify the system. Though the intelligence agencies failed to get the identity of the hackers, the IP addresses left behind suggested Chinese hands.
While hacking is a normal practice around the world, the cyber warfare threat from China has serious implications. At the core of the assault is the fact that the Chinese are constantly scanning and mapping India's official networks.
According to India's CERT-In, in the year 2006, a total of 5,211 Indian websites were defaced, on an average of about 14 websites per day. Of the total number of sites that were hacked and defaced, an overwhelming majority were in the .com domain (90 cases) followed by 26 in the .in domain. As many as 11 defacement incidents were also recorded in the .org domain.
Of all hacking incidents in October, about 61 per cent related to phishing, 27 per cent to unauthorized scanning and 8 per cent to viruses/worms under the malicious code category. India, like the western countries, has been witnessing a massive rise in phishing attacks with incidents in 2006 180 per cent higher than in 2005, and the trend carrying through into 2007.
Though the maximum defacements have been recorded during August, in 2007, February and March recorded the highest such cases with 858 and 738 websites defaced respectively. August, by contrast, saw only 345 websites defaced. While other countries treat Chinese cyber attacks as security breaches, India considers these intrusions as the equivalent of Internet-based terrorist attacks.
An Indian Army commanders' conference held in New Delhi on 26 April, voiced concern over mounting attacks on the country's networks. In the US, in June 2007, the Pentagon's computers were shut down for a week as a result of hacking.
At the frequency and aggressiveness of cyber attacks President Bush, without referring directly to Beijing, had said last year that "a lot of our systems are vulnerable to attack." The Chinese military hacked into the US Defence Secretary's computer system in June 2007 and regularly penetrated computers in at least ten of the UK's Whitehall departments, accessing also military files. German Chancellor, Angela Merkel, too has complained to Chinese Premier, Wen Jiabao, over suspected hacks of its government systems.
Although Beijing vehemently denies all allegations of state-controlled cyber snooping and hacking, the Chinese government as well as its society hails the practice of hacking for the national cause. The formation of Honker Union in China in 1999, in retaliation to the US bombing of the Chinese embassy in Belgrade, was aimed at widespread hacking under the guise of patriotism and nationalism, mostly of government-related websites around the world.
Unless India takes adequate steps to protect itself from external cyber threats, the world famous IT giant could be facing a grim situation. Cyber attacks are dangerous for India because of the growing reliance on networks and technology to control critical systems that run power plants and transportation systems. Cyber attacks on banks, stock markets and other financial institutions could likewise have a devastating effect on a nation's economy.
As a countermeasure, the Indian armed forces are trying to enhance their C4ISR capabilities, so that the country can launch its own cyber offensive if the need arises. Given Chinese cyber attacks, there is need for the army to fight digital battles as well.
According to Indian Army Chief, General Deepak Kapoor, the army has already ramped up the security of its information networks right down to the division level, while the Army Cyber Security Establishment has started conducting periodic cyber-security audits as well. However, the question remains: is this enough to stop Chinese cyber attacks?
In October 2007, for example, Chinese hackers defaced over 143 Indian websites. Phishing is a term derived from fishing, and is a fraudulent activity on the Internet to acquire personal information. In phishing, the hackers use spoofed e-mails to lure innocent Internet users and get their personal information like bank account number, credit card details, and password and so on.
In April 2008, Indian intelligence agencies detected Chinese hackers breaking into the computer network of the Ministry of External Affairs forcing the government to think about devising a new strategy to fortify the system. Though the intelligence agencies failed to get the identity of the hackers, the IP addresses left behind suggested Chinese hands.
While hacking is a normal practice around the world, the cyber warfare threat from China has serious implications. At the core of the assault is the fact that the Chinese are constantly scanning and mapping India's official networks.
According to India's CERT-In, in the year 2006, a total of 5,211 Indian websites were defaced, on an average of about 14 websites per day. Of the total number of sites that were hacked and defaced, an overwhelming majority were in the .com domain (90 cases) followed by 26 in the .in domain. As many as 11 defacement incidents were also recorded in the .org domain.
Of all hacking incidents in October, about 61 per cent related to phishing, 27 per cent to unauthorized scanning and 8 per cent to viruses/worms under the malicious code category. India, like the western countries, has been witnessing a massive rise in phishing attacks with incidents in 2006 180 per cent higher than in 2005, and the trend carrying through into 2007.
Though the maximum defacements have been recorded during August, in 2007, February and March recorded the highest such cases with 858 and 738 websites defaced respectively. August, by contrast, saw only 345 websites defaced. While other countries treat Chinese cyber attacks as security breaches, India considers these intrusions as the equivalent of Internet-based terrorist attacks.
An Indian Army commanders' conference held in New Delhi on 26 April, voiced concern over mounting attacks on the country's networks. In the US, in June 2007, the Pentagon's computers were shut down for a week as a result of hacking.
At the frequency and aggressiveness of cyber attacks President Bush, without referring directly to Beijing, had said last year that "a lot of our systems are vulnerable to attack." The Chinese military hacked into the US Defence Secretary's computer system in June 2007 and regularly penetrated computers in at least ten of the UK's Whitehall departments, accessing also military files. German Chancellor, Angela Merkel, too has complained to Chinese Premier, Wen Jiabao, over suspected hacks of its government systems.
Although Beijing vehemently denies all allegations of state-controlled cyber snooping and hacking, the Chinese government as well as its society hails the practice of hacking for the national cause. The formation of Honker Union in China in 1999, in retaliation to the US bombing of the Chinese embassy in Belgrade, was aimed at widespread hacking under the guise of patriotism and nationalism, mostly of government-related websites around the world.
Unless India takes adequate steps to protect itself from external cyber threats, the world famous IT giant could be facing a grim situation. Cyber attacks are dangerous for India because of the growing reliance on networks and technology to control critical systems that run power plants and transportation systems. Cyber attacks on banks, stock markets and other financial institutions could likewise have a devastating effect on a nation's economy.
As a countermeasure, the Indian armed forces are trying to enhance their C4ISR capabilities, so that the country can launch its own cyber offensive if the need arises. Given Chinese cyber attacks, there is need for the army to fight digital battles as well.
According to Indian Army Chief, General Deepak Kapoor, the army has already ramped up the security of its information networks right down to the division level, while the Army Cyber Security Establishment has started conducting periodic cyber-security audits as well. However, the question remains: is this enough to stop Chinese cyber attacks?
Major Canadian debit card hacking ring uncovered
Author: Steve Gold
It seems that the US is not alone in being a hotbed of criminal actyivity when it comes to cloned debit cards, as reports are surfacing about eight people being rounded up in Canada in connection with a debit card cloning scam worth US$1 million.
Frightening statistics about viruses are often flung into the ether by antivirus companies hoping to get a little media exposure. But one recent report from web security experts makes some worrying reading even for skeptics.
According to ScanSafe, an Internet security provider, there has been a 400 percent rise in attacks on users' computers from trusted, legitimate sites. In the past, antivirus authorities warned people about the dangers of visiting Internet sites that they were suspicious of, but it seems new traps are being laid by ingenious virus makers.
It looks as though malicious software (malware) producers will not be deterred. Quickly sensing that users are wising up to the dangers of visiting dubious websites, virus makers are taking a new tack ― they are attempting to infest the bona fide sites that most people know and trust.
Another web security company, Websense, say that over half of all malware attacks now come from legitimate sites that have been infested with malicious code.
Hackers can ``colonize'' thousands of legitimate sites, from big brand name sites like Wal-Mart, to smaller but equally legitimate sites, according to Mary Landesman, a senior security researcher at ScanSafe.
The issue of Internet Security is increasingly pressing, and one of the themes of the OCED Ministerial Meeting held last week was ``Building Confidence.'' A specially-organized ``Global Industrial Security Forum 2008'' at the meeting was set to examine Internet and industrial security.
Malware makers know that there is big, quick money available to them if they develop an effective virus, and count some very sophisticated software experts among their number.
Once we were worried about computer viruses, now we should also be wary of Denial of Service attacks, trojans, worms, rootkits, phishing, pharming and spyware. The list grows by the year.
A recent malware trend is the ``randomware'' attack, where hackers break into computer systems and encrypt files before demanding money to decode corrupted data. It seems that as hard as try to we protect ourselves from harm on the net, the virus makers remain one step ahead.
The OCED meeting was well-timed for Korea, it seems. This year alone, the South Korean government has three times accused its neighbors and political rivals, the Chinese and North Koreans, of launching ``cyber terrorist attacks.'' In January, a worm sent as an attachment to soldiers' email accounts was traced to Chinese IP addresses, which are also used by Pyongyang.
In May, Korea was rocked by two security breaches ― with first Auction, one of the country's best-loved sites having its security compromised, leaking personal information on some 11 million Korean citizens onto the net. Only a few days later, Cheong Wa Dae, the official residence of the President, admitted that it had also experienced a security breach earlier in the year and that classified documents had been accessed by hackers.
Blame was again laid at the feet of the North Koreans or China, as the attacks were said to have both been traced again to Chinese IP. Such incidences of purported ``cyber terrorism'' are becoming more widespread globally, with Estonia accusing Russia of an attack in 2007.
As far as counter-terrorism efforts go, advances are also being made, fortuantely. Forensics is a buzzword in 2008 as governments start to work to allow courts to consider a whole new variety of evidence in legal proceedings. This will allow judges more power to deal with malware distributors. As things stand, legislation on digital matters is often either hazy or even non-existant in many countries. Security experts are optimistic that the OECD discussions will help International governments work together on legal matters concerning the Internet.
As e-commerce and e-politics start to become the norm, hopes are the OCED recognizes just how important it is that the Internet stays safe from the clutches of talented hackers.
Phishing scams are becoming more and more diverse, as Internet fraudsters attempt to trick people into handing over bank details and confidential passwords.
``Phishers'' are now using networking and Internet telecommunication sites, like MSN Messenger and Skype, as ways to get in contact with potential victims.
Skype's CEO, Josh Silverman, in Korea for the OCED Ministerial Meeting, admitted on Monday that his company was almost powerless to prevent innocent users from handing sensitive information over to web tricksters, but that caution was advised. He said, "Nothing can protect users better than education. We all need to work together to help people get informed about security risks."
Song Eun-soo is an IT Manager and a Certified Information Systems Auditor at Oerlikon Korea, an engineering firm. Song agrees the OCED and governments can play a big role in shaping a secure Internet for the future.
``Governments need to take a more active role. They need to start up public awareness campaigns to keep ordinary people informed about things to look out for when they are on the net. Better legislation and more monitoring is needed to clamp down on people who are using the Internet to steal from or attack innocent users,'' he says.
Indeed, although malware users keep on getting craftier in their efforts to hack the computers of the unsuspecting, the fault for Internet security breaches can mostly be apportioned to users who lack knowledge about how to keep safe on the net. A Deloitte report estimates that third parties are at fault for less than 30 percent of Internet Security failiures, while human error was invovled in more than 75 percent of the cases.
Forgetting to back up files and update anitvirus and other software are common blunders that can let malware onto a system. Even after the security breaches at Cheong Wa Dae, speculation was rife that the worm that infiltrated the governemnt computers was allowed access because of an employee failing to follow security protocol.
Corporate respondees from the Deloite study said that a staggering 91 percent of Information compromises were caused by mistakes made by their staff.
Song says people are generally just badly informed when it comes to security, and when it comes to new scams and malware, the best tool for prevention is knowledge. ``I think the digital divide creates a security divide. Lack of information can cause the uninitiated to bring about a lot of Internet misfortune upon themselves and others,'' he explains.
Perhaps if we all only knew how better to keep up our guard against all of the baddies that want to steal our data and money, the hackers would lose thier power. But until we know how to keep informed on how to build up our defences, the virus makers look set to keep on attacking the naivity of the Internet's billions of users with a restless intensity.
The Canadian police say they are also looking for a ninth person, in connection with the scam which saw the crims switch PINpads at a number of retail outlets.
The PINpads worked normally for the retailer, but also transmitted the data stream wirelessly to allow the crims to create cloned cards quite easily.
A total of 15 stores, mainly in the Montreal area, appear to have been hit by the fraudsters and, say police, more than 1,000 cardholders have complained to their banks about unauthorised charges.
The case is interesting as, as I've said before, cases like this in the UK tend to get swept under the corporate carpet is a bid to maintain public confidence in the chip and sPIN system...
It seems that the US is not alone in being a hotbed of criminal actyivity when it comes to cloned debit cards, as reports are surfacing about eight people being rounded up in Canada in connection with a debit card cloning scam worth US$1 million.
Frightening statistics about viruses are often flung into the ether by antivirus companies hoping to get a little media exposure. But one recent report from web security experts makes some worrying reading even for skeptics.
According to ScanSafe, an Internet security provider, there has been a 400 percent rise in attacks on users' computers from trusted, legitimate sites. In the past, antivirus authorities warned people about the dangers of visiting Internet sites that they were suspicious of, but it seems new traps are being laid by ingenious virus makers.
It looks as though malicious software (malware) producers will not be deterred. Quickly sensing that users are wising up to the dangers of visiting dubious websites, virus makers are taking a new tack ― they are attempting to infest the bona fide sites that most people know and trust.
Another web security company, Websense, say that over half of all malware attacks now come from legitimate sites that have been infested with malicious code.
Hackers can ``colonize'' thousands of legitimate sites, from big brand name sites like Wal-Mart, to smaller but equally legitimate sites, according to Mary Landesman, a senior security researcher at ScanSafe.
The issue of Internet Security is increasingly pressing, and one of the themes of the OCED Ministerial Meeting held last week was ``Building Confidence.'' A specially-organized ``Global Industrial Security Forum 2008'' at the meeting was set to examine Internet and industrial security.
Malware makers know that there is big, quick money available to them if they develop an effective virus, and count some very sophisticated software experts among their number.
Once we were worried about computer viruses, now we should also be wary of Denial of Service attacks, trojans, worms, rootkits, phishing, pharming and spyware. The list grows by the year.
A recent malware trend is the ``randomware'' attack, where hackers break into computer systems and encrypt files before demanding money to decode corrupted data. It seems that as hard as try to we protect ourselves from harm on the net, the virus makers remain one step ahead.
The OCED meeting was well-timed for Korea, it seems. This year alone, the South Korean government has three times accused its neighbors and political rivals, the Chinese and North Koreans, of launching ``cyber terrorist attacks.'' In January, a worm sent as an attachment to soldiers' email accounts was traced to Chinese IP addresses, which are also used by Pyongyang.
In May, Korea was rocked by two security breaches ― with first Auction, one of the country's best-loved sites having its security compromised, leaking personal information on some 11 million Korean citizens onto the net. Only a few days later, Cheong Wa Dae, the official residence of the President, admitted that it had also experienced a security breach earlier in the year and that classified documents had been accessed by hackers.
Blame was again laid at the feet of the North Koreans or China, as the attacks were said to have both been traced again to Chinese IP. Such incidences of purported ``cyber terrorism'' are becoming more widespread globally, with Estonia accusing Russia of an attack in 2007.
As far as counter-terrorism efforts go, advances are also being made, fortuantely. Forensics is a buzzword in 2008 as governments start to work to allow courts to consider a whole new variety of evidence in legal proceedings. This will allow judges more power to deal with malware distributors. As things stand, legislation on digital matters is often either hazy or even non-existant in many countries. Security experts are optimistic that the OECD discussions will help International governments work together on legal matters concerning the Internet.
As e-commerce and e-politics start to become the norm, hopes are the OCED recognizes just how important it is that the Internet stays safe from the clutches of talented hackers.
Phishing scams are becoming more and more diverse, as Internet fraudsters attempt to trick people into handing over bank details and confidential passwords.
``Phishers'' are now using networking and Internet telecommunication sites, like MSN Messenger and Skype, as ways to get in contact with potential victims.
Skype's CEO, Josh Silverman, in Korea for the OCED Ministerial Meeting, admitted on Monday that his company was almost powerless to prevent innocent users from handing sensitive information over to web tricksters, but that caution was advised. He said, "Nothing can protect users better than education. We all need to work together to help people get informed about security risks."
Song Eun-soo is an IT Manager and a Certified Information Systems Auditor at Oerlikon Korea, an engineering firm. Song agrees the OCED and governments can play a big role in shaping a secure Internet for the future.
``Governments need to take a more active role. They need to start up public awareness campaigns to keep ordinary people informed about things to look out for when they are on the net. Better legislation and more monitoring is needed to clamp down on people who are using the Internet to steal from or attack innocent users,'' he says.
Indeed, although malware users keep on getting craftier in their efforts to hack the computers of the unsuspecting, the fault for Internet security breaches can mostly be apportioned to users who lack knowledge about how to keep safe on the net. A Deloitte report estimates that third parties are at fault for less than 30 percent of Internet Security failiures, while human error was invovled in more than 75 percent of the cases.
Forgetting to back up files and update anitvirus and other software are common blunders that can let malware onto a system. Even after the security breaches at Cheong Wa Dae, speculation was rife that the worm that infiltrated the governemnt computers was allowed access because of an employee failing to follow security protocol.
Corporate respondees from the Deloite study said that a staggering 91 percent of Information compromises were caused by mistakes made by their staff.
Song says people are generally just badly informed when it comes to security, and when it comes to new scams and malware, the best tool for prevention is knowledge. ``I think the digital divide creates a security divide. Lack of information can cause the uninitiated to bring about a lot of Internet misfortune upon themselves and others,'' he explains.
Perhaps if we all only knew how better to keep up our guard against all of the baddies that want to steal our data and money, the hackers would lose thier power. But until we know how to keep informed on how to build up our defences, the virus makers look set to keep on attacking the naivity of the Internet's billions of users with a restless intensity.
The Canadian police say they are also looking for a ninth person, in connection with the scam which saw the crims switch PINpads at a number of retail outlets.
The PINpads worked normally for the retailer, but also transmitted the data stream wirelessly to allow the crims to create cloned cards quite easily.
A total of 15 stores, mainly in the Montreal area, appear to have been hit by the fraudsters and, say police, more than 1,000 cardholders have complained to their banks about unauthorised charges.
The case is interesting as, as I've said before, cases like this in the UK tend to get swept under the corporate carpet is a bid to maintain public confidence in the chip and sPIN system...
CIB nabs 17 for making fraudulent credit Cards - chinapost.com.tw
The detainees included Yang Tsao-chin, the ring leader who was only released from jail last year for the same crime.
Agents of the CIB under the National Police Agency (NPA) said that Yang could have teamed up with accomplices in some neighboring Southeast Asian nations for this international scheme.
After receiving tips on the use of fake credit cards on the market, agents cooperated with financial institutions, department stores, and the National Credit Card Center to trace and hunt down the customers who made purchases with the phony cards.
They decided to take action on Tuesday after learning about the return of Wang Chun-chieh, a local accomplice, with a batch of blank cards from a trip to Malaysia.
Yang and Wang managed to put up a team of around 20 people to set up an operation center at an apartment rented in Zhonghe City of Taipei County.
The agents and local police have also confiscated 17 newly produced credit cards, 250 semifinished ones, several counterfeit identity cards, and passports plus printing machines, notebook computers, and other equipment.
The fake cards looked identical with the genuine American Express cards and Diners Club cards.
An initial probe by the CIB showed that Yang restarted his counterfeit operation after getting out of jail last year.
He could have purchased the codes for the credit cards from foreign suppliers who illegally copied the data with sophisticated electronic gadgets when the cards of customers were swiped during financial transactions at stores.
Yang, 46, may have also acquired the data contained inside the cards from computer hackers who were able to retrieve the data during online transactions.
He sent out members in his syndicate to make massive purchases with the fake cards and then converted the purchased goods into cash before the counterfeit cards were discovered by store owners or card-issuing banks.
Yang has netted an estimated over NT$10 million in illegal gains.
According to the CIB, Yang was arrested with more than 2,000 fake credit cards six years ago in one of the largest fake card crime cases in Taiwan.
Agents of the CIB under the National Police Agency (NPA) said that Yang could have teamed up with accomplices in some neighboring Southeast Asian nations for this international scheme.
After receiving tips on the use of fake credit cards on the market, agents cooperated with financial institutions, department stores, and the National Credit Card Center to trace and hunt down the customers who made purchases with the phony cards.
They decided to take action on Tuesday after learning about the return of Wang Chun-chieh, a local accomplice, with a batch of blank cards from a trip to Malaysia.
Yang and Wang managed to put up a team of around 20 people to set up an operation center at an apartment rented in Zhonghe City of Taipei County.
The agents and local police have also confiscated 17 newly produced credit cards, 250 semifinished ones, several counterfeit identity cards, and passports plus printing machines, notebook computers, and other equipment.
The fake cards looked identical with the genuine American Express cards and Diners Club cards.
An initial probe by the CIB showed that Yang restarted his counterfeit operation after getting out of jail last year.
He could have purchased the codes for the credit cards from foreign suppliers who illegally copied the data with sophisticated electronic gadgets when the cards of customers were swiped during financial transactions at stores.
Yang, 46, may have also acquired the data contained inside the cards from computer hackers who were able to retrieve the data during online transactions.
He sent out members in his syndicate to make massive purchases with the fake cards and then converted the purchased goods into cash before the counterfeit cards were discovered by store owners or card-issuing banks.
Yang has netted an estimated over NT$10 million in illegal gains.
According to the CIB, Yang was arrested with more than 2,000 fake credit cards six years ago in one of the largest fake card crime cases in Taiwan.
HMRC slammed over major data breach - ukpress.google.com
Serious institutional deficiencies at HM Revenue and Customs were to blame for Britain's worst-ever breach of personal data security, when details of 25 million people were lost in the post, according to two reports.
Investigators from the Independent Police Complaints Commission found that HMRC procedures for handling sensitive data were "woefully inadequate" and staff adopted a "muddle through" ethos to confidential personal records.
And a separate report by consultant Kieran Poynter found that last October's loss of two computer discs containing the names, addresses and bank details of every child benefit claimant in the country was "entirely avoidable" and raised "serious questions of governance and accountability" at HMRC.
The UK's data watchdog, Information Commissioner Richard Thomas, warned that he would prosecute the agency if it did not improve its handling of private information. He issued formal enforcement notices against HMRC and the Ministry of Defence, which was the subject of a third critical report into its loss of 600,000 recruits' details on a stolen laptop.
Chancellor of the Exchequer Alistair Darling apologised "unreservedly" for the security breach, and assured the House of Commons that measures were already under way to tighten up procedures at HMRC.
The Government has accepted all 45 of Mr Poynter's recommendations and the new chairman of HMRC Mike Clasper has committed £155 million over the next three years to improving security, he said.
But his Conservative shadow George Osborne said that the reports gave a "truly devastating account of incompetence and systemic failure at the heart of this Government".
He said that the reports had "comprehensively blown out of the water" the claims made by Mr Darling and Prime Minister Gordon Brown at the time of the incident that the breach was the responsibility of a junior official breaking the rules. The IPCC report found that no individual was to blame for the loss of the discs, which have never been found.
Instead, the Government agency was accused of wholesale failings in institutional practices and procedures. Staff worked on confidential data without adequate support, training or guidance and there was no coherent strategy for mass data handling.
Officials were so ignorant about data security that when the CDs were lost, they simply sent another set, and it was three weeks before the loss was reported, setting in train a series of events which sparked a national outcry.
Investigators from the Independent Police Complaints Commission found that HMRC procedures for handling sensitive data were "woefully inadequate" and staff adopted a "muddle through" ethos to confidential personal records.
And a separate report by consultant Kieran Poynter found that last October's loss of two computer discs containing the names, addresses and bank details of every child benefit claimant in the country was "entirely avoidable" and raised "serious questions of governance and accountability" at HMRC.
The UK's data watchdog, Information Commissioner Richard Thomas, warned that he would prosecute the agency if it did not improve its handling of private information. He issued formal enforcement notices against HMRC and the Ministry of Defence, which was the subject of a third critical report into its loss of 600,000 recruits' details on a stolen laptop.
Chancellor of the Exchequer Alistair Darling apologised "unreservedly" for the security breach, and assured the House of Commons that measures were already under way to tighten up procedures at HMRC.
The Government has accepted all 45 of Mr Poynter's recommendations and the new chairman of HMRC Mike Clasper has committed £155 million over the next three years to improving security, he said.
But his Conservative shadow George Osborne said that the reports gave a "truly devastating account of incompetence and systemic failure at the heart of this Government".
He said that the reports had "comprehensively blown out of the water" the claims made by Mr Darling and Prime Minister Gordon Brown at the time of the incident that the breach was the responsibility of a junior official breaking the rules. The IPCC report found that no individual was to blame for the loss of the discs, which have never been found.
Instead, the Government agency was accused of wholesale failings in institutional practices and procedures. Staff worked on confidential data without adequate support, training or guidance and there was no coherent strategy for mass data handling.
Officials were so ignorant about data security that when the CDs were lost, they simply sent another set, and it was three weeks before the loss was reported, setting in train a series of events which sparked a national outcry.
Baby Identity Theft Victim - www.wlbt.com
A metro area man says he's spent the last six months fighting identity theft. The victim of the crime was his newborn son.
He believes the thief is local, and could strike again if they're not stopped.
Before he could speak his first word, or take his first step, Devin Jones was a victim of identity theft. It all started when his parents filed their income taxes.
Craig Jones says, "When we went to file our taxes they said they already used our social security, name, birth date, and social to file their taxes. ...Took us longer to file our taxes... we did get our money back... that's not the issue. The issue here is that someone was able to get this information that fast, use it and here it is almost July and no one is in jail yet."
Jones says his son's social security number was stolen less than three months after he was born.
It's still unclear how the number was leaked. Jones has done his own investigating.
Jones says, "The IRS knows because they processed both forms, they paid both entities, they have told me I have an impending audit in November. The state tax commission has pulled it up while I was on the phone with them and told me, 'yeah we see who did it but we can't give that info to the prosecutorial body to go get them. It doesn't make sense."
The Social Security Administration in Jackson says protecting your Social Security number is key in preventing identity theft. They say always keep your card and number in a safe place. Don't carry your social security card or anything with the number on it on you, and always call them immediately if you suspect someone is using your number illegally.
Craig Jones says, "Everyone in this state should be concerned about how many numbers have been used - how much money has been squandered."
Obviously it's never a good idea to give your social security number out to anyone, aside from an employer or healthcare provider.
Jones says he will continue to fight to save his son's identity, before any more damage is done.
He believes the thief is local, and could strike again if they're not stopped.
Before he could speak his first word, or take his first step, Devin Jones was a victim of identity theft. It all started when his parents filed their income taxes.
Craig Jones says, "When we went to file our taxes they said they already used our social security, name, birth date, and social to file their taxes. ...Took us longer to file our taxes... we did get our money back... that's not the issue. The issue here is that someone was able to get this information that fast, use it and here it is almost July and no one is in jail yet."
Jones says his son's social security number was stolen less than three months after he was born.
It's still unclear how the number was leaked. Jones has done his own investigating.
Jones says, "The IRS knows because they processed both forms, they paid both entities, they have told me I have an impending audit in November. The state tax commission has pulled it up while I was on the phone with them and told me, 'yeah we see who did it but we can't give that info to the prosecutorial body to go get them. It doesn't make sense."
The Social Security Administration in Jackson says protecting your Social Security number is key in preventing identity theft. They say always keep your card and number in a safe place. Don't carry your social security card or anything with the number on it on you, and always call them immediately if you suspect someone is using your number illegally.
Craig Jones says, "Everyone in this state should be concerned about how many numbers have been used - how much money has been squandered."
Obviously it's never a good idea to give your social security number out to anyone, aside from an employer or healthcare provider.
Jones says he will continue to fight to save his son's identity, before any more damage is done.
Monday, June 23, 2008
Exiled Tibetans wage cyber attack on China - Sify.com - 23 Jun 2008
Dharamsala (Himachal Pradesh): They might not have the guns and the numbers to match the might of the world's biggest army in China, but determined Tibetans living in exile in India and other parts of the world are turning to the internet to wage a 'virtual' war against China.
Scores of Tibetan websites and links have come up in the last couple of years to put forth demands of a 'free Tibet' and highlight the alleged rights violations in Tibet. And it is not Tibetans alone who are in the midst of this struggle.
They are being supported by hundreds of sympathisers across the globe, many of them information technology (IT) specialists, and even Indian friends.
Tibet Special: Blood on the Roof of the World
The Tibetan government-in-exile here uses the internet as a potent weapon to draw attention to the Tibetan cause and counter the Chinese propaganda. While the exiled Central Tibetan Administration (CTA) has its own website (www.tibet.net), other arms of the Tibetan establishment too rely heavily on the Internet.
The Tibetan Solidarity Committee (TSC), which came into being in March to coordinate the Tibetan issue after violent anti-China protests broke out in the run-up to the Beijing Olympics, also has its own website that is updated daily.
“The internet is a good weapon to have at times to counter Chinese propaganda. But this is a short-term thing because the Chinese manage to block Tibetan websites inside China. These websites cannot exist inside Tibet or China for more than three-four days,” points out the exiled government's Prime Minister (Kalon Tripa) Samdhong Rinpoche.
"Using the internet to highlight the Tibetan cause is a good weapon for us," Rinpoche told IANS.
Tibetan spiritual head the Dalai Lama has his own website (www.dalailama.com) and so also the Karmapa Lama - the third highest figure in Tibetan religious hierarchy.
In fact, a single website, www.tibetsites.com, provides links to scores of Tibetan websites across the globe. These include websites of the exiled government and its several agencies, Tibetan NGOs like Tibetan Youth Congress, Friends of Tibet and Students for Free Tibet.
It’s cultural genocide in Tibet: Dalai Lama
Some sites like www.phayul.com deal with news about Tibetans from around the globe.
Tibetans living in this Himalayan abode of the Dalai Lama say the world wide web (www) also helps them keep in touch with Tibetans living in Tibet.
"Using the internet helps us to highlight information about what we are doing. Many sympathisers of the Tibetan cause have got in touch with us through the websites. This also helps in getting funding and support," Lobsang, a Tibetan activist says as he scans websites at a cyber-café in Mcleodganj - India's little Lhasa near here.
India is home to some 100,000 Tibetan exiles, many of whom fled their homeland along with the Dalai Lama in 1959 following a failed anti-China uprising. The Tibetan government-in-exile in Dharamsala is not recognised by any country.
In the last three years, efforts are being made by IT professionals from abroad to set up the 'air jaldi' wi-fi network in and around Mcleodganj and Dharamsala to provide wireless access to Tibetans and others.
NGOs are also running computer and technology centres around Dharamsala to train Tibetan youth in computers, software and other related technology.
Tibetans seek help of technology professionals to make sure that their websites are not hacked by Chinese hackers. This has happened several times in recent years and the CTA's website, www.tibet.net, was also hacked three months ago.
Scores of Tibetan websites and links have come up in the last couple of years to put forth demands of a 'free Tibet' and highlight the alleged rights violations in Tibet. And it is not Tibetans alone who are in the midst of this struggle.
They are being supported by hundreds of sympathisers across the globe, many of them information technology (IT) specialists, and even Indian friends.
Tibet Special: Blood on the Roof of the World
The Tibetan government-in-exile here uses the internet as a potent weapon to draw attention to the Tibetan cause and counter the Chinese propaganda. While the exiled Central Tibetan Administration (CTA) has its own website (www.tibet.net), other arms of the Tibetan establishment too rely heavily on the Internet.
The Tibetan Solidarity Committee (TSC), which came into being in March to coordinate the Tibetan issue after violent anti-China protests broke out in the run-up to the Beijing Olympics, also has its own website that is updated daily.
“The internet is a good weapon to have at times to counter Chinese propaganda. But this is a short-term thing because the Chinese manage to block Tibetan websites inside China. These websites cannot exist inside Tibet or China for more than three-four days,” points out the exiled government's Prime Minister (Kalon Tripa) Samdhong Rinpoche.
"Using the internet to highlight the Tibetan cause is a good weapon for us," Rinpoche told IANS.
Tibetan spiritual head the Dalai Lama has his own website (www.dalailama.com) and so also the Karmapa Lama - the third highest figure in Tibetan religious hierarchy.
In fact, a single website, www.tibetsites.com, provides links to scores of Tibetan websites across the globe. These include websites of the exiled government and its several agencies, Tibetan NGOs like Tibetan Youth Congress, Friends of Tibet and Students for Free Tibet.
It’s cultural genocide in Tibet: Dalai Lama
Some sites like www.phayul.com deal with news about Tibetans from around the globe.
Tibetans living in this Himalayan abode of the Dalai Lama say the world wide web (www) also helps them keep in touch with Tibetans living in Tibet.
"Using the internet helps us to highlight information about what we are doing. Many sympathisers of the Tibetan cause have got in touch with us through the websites. This also helps in getting funding and support," Lobsang, a Tibetan activist says as he scans websites at a cyber-café in Mcleodganj - India's little Lhasa near here.
India is home to some 100,000 Tibetan exiles, many of whom fled their homeland along with the Dalai Lama in 1959 following a failed anti-China uprising. The Tibetan government-in-exile in Dharamsala is not recognised by any country.
In the last three years, efforts are being made by IT professionals from abroad to set up the 'air jaldi' wi-fi network in and around Mcleodganj and Dharamsala to provide wireless access to Tibetans and others.
NGOs are also running computer and technology centres around Dharamsala to train Tibetan youth in computers, software and other related technology.
Tibetans seek help of technology professionals to make sure that their websites are not hacked by Chinese hackers. This has happened several times in recent years and the CTA's website, www.tibet.net, was also hacked three months ago.
Hackers make mirror image of Citadel site - denverpost.com - 22 Jun 2008
Web-savvy criminals are preying on consumers' financial information more and more often, security experts say.
CHICAGO — The famously discreet Citadel Investment Group draws many of the shrewdest minds from Wall Street to Chicago. Shanghai too.
Unknown people in that Chinese city cloned Citadel's website, set up a link for investor passwords and exposed the $17 billion hedge fund to a "grave risk of theft of confidential information," according to a federal lawsuit that shut down the fake site.
These kinds of nefarious schemes have become shockingly routine for financial institutions, security experts say, and exhibit an increasing level of brashness by people using search engines and customer identities to hijack sensitive data.
"It's not that they're heading in through the back door," said David Fisher, chief executive of the Chicago-based online brokerage OptionsXpress. "It's people coming in through the front door with a user name and password."
Even if companies defuse scams without suffering any losses, as Citadel did, the culprits usually vanish like phantoms. The vast majority escape investigation and prosecution due to an inadequate framework of domestic and international laws.
"Over the next few years, these issues are going to come so far to the forefront that there are going to be more efforts by lawmakers to provide specific laws to remedy these harms," said lawyer Scott Kamber, who represents customers of the brokerage TD Ameritrade in a class-action lawsuit. "It's incumbent on corporate America to get religion on fortifying their security. If they don't, it's going to get very expensive for them."
Investment bank Sandler O'Neill and Partners is trying to determine who penetrated its website, forcing it to shut down for four days last week.
The bank hosted a conference about electronic trading, streaming live video of presentations by 35 companies, including the CME Group, parent company of the Chicago Mercantile Group and Chicago Board of Trade.
Hackers linked some to an overseas website that secretly downloaded a malicious program onto their computers, said someone who reviewed the incident for the bank. While the program was not harmful, the bank instantly notified clients about the incident.
TD Ameritrade is awaiting the settlement of a class-action lawsuit after hackers accessed the accounts of some 6.3 million customers.
The hackers then sent spam to the customers in a scheme to pump up the prices of certain stocks that would then be dumped on unsuspecting buyers.
Kamber compared defending a financial company from these scams to stopping a submarine from sinking: The water can rush into the smallest of cracks.
Dangerous programs infect about 6,000 sites each day, almost one every 14 seconds, according to research by Sophos, an anti-spam and antivirus software company.
Companies such as OptionsXpress take precautions to defend against more complex attacks. One involved keystroke programs downloaded onto hotel computer kiosks in Thailand that capture the passwords of tourists checking their accounts.
A Colombian citizen, Mario Simbaqueba Bonilla, was convicted in April for a similar three-year scam that stole $1.4 million by lifting information from computers at hotels and Internet lounges worldwide, according to the Justice Department.
Federal agents caught and arrested him last year when he flew to the U.S. His baggage included a laptop containing the names, passwords and other financial information of 600 people.
In Citadel's case, the thieves probably wanted to "phish" for investor passwords that would help them access data from the real site. The fake site might also have served as a front to cheat naive investors eager to entrust their money with Citadel.
Citadel said the bogus site produced no unusual activity on its own website.
What distinguished the scam was its apparent reliance on search engines. If you typed "Citadel," "hedge" and "fund" into Google in December, a curious site called "cita del-group.net" popped up.
It bore the hedge fund's turreted logo, but the site contained some unique alterations, such as contact information written in Chinese.
The real Citadel is headquartered in a Chicago skyscraper. A replica of an ancient Greek sculpture and alert security guards watch over its ground floor.
"No writing is allowed here," a guard barked as a visitor with a notebook approached the statue last week.
By Joshua Boak
CHICAGO — The famously discreet Citadel Investment Group draws many of the shrewdest minds from Wall Street to Chicago. Shanghai too.
Unknown people in that Chinese city cloned Citadel's website, set up a link for investor passwords and exposed the $17 billion hedge fund to a "grave risk of theft of confidential information," according to a federal lawsuit that shut down the fake site.
These kinds of nefarious schemes have become shockingly routine for financial institutions, security experts say, and exhibit an increasing level of brashness by people using search engines and customer identities to hijack sensitive data.
"It's not that they're heading in through the back door," said David Fisher, chief executive of the Chicago-based online brokerage OptionsXpress. "It's people coming in through the front door with a user name and password."
Even if companies defuse scams without suffering any losses, as Citadel did, the culprits usually vanish like phantoms. The vast majority escape investigation and prosecution due to an inadequate framework of domestic and international laws.
"Over the next few years, these issues are going to come so far to the forefront that there are going to be more efforts by lawmakers to provide specific laws to remedy these harms," said lawyer Scott Kamber, who represents customers of the brokerage TD Ameritrade in a class-action lawsuit. "It's incumbent on corporate America to get religion on fortifying their security. If they don't, it's going to get very expensive for them."
Investment bank Sandler O'Neill and Partners is trying to determine who penetrated its website, forcing it to shut down for four days last week.
The bank hosted a conference about electronic trading, streaming live video of presentations by 35 companies, including the CME Group, parent company of the Chicago Mercantile Group and Chicago Board of Trade.
Hackers linked some to an overseas website that secretly downloaded a malicious program onto their computers, said someone who reviewed the incident for the bank. While the program was not harmful, the bank instantly notified clients about the incident.
TD Ameritrade is awaiting the settlement of a class-action lawsuit after hackers accessed the accounts of some 6.3 million customers.
The hackers then sent spam to the customers in a scheme to pump up the prices of certain stocks that would then be dumped on unsuspecting buyers.
Kamber compared defending a financial company from these scams to stopping a submarine from sinking: The water can rush into the smallest of cracks.
Dangerous programs infect about 6,000 sites each day, almost one every 14 seconds, according to research by Sophos, an anti-spam and antivirus software company.
Companies such as OptionsXpress take precautions to defend against more complex attacks. One involved keystroke programs downloaded onto hotel computer kiosks in Thailand that capture the passwords of tourists checking their accounts.
A Colombian citizen, Mario Simbaqueba Bonilla, was convicted in April for a similar three-year scam that stole $1.4 million by lifting information from computers at hotels and Internet lounges worldwide, according to the Justice Department.
Federal agents caught and arrested him last year when he flew to the U.S. His baggage included a laptop containing the names, passwords and other financial information of 600 people.
In Citadel's case, the thieves probably wanted to "phish" for investor passwords that would help them access data from the real site. The fake site might also have served as a front to cheat naive investors eager to entrust their money with Citadel.
Citadel said the bogus site produced no unusual activity on its own website.
What distinguished the scam was its apparent reliance on search engines. If you typed "Citadel," "hedge" and "fund" into Google in December, a curious site called "cita del-group.net" popped up.
It bore the hedge fund's turreted logo, but the site contained some unique alterations, such as contact information written in Chinese.
The real Citadel is headquartered in a Chicago skyscraper. A replica of an ancient Greek sculpture and alert security guards watch over its ground floor.
"No writing is allowed here," a guard barked as a visitor with a notebook approached the statue last week.
By Joshua Boak
Photobucket’s DNS records hijacked by Turkish hacking group - ZDnet.com
Photobucket the world’s most popular photo sharing site according to Hitwise had its DNS records highjacked to return a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year. Photobucket users across the world are reporting minor outages of the service and problems when trying to access their accounts, the consequence of what looks like the type of DNS records hijacking that redirected Comcast.net to a third-party domain last month.
Third-party site monitoring services indicate that the site was down for 15 minutes yesterday, from from 17:39:39 to 17:55:10, whereas according to a comment left by a Photobucket Forum Support representative, the downtime due to the propagation of the corrected DNS entries was longer :
“On Tuesday afternoon, some users that typed in the Photobucket.com URL were temporarily redirected to an incorrect page due to an error in our DNS hosting services. The error was fixed within an hour of its discovery, but due to the nature of the problem, some users will not have access to Photobucket for a few hours as the fix rolls out. It is important to note that only a portion of Photobucket users encountered the problem and that no Photobucket content, password information or other personal information was affected by the redirect.”
The hacking group appears to have been using the hosting services of atspace.com, the web hosting service of Zetta hosting solutions, and users of Photobucket attempting to access the site with the old DNS entries are still being redirected to a default hosting ad page within atspace.com. The effect of the redirection can also be seen by taking a peek at the publicly obtainable stats for atspace.com, where the sudden peak in traffic resulting in 118,864 visitors for today came from the default ad page used in the redirection.
With the second DNS hijacking attack against a high-profile domain in the recent months, it seems that adaptive malicious parties unable to directly compromise a site will continue taking advantage of good old-fashioned DNS hijacking. At least to prove that it’s still possible even on a high-profile domain using the services of a Tier 1 domain registrar.
By Dancho Danchev
Third-party site monitoring services indicate that the site was down for 15 minutes yesterday, from from 17:39:39 to 17:55:10, whereas according to a comment left by a Photobucket Forum Support representative, the downtime due to the propagation of the corrected DNS entries was longer :
“On Tuesday afternoon, some users that typed in the Photobucket.com URL were temporarily redirected to an incorrect page due to an error in our DNS hosting services. The error was fixed within an hour of its discovery, but due to the nature of the problem, some users will not have access to Photobucket for a few hours as the fix rolls out. It is important to note that only a portion of Photobucket users encountered the problem and that no Photobucket content, password information or other personal information was affected by the redirect.”
The hacking group appears to have been using the hosting services of atspace.com, the web hosting service of Zetta hosting solutions, and users of Photobucket attempting to access the site with the old DNS entries are still being redirected to a default hosting ad page within atspace.com. The effect of the redirection can also be seen by taking a peek at the publicly obtainable stats for atspace.com, where the sudden peak in traffic resulting in 118,864 visitors for today came from the default ad page used in the redirection.
With the second DNS hijacking attack against a high-profile domain in the recent months, it seems that adaptive malicious parties unable to directly compromise a site will continue taking advantage of good old-fashioned DNS hijacking. At least to prove that it’s still possible even on a high-profile domain using the services of a Tier 1 domain registrar.
By Dancho Danchev
Student held for international card fraud
Chennai: A 20-year-old final year commerce student was arrested here on Tuesday for allegedly swindling credit card holders abroad to the tune of Rs.400,000, the police said.
Bharat Raj Purohit was arrested from a northern suburb here following a complaint from ebay.com, an online trading company.
He had been allegedly tipped off about the loopholes in the trade by two people based in Mumbai and Ahmedabad, a police official in the cyber crime department said.
Purohit swindled credit card holders of US, Canada and Russia after fraudulently obtaining secret access codes. He purchased computers, music systems and other IT accessories.
Approximately Rs.40,000 cash was also seized from him.
Bharat Raj Purohit was arrested from a northern suburb here following a complaint from ebay.com, an online trading company.
He had been allegedly tipped off about the loopholes in the trade by two people based in Mumbai and Ahmedabad, a police official in the cyber crime department said.
Purohit swindled credit card holders of US, Canada and Russia after fraudulently obtaining secret access codes. He purchased computers, music systems and other IT accessories.
Approximately Rs.40,000 cash was also seized from him.
MUMBAI: Three persons, including a Nigerian, were arrested by the Powai police on Friday for duping a shop selling mobile phones by using international credit cards.
They were caught when they went to the same shop for the second time in less than three days.
According to the police, the accused knew that the payments made through international credit cards were cleared after more than 24 hours and they used this lag to dupe a retail chain.
On Wednesday, four persons, including two Nigerians, visited
The Mobile Store at Marol Maroshi in Andheri and bought an i-pod and three mobile phones worth Rs85,547 using credit cards.
The amount didn’t get credited to the shop’s account and manager Ketan Bareya alerted his employees, who got the accused arrested when they tried to dupe them the second time.
A total of 11 international credit cards of several banks were recovered from the trio - main suspect Iyo Kayode (30), a Nigerian, and co-accused Mukesh Atiya (27) and Kalpesh Kachariya (21) - both graduates and residents of Goregaon. Police are looking for their fourth accomplice, Steve Watson — a Nigerian.
The police have booked the trio on charges of cheating, forging and common intention under the Indian Penal Code - they have been remanded in police custody till June 19.
“On Wednesday, two youths came to the shop and selected an i-pod and three mobile phones. After selecting the items, they called two Nigerians who were waiting outside the shop and Watson made the payment through a credit card which he claimed was his,” Bareya said.
Bareya said when the money wasn’t credited into this account even after a day, he alerted his employees. “A day later, the accused again called up at the shop to enquire whether we had any costly mobile phones. They then visited the shop, selected a few mobile phones and placed the credit card for payment. The first two cards declined payment. Not letting them get the whiff of our suspicion, we made them wait in the shop and informed the police,” Bareya said.
About 20 branches of The Mobile Store in the city were duped by the accused. “Nigerians were involved in all the fraud transactions and they had duped the store of Rs15 lakh over a month or two,” Bareya said.
“Atiya, who owns a mobile phone shop in Goregaon, befriended the Nigerians this year when they visited his shop. The Nigerians offered him a mobile phone for every con,” said senior inspector Rajdoot Rupwate of the Powai police station. Rupwate said Atiya sold those handsets at his shop.
Sub-inspector Sanjay Joshi said while Atiya and Kachariya finalised the deal, Kayode and Watson paid using forged credit cards.
“According to the banks’ rule, if a person shops for over Rs10,000 on credit card heshe has to submit an identity proof to the shop. We are verifying whether the cards recovered are actually owned by someone living outside India. Investigations are on to find their involvement in other such cases,” said Joshi.
By V Narayan
They were caught when they went to the same shop for the second time in less than three days.
According to the police, the accused knew that the payments made through international credit cards were cleared after more than 24 hours and they used this lag to dupe a retail chain.
On Wednesday, four persons, including two Nigerians, visited
The Mobile Store at Marol Maroshi in Andheri and bought an i-pod and three mobile phones worth Rs85,547 using credit cards.
The amount didn’t get credited to the shop’s account and manager Ketan Bareya alerted his employees, who got the accused arrested when they tried to dupe them the second time.
A total of 11 international credit cards of several banks were recovered from the trio - main suspect Iyo Kayode (30), a Nigerian, and co-accused Mukesh Atiya (27) and Kalpesh Kachariya (21) - both graduates and residents of Goregaon. Police are looking for their fourth accomplice, Steve Watson — a Nigerian.
The police have booked the trio on charges of cheating, forging and common intention under the Indian Penal Code - they have been remanded in police custody till June 19.
“On Wednesday, two youths came to the shop and selected an i-pod and three mobile phones. After selecting the items, they called two Nigerians who were waiting outside the shop and Watson made the payment through a credit card which he claimed was his,” Bareya said.
Bareya said when the money wasn’t credited into this account even after a day, he alerted his employees. “A day later, the accused again called up at the shop to enquire whether we had any costly mobile phones. They then visited the shop, selected a few mobile phones and placed the credit card for payment. The first two cards declined payment. Not letting them get the whiff of our suspicion, we made them wait in the shop and informed the police,” Bareya said.
About 20 branches of The Mobile Store in the city were duped by the accused. “Nigerians were involved in all the fraud transactions and they had duped the store of Rs15 lakh over a month or two,” Bareya said.
“Atiya, who owns a mobile phone shop in Goregaon, befriended the Nigerians this year when they visited his shop. The Nigerians offered him a mobile phone for every con,” said senior inspector Rajdoot Rupwate of the Powai police station. Rupwate said Atiya sold those handsets at his shop.
Sub-inspector Sanjay Joshi said while Atiya and Kachariya finalised the deal, Kayode and Watson paid using forged credit cards.
“According to the banks’ rule, if a person shops for over Rs10,000 on credit card heshe has to submit an identity proof to the shop. We are verifying whether the cards recovered are actually owned by someone living outside India. Investigations are on to find their involvement in other such cases,” said Joshi.
By V Narayan
Citibank man, 3 others duped in credit card fraud - Express News Service - 20 Jun 2008
Pune June 20 A senior Citibank officer and three customers were cheated of Rs 10 lakh in a credit card fraud. Sunil Nade (33), manager of the Financial Resource Management (FRM) division of Citibank’s east street branch, has lodged a complaint with the Bund Garden police station.
The police have arrested a person identified as Bharat Kansukhbahi Soni of Mumbai. Nade and three of his bank customers had gone to Hotel Le-Meridian on Bund Garden Road on May 7. They paid the bill through credit cards. It is suspected that when Nade gave the credit cards for the payment, the accused Soni and his accomplices Asif and Javed were present at the hotel. The accused managed to copy the credit card details in a computer using an electronic device.
He then used these details for making fake credit cards and buying goods worth Rs 10,03,679 in Mumbai and Surat till June 13.
The fraud came to light when the victims got the credit card slips recently. The case was transferred to the crime branch for investigations.
A police team arrested Soni at Mumbai. Soni has been remanded to police custody till June 25. A search was on for nabbing the Asif and Javed, who are suspected to be the kingpins.
The police have arrested a person identified as Bharat Kansukhbahi Soni of Mumbai. Nade and three of his bank customers had gone to Hotel Le-Meridian on Bund Garden Road on May 7. They paid the bill through credit cards. It is suspected that when Nade gave the credit cards for the payment, the accused Soni and his accomplices Asif and Javed were present at the hotel. The accused managed to copy the credit card details in a computer using an electronic device.
He then used these details for making fake credit cards and buying goods worth Rs 10,03,679 in Mumbai and Surat till June 13.
The fraud came to light when the victims got the credit card slips recently. The case was transferred to the crime branch for investigations.
A police team arrested Soni at Mumbai. Soni has been remanded to police custody till June 25. A search was on for nabbing the Asif and Javed, who are suspected to be the kingpins.
Two held for making fake identity cards, licenses - TOI - 22 Jun 2008
CHENNAI: The arrest of two men involved in a forgery racket and their demonstration before police as to how a fake driving license can be produced within a matter of few minutes has once again brought to fore how ill-equipped authorities are in their fight against forgery.
R Ramesh (36), a computer science diploma holder and his friend S Babu (28), on Saturday, stunned the Nungambakkam police by issuing a fake driving license to a policeman. "He collected my photograph, scanned it and created a driving license within a few minutes," a policeman attached to the Nungambakkam police station told the Times of India.
The two men were arrested on Friday for forging driving licences, PAN cards and voters' identity cards and issuing them to people applying for passports and bank loans. Sri Lankan Tamils, who could not use their original passports to go to the UK, Europe and Canada, used the services of the duo to obtain Indian passports.
Ramesh and Babu have been involved in this illegal business for more than six months and were operating out of Nesapakkam in K K Nagar.
"They had the driving license format, the signatures and seals of the authorities stored in their computer.
Their customers had to just provide their photographs. The duo then would scan the photograph, fix it on the slot and take a colour printout. They also had the formats of election ID cards, driving licenses and PAN cards with them," K N Murali, assistant commissioner of police, Nungambakkam, said.
With forgery of documents like passports and other identification cards being done with ease by criminals using precision technology, it is high time the authorities resorted to harnessing biometric technology in surveillance systems.
Incidentally, biometrics is an access-control technology that analyses fingerprints, facial features or other physical characteristics of human beings. Computers which work on this technology reduces an image to a template of "minutia points'' — notable features such as a loop in a fingerprint.
Though six branches of biometrics — fingerprints, hand geometry, iris and retina scanners, voice recognition systems, and facial recognition systems — are already in application in some of the states, Tamil Nadu is nowhere near introducing the system.
"Though we are considering its feasibility, there are no serious plans to introduce it in the near future. Technology or resources is not the problem. It's just that we have to take the decision," said CP Singh, transport commissioner.
With no biometric computers to aid police surveillance, it's been a field day for criminals such as Ramesh and Babu. "They had a network with brokers at Shastri Bhavan, where the passport office is located. The duo used to collect Rs 5,000 for an ID card, if the applicant wanted to apply for a passport, but charged loan applicants only Rs 1,000," an official said.
The police got a tip-off about the racket from Nanthakumaran, a native of Vavuniya in Sri Lanka, who was arrested while attempting to apply for a passport in Chennai recently. Nanthakumaran had come to India using a Sri Lankan passport and tried to get an Indian passport. He collected a fake election ID from the duo. However, police had no clue about the gang when Nanthakumaran was arrested. When the Sri Lankan had come to the
Nungambakkam police station to sign as per the bail condition, he was questioned again, when he revealed about Ramesh and Babu.
History of the biometric system
The use of biometric technology, which utitilises body characteristics to identify a person, goes back to the ancient civilisations of Egypt and China. However, modern-day biometrics has evolved thanks to the contribution of several minds.
Joao De Barros, a European explorer is credited with recording the first known system of fingerprinting in the 14th century AD. Alphonse Bertillon, a policeman from Paris, studied body mechanics in an effort to identify criminals. In recent years, John Daugman, a physicist, has done pioneering work in developing the bio metric iris recognition system. Owing to its accuracy, biometric systems are being used to help nab terrorists.
Pakistan recently installed biometric systems at its border to keep a check on cross-border militancy from Afghanistan.
When K Vijaykumar was Chennai city police commissioner five years ago, the city police had worked on a project to link their database of criminals with each and every patrol unit in the city. This project was then headed by joint commissioner MK Jha.
With the aid of biometric computers, patrol units, upon spotting a suspect on the road, could scan and take in the person's details and send it to the commissioner's office. Within minutes, the suspect's data could be cross-checked with the database. The project has, however, been shelved owing to the prohibitive cost involved.
However, a senior official said if government takes a policy decision, it could be introduced pretty fast. "Much of the ground work has already been completed," he said.
R Ramesh (36), a computer science diploma holder and his friend S Babu (28), on Saturday, stunned the Nungambakkam police by issuing a fake driving license to a policeman. "He collected my photograph, scanned it and created a driving license within a few minutes," a policeman attached to the Nungambakkam police station told the Times of India.
The two men were arrested on Friday for forging driving licences, PAN cards and voters' identity cards and issuing them to people applying for passports and bank loans. Sri Lankan Tamils, who could not use their original passports to go to the UK, Europe and Canada, used the services of the duo to obtain Indian passports.
Ramesh and Babu have been involved in this illegal business for more than six months and were operating out of Nesapakkam in K K Nagar.
"They had the driving license format, the signatures and seals of the authorities stored in their computer.
Their customers had to just provide their photographs. The duo then would scan the photograph, fix it on the slot and take a colour printout. They also had the formats of election ID cards, driving licenses and PAN cards with them," K N Murali, assistant commissioner of police, Nungambakkam, said.
With forgery of documents like passports and other identification cards being done with ease by criminals using precision technology, it is high time the authorities resorted to harnessing biometric technology in surveillance systems.
Incidentally, biometrics is an access-control technology that analyses fingerprints, facial features or other physical characteristics of human beings. Computers which work on this technology reduces an image to a template of "minutia points'' — notable features such as a loop in a fingerprint.
Though six branches of biometrics — fingerprints, hand geometry, iris and retina scanners, voice recognition systems, and facial recognition systems — are already in application in some of the states, Tamil Nadu is nowhere near introducing the system.
"Though we are considering its feasibility, there are no serious plans to introduce it in the near future. Technology or resources is not the problem. It's just that we have to take the decision," said CP Singh, transport commissioner.
With no biometric computers to aid police surveillance, it's been a field day for criminals such as Ramesh and Babu. "They had a network with brokers at Shastri Bhavan, where the passport office is located. The duo used to collect Rs 5,000 for an ID card, if the applicant wanted to apply for a passport, but charged loan applicants only Rs 1,000," an official said.
The police got a tip-off about the racket from Nanthakumaran, a native of Vavuniya in Sri Lanka, who was arrested while attempting to apply for a passport in Chennai recently. Nanthakumaran had come to India using a Sri Lankan passport and tried to get an Indian passport. He collected a fake election ID from the duo. However, police had no clue about the gang when Nanthakumaran was arrested. When the Sri Lankan had come to the
Nungambakkam police station to sign as per the bail condition, he was questioned again, when he revealed about Ramesh and Babu.
History of the biometric system
The use of biometric technology, which utitilises body characteristics to identify a person, goes back to the ancient civilisations of Egypt and China. However, modern-day biometrics has evolved thanks to the contribution of several minds.
Joao De Barros, a European explorer is credited with recording the first known system of fingerprinting in the 14th century AD. Alphonse Bertillon, a policeman from Paris, studied body mechanics in an effort to identify criminals. In recent years, John Daugman, a physicist, has done pioneering work in developing the bio metric iris recognition system. Owing to its accuracy, biometric systems are being used to help nab terrorists.
Pakistan recently installed biometric systems at its border to keep a check on cross-border militancy from Afghanistan.
When K Vijaykumar was Chennai city police commissioner five years ago, the city police had worked on a project to link their database of criminals with each and every patrol unit in the city. This project was then headed by joint commissioner MK Jha.
With the aid of biometric computers, patrol units, upon spotting a suspect on the road, could scan and take in the person's details and send it to the commissioner's office. Within minutes, the suspect's data could be cross-checked with the database. The project has, however, been shelved owing to the prohibitive cost involved.
However, a senior official said if government takes a policy decision, it could be introduced pretty fast. "Much of the ground work has already been completed," he said.
Sunday, June 22, 2008
Thousands hit in ATM scam - 19 Jun 2008
Thousands of bank customers have been defrauded of millions of dollars in one of the most elaborate automatic-teller theft operations ever seen in the Toronto area, police said yesterday, announcing multiple arrests and the dismantling of a network of what they termed "debit-card labs."
Dozens of bank machines were compromised - possibly more - and investigators are still trying to assess the scope of the mass ripoff, said Staff Inspector Steve Harris of the Toronto fraud squad.
The scam involved surreptitiously recording customers' debit-card data as they did their banking and then transferring it to assorted types of phony, custom-modified cards being churned out in at least three different locations.
"I wouldn't say it's easy, it takes sophistication and you have to have the right equipment," Staff Insp. Harris said. "But this particular gang was sophisticated."
Eight people face a total of 101 charges, mostly fraud-related, in a scheme police say was spread across Toronto, York Region and Peel Region.
One of the counterfeit-card labs was in a large industrial complex in York. A second was in a Toronto apartment. A third was discovered in a car.
The scam was far from unique. Canadians are among the world's most prolific users of debit cards, and last year, thieves defrauded roughly 159,000 card holders of more than $100-million, statistics compiled by the Interac Association show. (As with credit-card theft, the losses are almost always picked up by the financial institution.)
This operation, however, displayed particular finesse.
After six weeks of surveillance and other covert work, the joint-forces investigation netted $120,000 in cash, skimmers, card readers, cameras, embossers, moulding machines, and other hardware.
And while all the major banks appear to have been hit, until experts have examined the 40 computers that were also seized, they won't know how many customers were defrauded.
"It's going to be thousands and thousands," Staff Insp. Harris said. As to the number of compromised bank machines, "I'd start with dozens, but that may expand."
Debit-card theft entails stealing and marrying up two sets of details: the data in the car's magnetic stripe and the user's PIN - personal identification number.
In this instance, the primary target was high-volume, 24-hour teller machines in satellite locations rather than on bank premises.
As lookouts kept watch, police said, the thieves were able in a matter of minutes to install near-invisible pinhole cameras in and around the ATM booths.
Simultaneously, they would insert plastic overlays over the machine's card-reader, containing reading equipment that would relay the data to a remote storage device.
The data would then be transferred on to all types of cards, new and discarded. Cards originating from outlets as diverse as Wal-Mart, Royal Bank, CIBC, Old Navy, Starbucks and Toys "R" Us were seized in the police raids.
Even long-discarded hotel-room cards can be custom-fitted with the data needed to drain or deplete a bank account.
"These were pretty much start-to-finish labs," Detective Ian Nichol said. "Anything with a magnetic stripe can ultimately be adapted for that use."
By TIMOTHY APPLEBY
Dozens of bank machines were compromised - possibly more - and investigators are still trying to assess the scope of the mass ripoff, said Staff Inspector Steve Harris of the Toronto fraud squad.
The scam involved surreptitiously recording customers' debit-card data as they did their banking and then transferring it to assorted types of phony, custom-modified cards being churned out in at least three different locations.
"I wouldn't say it's easy, it takes sophistication and you have to have the right equipment," Staff Insp. Harris said. "But this particular gang was sophisticated."
Eight people face a total of 101 charges, mostly fraud-related, in a scheme police say was spread across Toronto, York Region and Peel Region.
One of the counterfeit-card labs was in a large industrial complex in York. A second was in a Toronto apartment. A third was discovered in a car.
The scam was far from unique. Canadians are among the world's most prolific users of debit cards, and last year, thieves defrauded roughly 159,000 card holders of more than $100-million, statistics compiled by the Interac Association show. (As with credit-card theft, the losses are almost always picked up by the financial institution.)
This operation, however, displayed particular finesse.
After six weeks of surveillance and other covert work, the joint-forces investigation netted $120,000 in cash, skimmers, card readers, cameras, embossers, moulding machines, and other hardware.
And while all the major banks appear to have been hit, until experts have examined the 40 computers that were also seized, they won't know how many customers were defrauded.
"It's going to be thousands and thousands," Staff Insp. Harris said. As to the number of compromised bank machines, "I'd start with dozens, but that may expand."
Debit-card theft entails stealing and marrying up two sets of details: the data in the car's magnetic stripe and the user's PIN - personal identification number.
In this instance, the primary target was high-volume, 24-hour teller machines in satellite locations rather than on bank premises.
As lookouts kept watch, police said, the thieves were able in a matter of minutes to install near-invisible pinhole cameras in and around the ATM booths.
Simultaneously, they would insert plastic overlays over the machine's card-reader, containing reading equipment that would relay the data to a remote storage device.
The data would then be transferred on to all types of cards, new and discarded. Cards originating from outlets as diverse as Wal-Mart, Royal Bank, CIBC, Old Navy, Starbucks and Toys "R" Us were seized in the police raids.
Even long-discarded hotel-room cards can be custom-fitted with the data needed to drain or deplete a bank account.
"These were pretty much start-to-finish labs," Detective Ian Nichol said. "Anything with a magnetic stripe can ultimately be adapted for that use."
By TIMOTHY APPLEBY
400 charged as U.S. cracks down on mortgage fraud
WASHINGTON -- With Wall Street executives handcuffed and paraded in front of TV cameras and dozens of alleged mortgage scam artists arrested in cities nationwide, the penalty phase of the mortgage meltdown has begun in earnest.
The Justice Department said Thursday that more than 400 real estate industry players, including dozens in recent days, had been charged since March in a federal crackdown on incidents of mortgage fraud that have contributed to the housing crisis. Those arrested included brokers, appraisers, bankers and lenders.
The announcement came on the same day that two former hedge fund managers at Bear Stearns Cos. were arrested on suspicion of misleading investors about a fund that invested in sub-prime loans and collapsed at a cost to investors of $1.4 billion.
The executives became the first Wall Street figures to be charged criminally in the wake of the sub-prime debacle. The charges against them could be a road map for authorities to hold other Wall Street executives to account.
The FBI estimated the losses to homeowners and other borrowers who were victims of mortgage fraud at more than $1 billion. That is a small fraction of the near $1 trillion in losses worldwide that have been chalked up to the U.S. mortgage fiasco, and federal officials said the number of cases under investigation continues to grow rapidly.
California has been a center of mortgage fraud. On Thursday, Justice Department officials in Los Angeles announced the formation of a nine-agency task force to target those crimes.
"Whether committed by unscrupulous lenders, real estate professionals or desperate homeowners, mortgage fraud affects all of us," said Thomas P. O'Brien, the U.S. attorney in Los Angeles. "Defaults on inflated loans and resulting foreclosures impose huge monetary and social costs, as well as making it more expensive for everyone to obtain credit."
In Washington, FBI Director Robert S. Mueller III said the number of cases of possible mortgage fraud the bureau was investigating had doubled in the last three years to more than 1,400 as of May 31.
"To persons who . . . are involved in such schemes, we will find you. You will be investigated and you will be prosecuted," he said. "To those who would contemplate . . . engaging in such schemes, you will spend time in jail. That is the message we're sending out."
Kevin Stein, associate director of the San Francisco-based California Reinvestment Coalition, said he welcomed the federal crackdown but that it may have come too late "for the thousands upon thousands of borrowers who have been victimized by mortgage fraud."
Robert Gnaizda, policy director for the Greenlining Institute in Berkeley, said he feared the government would seek to make examples of mortgage brokers when the true culprits were the lenders and Wall Street firms he said had provided loans they knew were unaffordable in the long run.
"Mortgage brokers only did what financial institutions allowed them to do," Gnaizda said.
FBI officials said their "Operation Malicious Mortgage" focused on individual cases and smaller crime rings. The agency said it was also probing 19 companies, including investment banks and hedge funds, that may have engaged in accounting fraud or other crimes related to mortgage securities.
FBI officials also said they were investigating cases in which gangs and organized crime are suspected of mortgage fraud. "It is a means by which individuals could launder their money," said Sharon Ormsby, chief of the FBI's financial crimes section.
Prosecutors said their crackdown resulted in 60 arrests on Wednesday alone, including in Chicago, Miami and Houston. Mueller said the FBI had seized more than $60 million in assets as part of the sweep, including luxury cars, speedboats and a helicopter.
The 400 cases cover a range of mortgage scams, the officials said. The defendants include a suburban Washington couple charged with running a $35-million fraudulent foreclosure rescue operation called the Metropolitan Money Store.
The firm allegedly used fake buyers to take control of homes while promising the homeowners they could continue living there and buy back their property after a year, when they were back on their feet. But Metropolitan allegedly took out loans against the value of the homes, burying them further in debt and making it impossible for the former owners to reclaim them.
Joy Jackson, president of the Metropolitan Money Store of Lanham, Md., and her husband, Kurt Fordham, were arrested last week in North Carolina. Prosecutors allege that Jackson, Fordham and six other defendants used money from the elaborate scheme to pay for a lavish lifestyle that included luxury cars, houses, jewelry, fur coats and travel.
Investigators' suspicions grew after Jackson and Fordham threw a wedding reception at the Mayflower Hotel in Washington for 360 guests. Jackson reportedly told friends that the event, with lobster and Cristal champagne on the menu and singer Patti LaBelle entertaining, cost nearly $800,000.
In Los Angeles, federal authorities said their new SCAM task force (which stands for Southern California Mortgage) would include the U.S. attorney's office, the IRS, the U.S. Postal Inspection Service and the Small Business Administration, among other agencies.
It will focus on two types of cases, "fraud for profit" and "fraud for housing," the FBI said.
The first category accounts for about 80% of all mortgage fraud and involves such schemes as skimming equity or borrowing against falsely inflated property values -- scams often carried out by several players working in concert. Fraud-for-housing schemes are perpetrated solely by borrowers who acquire and maintain real estate under false pretenses.
In what prosecutors believe to be the largest fraud-for-profit case in California history, two well-known Beverly Hills real estate agents are accused of conspiring with others to secure $142 million in loans by falsely inflating the values of homes in exclusive enclaves of Northern and Southern California.
Prosecutors say the losses to two lenders, including Lehman Bros. Bank, exceeded $40 million.
Former star agents Joseph Babajian and Kyle Grasso have pleaded not guilty to a raft of charges, including conspiracy, loan fraud and money laundering. They are scheduled for trial in October.
Seven other people have pleaded guilty and await sentencing, including developers Charles Elliott Fitzgerald and Mark Alan Abrams.
Fitzgerald, who fled the country in 2003 and was later arrested in Samoa, has admitted to reaping at least $5 million from the fraud. He faces a mandatory 10-year sentence on one of the charges, conducting a continuing criminal enterprise, said Assistant U.S. Atty. Jeremy D. Matz, one of the prosecutors.
"The fraud in this case lasted from 1999 to 2003," Matz said. "Those were some really, obviously plum years for real estate, especially in California, where the market was taking off."
Lenders, meanwhile, have been accused repeatedly of cheating borrowers. Ameriquest Mortgage Co. of Orange settled with 49 states in 2006 by agreeing to pay $325 million and clean up its lending practices.
New Century Financial Corp. of Irvine, which had been the largest independent sub-prime lender until it collapsed into bankruptcy, has told shareholders it is under federal criminal investigation. The probe centers on allegations that its top executives made millions of dollars exercising stock options while failing to warn how quickly the loans they had sold to Wall Street were going sour. Through attorneys, the executives have denied wrongdoing.
Investigators also have focused on Countrywide Financial Corp., the No. 1 home lender. The Securities and Exchange Commission, the U.S. attorney in Los Angeles and the state attorney general's office have told The Times they were conducting separate probes of the Calabasas company. Countrywide was near collapse in January, when it agreed to be sold to Bank of America Corp.
Denying that it acted improperly, the company has said it was cooperating with investigators.
By Richard B. Schmitt, Kim Christensen and E. Scott Reckard, Los Angeles Times Staff Writers
The Justice Department said Thursday that more than 400 real estate industry players, including dozens in recent days, had been charged since March in a federal crackdown on incidents of mortgage fraud that have contributed to the housing crisis. Those arrested included brokers, appraisers, bankers and lenders.
The announcement came on the same day that two former hedge fund managers at Bear Stearns Cos. were arrested on suspicion of misleading investors about a fund that invested in sub-prime loans and collapsed at a cost to investors of $1.4 billion.
The executives became the first Wall Street figures to be charged criminally in the wake of the sub-prime debacle. The charges against them could be a road map for authorities to hold other Wall Street executives to account.
The FBI estimated the losses to homeowners and other borrowers who were victims of mortgage fraud at more than $1 billion. That is a small fraction of the near $1 trillion in losses worldwide that have been chalked up to the U.S. mortgage fiasco, and federal officials said the number of cases under investigation continues to grow rapidly.
California has been a center of mortgage fraud. On Thursday, Justice Department officials in Los Angeles announced the formation of a nine-agency task force to target those crimes.
"Whether committed by unscrupulous lenders, real estate professionals or desperate homeowners, mortgage fraud affects all of us," said Thomas P. O'Brien, the U.S. attorney in Los Angeles. "Defaults on inflated loans and resulting foreclosures impose huge monetary and social costs, as well as making it more expensive for everyone to obtain credit."
In Washington, FBI Director Robert S. Mueller III said the number of cases of possible mortgage fraud the bureau was investigating had doubled in the last three years to more than 1,400 as of May 31.
"To persons who . . . are involved in such schemes, we will find you. You will be investigated and you will be prosecuted," he said. "To those who would contemplate . . . engaging in such schemes, you will spend time in jail. That is the message we're sending out."
Kevin Stein, associate director of the San Francisco-based California Reinvestment Coalition, said he welcomed the federal crackdown but that it may have come too late "for the thousands upon thousands of borrowers who have been victimized by mortgage fraud."
Robert Gnaizda, policy director for the Greenlining Institute in Berkeley, said he feared the government would seek to make examples of mortgage brokers when the true culprits were the lenders and Wall Street firms he said had provided loans they knew were unaffordable in the long run.
"Mortgage brokers only did what financial institutions allowed them to do," Gnaizda said.
FBI officials said their "Operation Malicious Mortgage" focused on individual cases and smaller crime rings. The agency said it was also probing 19 companies, including investment banks and hedge funds, that may have engaged in accounting fraud or other crimes related to mortgage securities.
FBI officials also said they were investigating cases in which gangs and organized crime are suspected of mortgage fraud. "It is a means by which individuals could launder their money," said Sharon Ormsby, chief of the FBI's financial crimes section.
Prosecutors said their crackdown resulted in 60 arrests on Wednesday alone, including in Chicago, Miami and Houston. Mueller said the FBI had seized more than $60 million in assets as part of the sweep, including luxury cars, speedboats and a helicopter.
The 400 cases cover a range of mortgage scams, the officials said. The defendants include a suburban Washington couple charged with running a $35-million fraudulent foreclosure rescue operation called the Metropolitan Money Store.
The firm allegedly used fake buyers to take control of homes while promising the homeowners they could continue living there and buy back their property after a year, when they were back on their feet. But Metropolitan allegedly took out loans against the value of the homes, burying them further in debt and making it impossible for the former owners to reclaim them.
Joy Jackson, president of the Metropolitan Money Store of Lanham, Md., and her husband, Kurt Fordham, were arrested last week in North Carolina. Prosecutors allege that Jackson, Fordham and six other defendants used money from the elaborate scheme to pay for a lavish lifestyle that included luxury cars, houses, jewelry, fur coats and travel.
Investigators' suspicions grew after Jackson and Fordham threw a wedding reception at the Mayflower Hotel in Washington for 360 guests. Jackson reportedly told friends that the event, with lobster and Cristal champagne on the menu and singer Patti LaBelle entertaining, cost nearly $800,000.
In Los Angeles, federal authorities said their new SCAM task force (which stands for Southern California Mortgage) would include the U.S. attorney's office, the IRS, the U.S. Postal Inspection Service and the Small Business Administration, among other agencies.
It will focus on two types of cases, "fraud for profit" and "fraud for housing," the FBI said.
The first category accounts for about 80% of all mortgage fraud and involves such schemes as skimming equity or borrowing against falsely inflated property values -- scams often carried out by several players working in concert. Fraud-for-housing schemes are perpetrated solely by borrowers who acquire and maintain real estate under false pretenses.
In what prosecutors believe to be the largest fraud-for-profit case in California history, two well-known Beverly Hills real estate agents are accused of conspiring with others to secure $142 million in loans by falsely inflating the values of homes in exclusive enclaves of Northern and Southern California.
Prosecutors say the losses to two lenders, including Lehman Bros. Bank, exceeded $40 million.
Former star agents Joseph Babajian and Kyle Grasso have pleaded not guilty to a raft of charges, including conspiracy, loan fraud and money laundering. They are scheduled for trial in October.
Seven other people have pleaded guilty and await sentencing, including developers Charles Elliott Fitzgerald and Mark Alan Abrams.
Fitzgerald, who fled the country in 2003 and was later arrested in Samoa, has admitted to reaping at least $5 million from the fraud. He faces a mandatory 10-year sentence on one of the charges, conducting a continuing criminal enterprise, said Assistant U.S. Atty. Jeremy D. Matz, one of the prosecutors.
"The fraud in this case lasted from 1999 to 2003," Matz said. "Those were some really, obviously plum years for real estate, especially in California, where the market was taking off."
Lenders, meanwhile, have been accused repeatedly of cheating borrowers. Ameriquest Mortgage Co. of Orange settled with 49 states in 2006 by agreeing to pay $325 million and clean up its lending practices.
New Century Financial Corp. of Irvine, which had been the largest independent sub-prime lender until it collapsed into bankruptcy, has told shareholders it is under federal criminal investigation. The probe centers on allegations that its top executives made millions of dollars exercising stock options while failing to warn how quickly the loans they had sold to Wall Street were going sour. Through attorneys, the executives have denied wrongdoing.
Investigators also have focused on Countrywide Financial Corp., the No. 1 home lender. The Securities and Exchange Commission, the U.S. attorney in Los Angeles and the state attorney general's office have told The Times they were conducting separate probes of the Calabasas company. Countrywide was near collapse in January, when it agreed to be sold to Bank of America Corp.
Denying that it acted improperly, the company has said it was cooperating with investigators.
By Richard B. Schmitt, Kim Christensen and E. Scott Reckard, Los Angeles Times Staff Writers
Cybercrime syndicate steals GBP 12.8 million from South African government- epnn.com
South African Minister for Finance and Economic Development reveals that a cybercrime group has defrauded the government with ZAR 199 million (GBP 12.8 million) through spyware infection-driven frauds.
The police has made 32 arrests in connection with more than 80 fraud counts. Commenting on the case, CTO of IT security vendor Tier-3 Geoff Sweeney said the spyware attacks are difficult to stop in their tracks due to their unpredictable nature. Sweeney added that these types of fraud are hard to stop using a traditional single line of defence security strategy. He suggests companies need to rethink their strategies since fraudsters’ attacks are becoming more sophisticated.
The police has made 32 arrests in connection with more than 80 fraud counts. Commenting on the case, CTO of IT security vendor Tier-3 Geoff Sweeney said the spyware attacks are difficult to stop in their tracks due to their unpredictable nature. Sweeney added that these types of fraud are hard to stop using a traditional single line of defence security strategy. He suggests companies need to rethink their strategies since fraudsters’ attacks are becoming more sophisticated.
Feds join probe of ATM hacking
SOUTH BEND - The FBI was meeting with police and bank officials Wednesday to determine how many customers of northern Indiana financial institutions had money stolen by hackers in Spain, Russia, Nigeria and the Ukraine.
“We're trying to determine what we have here,” said Special Agent Wendy Osborne, an FBI spokeswoman.
The FBI got involved Monday when it received a report from Burns Harbor police, she said.
St. Joseph County Police Department spokesman Sgt. Bill Redman said at least eight financial institutions in the county had reported fraudulent transactions between Saturday and Wednesday. But he said other financial institutions could be involved.
Teachers Credit Union had at least 150 victims, 1st Source Bank had 75 and Notre Dame Federal Credit Union had 31. Most losses were for less than $200, but at least one person reported losing nearly $4,000. It is not known how much total money was stolen.
Officials at the financial institutions said customers won't be held liable for the losses.
Bank officials said the victims they know of appear to have all used 1st Source Bank ATMs during the first 10 days of May. James Seitz, 1st Source senior vice president, said officials from his bank met with officials from other financial institutions on Wednesday to discuss the situation.
“As we're piecing this puzzle together, it appears that there may be a common thread,” Seitz said.
A security consulting firm alerted 1st Source about a computer breach on May 12. The bank shut down its computer system and contacted authorities. Two weeks ago, 1st Source sent letters to customers asking them to monitor their accounts for suspicious activity. There was no sign of illegal activity until Saturday. Redman said the police contacted the FBI on Tuesday seeking help.
“Obviously federal agencies are going to have more resources and be able to help a little bit more than we will,” Redman said.
“We're trying to determine what we have here,” said Special Agent Wendy Osborne, an FBI spokeswoman.
The FBI got involved Monday when it received a report from Burns Harbor police, she said.
St. Joseph County Police Department spokesman Sgt. Bill Redman said at least eight financial institutions in the county had reported fraudulent transactions between Saturday and Wednesday. But he said other financial institutions could be involved.
Teachers Credit Union had at least 150 victims, 1st Source Bank had 75 and Notre Dame Federal Credit Union had 31. Most losses were for less than $200, but at least one person reported losing nearly $4,000. It is not known how much total money was stolen.
Officials at the financial institutions said customers won't be held liable for the losses.
Bank officials said the victims they know of appear to have all used 1st Source Bank ATMs during the first 10 days of May. James Seitz, 1st Source senior vice president, said officials from his bank met with officials from other financial institutions on Wednesday to discuss the situation.
“As we're piecing this puzzle together, it appears that there may be a common thread,” Seitz said.
A security consulting firm alerted 1st Source about a computer breach on May 12. The bank shut down its computer system and contacted authorities. Two weeks ago, 1st Source sent letters to customers asking them to monitor their accounts for suspicious activity. There was no sign of illegal activity until Saturday. Redman said the police contacted the FBI on Tuesday seeking help.
“Obviously federal agencies are going to have more resources and be able to help a little bit more than we will,” Redman said.
Credit card fraud booms in SA - iol.co.za – 19 Jun 2008
Consumers are losing millions of rand every year as credit card fraud skyrocketed in South Africa over the past three years, the SA Banking Risk Information Centre (SABRIC) said on Thursday.
Head of Sabric's Commercial Crime branch, Susan Potgieter, was speaking at a media briefing in Durban.
She said annual comparisons had revealed a drastic increase as criminals had been "tricking weak consumers".
In the 2005/2006 financial year, she said, the crime had gone up by 46 percent.
This had increased in the 2006/2007 financial year to 97 percent. From last year up until present, it had gone up by another 57 percent.
Potgieter said it the first five months of this year, statistics showed the crime was most prevalent in Gauteng.
"Gauteng was at 46,7 percent, the Western Cape was at 19 percent and KwaZulu-Natal was at 17,2 percent," she said.
She said the trend had changed since last year.
"Groceries stores were the most targeted last year and this year it's liquor stores that are at the top of the list."
Captain Louis Helberg of the Commercial Crime Unit in Durban said a credit card syndicate had been using card skimming devices to defraud scores of people at ATM machines, restaurants and casinos.
He said the device was being imported, particularly from China, and could be bought easily over the internet.
The black device - which is about the size of cigarette lighter - copies data from the magnetic strip on the back of bank cards and each device can be used to copy about 2 000 cards.
"It's an offence just to be in possession of this device and therefore we want people to be aware of it," he said.
Potgieter said one can spend up to about five years in prison for just possessing the device.
Helberg said they continued to make arrests but said the crime still grew.
The latest arrest was made last week at Mount Edgecombe.
Potgieter said: "The crime has evolved over the years and criminals are relying on consumer weakness and that's why we want to educate people using cards.
"People must be smart and alert at all times so criminals can stop abusing the commercial space." – Sapa
Head of Sabric's Commercial Crime branch, Susan Potgieter, was speaking at a media briefing in Durban.
She said annual comparisons had revealed a drastic increase as criminals had been "tricking weak consumers".
In the 2005/2006 financial year, she said, the crime had gone up by 46 percent.
This had increased in the 2006/2007 financial year to 97 percent. From last year up until present, it had gone up by another 57 percent.
Potgieter said it the first five months of this year, statistics showed the crime was most prevalent in Gauteng.
"Gauteng was at 46,7 percent, the Western Cape was at 19 percent and KwaZulu-Natal was at 17,2 percent," she said.
She said the trend had changed since last year.
"Groceries stores were the most targeted last year and this year it's liquor stores that are at the top of the list."
Captain Louis Helberg of the Commercial Crime Unit in Durban said a credit card syndicate had been using card skimming devices to defraud scores of people at ATM machines, restaurants and casinos.
He said the device was being imported, particularly from China, and could be bought easily over the internet.
The black device - which is about the size of cigarette lighter - copies data from the magnetic strip on the back of bank cards and each device can be used to copy about 2 000 cards.
"It's an offence just to be in possession of this device and therefore we want people to be aware of it," he said.
Potgieter said one can spend up to about five years in prison for just possessing the device.
Helberg said they continued to make arrests but said the crime still grew.
The latest arrest was made last week at Mount Edgecombe.
Potgieter said: "The crime has evolved over the years and criminals are relying on consumer weakness and that's why we want to educate people using cards.
"People must be smart and alert at all times so criminals can stop abusing the commercial space." – Sapa
Cyber scamsters run for cover - TOI - 20 Jun 2008
AHMEDABAD: Cyber hackers are ducking for cover after the nation-wide police crackdown following the busting of the online shopping fraud by the Ahmedabad police.
After the arrest of their kingpins in Mumbai, Chennai and Ahmedabad, there are warnings posted on hacking websites against "indulging in 'carding' for the time being".
"Carding in hackers' jargon stands for dealing in a huge database containing confidential information of credit card holders such as user name, expiry date, credit value verification (CVV) numbers and address. Such data are kept by the IT division of any financial institute. Most of the times, hackers enter into protected servers and steal the data. They do it with utmost care and expertise. At any given time, there are more than 5,000 database available on various websites. However, to access it, one has to become member of the paid community," said Sunny Vaghela, a cyber security expert. These hacking websites had many members posting links to TOI's published stories on the online shopping fraud and discussed the implications of opening up of their network.
One post read: "Hope they will come out soon", about the hackers caught. Another read: "Oh s*@#! If they got cards from here then maybe we should close registrations quicker...damn that's lame...old members." In another community, a seeming veteran advised juniors "not to leave cyber footprints and clear up the record before logging out".
The same website forum has tutorials on how to hack into government and non-government organizations and to access backdoor password of financial gateways. After the surfacing of eBay hacking incidents, the website says, cyber crime cells are active in various affected countries and are keeping a tab on suspicious websites.
By Parth Shastri
After the arrest of their kingpins in Mumbai, Chennai and Ahmedabad, there are warnings posted on hacking websites against "indulging in 'carding' for the time being".
"Carding in hackers' jargon stands for dealing in a huge database containing confidential information of credit card holders such as user name, expiry date, credit value verification (CVV) numbers and address. Such data are kept by the IT division of any financial institute. Most of the times, hackers enter into protected servers and steal the data. They do it with utmost care and expertise. At any given time, there are more than 5,000 database available on various websites. However, to access it, one has to become member of the paid community," said Sunny Vaghela, a cyber security expert. These hacking websites had many members posting links to TOI's published stories on the online shopping fraud and discussed the implications of opening up of their network.
One post read: "Hope they will come out soon", about the hackers caught. Another read: "Oh s*@#! If they got cards from here then maybe we should close registrations quicker...damn that's lame...old members." In another community, a seeming veteran advised juniors "not to leave cyber footprints and clear up the record before logging out".
The same website forum has tutorials on how to hack into government and non-government organizations and to access backdoor password of financial gateways. After the surfacing of eBay hacking incidents, the website says, cyber crime cells are active in various affected countries and are keeping a tab on suspicious websites.
By Parth Shastri
Fraudulent ATM transactions overseas could be tied to Indiana bank breach - computerworld.com - 19 Jun 2008
A server intrusion at 1st Source Bank in South Bend took place in May
A flurry of fraudulent ATM transactions in recent days in countries such as Russia, Ukraine, Turkey and the Czech Republic may be tied to a server intrusion at 1st Source Bank in South Bend, Ind.
So far, the fraud appears to have affected at least 200 consumers who belong to more than half a dozen banks and credit unions in the state, according to local media reports. Among those reportedly affected are customers of 1st Source, Teachers Credit Union (TCU) and Farm Bureau Credit Union.
Representatives from TCU and Farm Bureau did not immediately respond to a request for comment. Neither did the St. Joseph's County Police Department in Indiana, where a large number of affected consumers reported being victimized by fraudulent automated teller machine transactions.
James Seitz, a vice president at 1st Source, today said it is "reasonable" to assume that the fraudulent transactions are linked to an intrusion into one of the bank's servers on May 12.
The breached server contained debit card transaction data belonging to customers of 1st Source and other financial institutions who used 1st Source ATMs. Seitz confirmed that the information in that server was stolen by hackers, but he refused to say how many records were stolen or how many individuals may have been affected.
After the breach was discovered, the bank immediately "shut down" all of its own cards that were compromised, Seitz said. He refused to disclose how many cards 1st Source blocked and reissued.
The bank also compiled a list of all the other cards that were on the affected system and informed the major credit card companies about the breach, he said.
According to Seitz, much of the fraudulent transactions being reported appear to have taken place over the weekend. Since then, the transactions have "slowed down significantly," he said. Most of the withdrawals were for amounts of $200 or $300 or whatever the daily limits for each card might be.
The incident highlights the international nature of cybercrime and the global market for stolen credit card and bank data. A report released yesterday by security vendor Finjan Inc. noted that the underground market is flooded with stolen credit and debit card data, leading to its easy availability and commodity pricing. According to Finjan, stolen credit and debit card data, which retailed for $100 per card a few months ago, these days costs just about $20 per card and can often be purchased after little more than a Google search.
A flurry of fraudulent ATM transactions in recent days in countries such as Russia, Ukraine, Turkey and the Czech Republic may be tied to a server intrusion at 1st Source Bank in South Bend, Ind.
So far, the fraud appears to have affected at least 200 consumers who belong to more than half a dozen banks and credit unions in the state, according to local media reports. Among those reportedly affected are customers of 1st Source, Teachers Credit Union (TCU) and Farm Bureau Credit Union.
Representatives from TCU and Farm Bureau did not immediately respond to a request for comment. Neither did the St. Joseph's County Police Department in Indiana, where a large number of affected consumers reported being victimized by fraudulent automated teller machine transactions.
James Seitz, a vice president at 1st Source, today said it is "reasonable" to assume that the fraudulent transactions are linked to an intrusion into one of the bank's servers on May 12.
The breached server contained debit card transaction data belonging to customers of 1st Source and other financial institutions who used 1st Source ATMs. Seitz confirmed that the information in that server was stolen by hackers, but he refused to say how many records were stolen or how many individuals may have been affected.
After the breach was discovered, the bank immediately "shut down" all of its own cards that were compromised, Seitz said. He refused to disclose how many cards 1st Source blocked and reissued.
The bank also compiled a list of all the other cards that were on the affected system and informed the major credit card companies about the breach, he said.
According to Seitz, much of the fraudulent transactions being reported appear to have taken place over the weekend. Since then, the transactions have "slowed down significantly," he said. Most of the withdrawals were for amounts of $200 or $300 or whatever the daily limits for each card might be.
The incident highlights the international nature of cybercrime and the global market for stolen credit card and bank data. A report released yesterday by security vendor Finjan Inc. noted that the underground market is flooded with stolen credit and debit card data, leading to its easy availability and commodity pricing. According to Finjan, stolen credit and debit card data, which retailed for $100 per card a few months ago, these days costs just about $20 per card and can often be purchased after little more than a Google search.
Citibank Replaces Some ATM Cards After Online PIN Heist - blog.wired.com - 20 Jun 2008
Following up on my story Wednesday about the purported hacking of a Citibank ATM server, and the subsequent arrest of two cash-rich Brooklyn men, a New York Citibank customer says he received two notices this month from Citibank warning about breaches of a "third party" ATM processing system.
"These security breaches could have resulted in unauthorized access to your Citibank Banking Card number and associated Personal Identification Number (PIN)," the first notice, e-mailed on June 3, warned.
The warning went to off-duty journalist Ryan Naraine, who blogs for ZDNet and teaches computer security through Kaspersky Lab. (Thanks Ryan!) He got a replacement card in the mail, then received a second notice from the bank Tuesday.
Citibank declined to state Friday how many customers are being issued new ATM cards. But it reiterated that its servers weren't hacked, despite FBI and federal prosecutors' claims to the contrary.
"Earlier this year Citibank received notice from a third-party transaction processor for the ATM industry that the processor's systems were potentially compromised in late 2007," spokesman Robert Julavits said in an e-mailed statement. "As a preventative measure we notified and reissued new debit cards to those customers whom we believed may have been exposed to increased risk. We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts."
With Citibank and the feds withholding crucial details, it's hard to assess the scope of the breach, or whether the point source in the PIN leak was Citibank (as the feds claim), an independent third-party (as the bank claims), or something in between.
But there's anecdotal evidence that the Brooklyn arrests haven't stopped the fraud. A San Diego customer told Threat Level that someone pulled $3,000 from his Citibank accounts last Sunday, using a Citibank ATM in Newbury Park, about 150 miles away.
"I spent the entire day Tuesday making five or six phone calls," says Rahul Kumar, a consultant. "I spent hours on the phone, calling an attorney, calling the police."
The cash was taken in a rapid series of withdrawals Sunday afternoon, in which the thief first pulled $800 from a checking account, then $200, then repeated the process for Kumar's second checking account and his overdraft protection account. Kumar's ATM card was safely in his wallet at the time.
Kumar says Citibank canceled his card and issued him a new one when he reported the incident, but did not offer an explanation for the theft. The bank credited him back the $3,000 Thursday.
Though Citibank blames an unnamed "third party" processor for the PIN leak, the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to an FBI affidavit.
That FBI affidavit was filed in a criminal case against two Brooklyn men accused of stealing at least $750,000 from Citibank ATMs in February. When federal agents raided the home of one of the men, 32-year-old Yuriy Ryabinin, they found $800,000 in cash, including $690,000 in garbage bags, shopping bags and boxes stashed in the bedroom closet.
Brian Krebs, at the Washington Post's SecurityFix blog, wonders if the New York prosecution is connected to Citibank's recently-announced plans to replace 2,200 proprietary ATM machines around the county. Spokesman Robert Julavits says there's no connection.
The Citi-branded ATMs at 7-Eleven stores are not part of the replacement. In a branding deal announced in 2006, all 5,600 ATMs at 7-Eleven stores across the country have the Citibank name, and are free of transaction fees for Citibank customers. But those machines are owned and operated by Cardtronics, the largest non-bank operator of cash machines
By Kevin Poulsen
link to the post http://fraudcontrol.blogspot.com/2008/06/citibank-hack-blamed-for-alleged-atm.html#links
"These security breaches could have resulted in unauthorized access to your Citibank Banking Card number and associated Personal Identification Number (PIN)," the first notice, e-mailed on June 3, warned.
The warning went to off-duty journalist Ryan Naraine, who blogs for ZDNet and teaches computer security through Kaspersky Lab. (Thanks Ryan!) He got a replacement card in the mail, then received a second notice from the bank Tuesday.
Citibank declined to state Friday how many customers are being issued new ATM cards. But it reiterated that its servers weren't hacked, despite FBI and federal prosecutors' claims to the contrary.
"Earlier this year Citibank received notice from a third-party transaction processor for the ATM industry that the processor's systems were potentially compromised in late 2007," spokesman Robert Julavits said in an e-mailed statement. "As a preventative measure we notified and reissued new debit cards to those customers whom we believed may have been exposed to increased risk. We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts."
With Citibank and the feds withholding crucial details, it's hard to assess the scope of the breach, or whether the point source in the PIN leak was Citibank (as the feds claim), an independent third-party (as the bank claims), or something in between.
But there's anecdotal evidence that the Brooklyn arrests haven't stopped the fraud. A San Diego customer told Threat Level that someone pulled $3,000 from his Citibank accounts last Sunday, using a Citibank ATM in Newbury Park, about 150 miles away.
"I spent the entire day Tuesday making five or six phone calls," says Rahul Kumar, a consultant. "I spent hours on the phone, calling an attorney, calling the police."
The cash was taken in a rapid series of withdrawals Sunday afternoon, in which the thief first pulled $800 from a checking account, then $200, then repeated the process for Kumar's second checking account and his overdraft protection account. Kumar's ATM card was safely in his wallet at the time.
Kumar says Citibank canceled his card and issued him a new one when he reported the incident, but did not offer an explanation for the theft. The bank credited him back the $3,000 Thursday.
Though Citibank blames an unnamed "third party" processor for the PIN leak, the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to an FBI affidavit.
That FBI affidavit was filed in a criminal case against two Brooklyn men accused of stealing at least $750,000 from Citibank ATMs in February. When federal agents raided the home of one of the men, 32-year-old Yuriy Ryabinin, they found $800,000 in cash, including $690,000 in garbage bags, shopping bags and boxes stashed in the bedroom closet.
Brian Krebs, at the Washington Post's SecurityFix blog, wonders if the New York prosecution is connected to Citibank's recently-announced plans to replace 2,200 proprietary ATM machines around the county. Spokesman Robert Julavits says there's no connection.
The Citi-branded ATMs at 7-Eleven stores are not part of the replacement. In a branding deal announced in 2006, all 5,600 ATMs at 7-Eleven stores across the country have the Citibank name, and are free of transaction fees for Citibank customers. But those machines are owned and operated by Cardtronics, the largest non-bank operator of cash machines
By Kevin Poulsen
link to the post http://fraudcontrol.blogspot.com/2008/06/citibank-hack-blamed-for-alleged-atm.html#links
State computers headed for sale had private information - The Capital-Journal - 19 Jun 2008
The Kansas Department of Administration is tightening its computer security standards an audit revealed Wednesday that state equipment slated for sale to the public contained confidential information.
A review of the state surplus property program, which sells outdated equipment to the public, found seven of the 15 machines inspected contained information considered confidential under state and federal law, including one computer that still had 2,856 Social Security numbers in a file.
"After reading through this report, I had to take a couple nitroglycerin tablets and go lay down," said Rep. Virgil Peck, R-Tyro, a member of the Legislative Post Audit Committee that received the results.
Some of the computers were reformatted, but that doesn't permanently delete all files. Auditor Allan Foster demonstrated an off-the-shelf program that can retrieve such data off a hard drive.
He said some state agencies had policies for properly removing information but thought the surplus program would wipe the hard drives clean. Other agencies had no policy at all.
Carol Foreman, deputy secretary of the Department of Administration, wrote in a letter to the Legislative Division of Post Audit that now, when agencies transfer old machines to the surplus program, they will provide a certificate stating all data has been properly removed.
The surplus program also will inspect each computer from now on and notify agencies of improperly cleaned computers.
Gavin Young, spokesman for the Department of Administration, said they also were working with a company that helps destroy hard drives.
In their review of the 15 computers, Foster and his staff found state employee personnel information, the names and Social Security numbers of Medicaid recipients, employee accident reports, and an investigative report into alleged improprieties by a grant recipient.
"The results were pretty disturbing," Foster said.
He warned that the audit didn't grasp the full extent of the problem.
The report focused only on discarded computers in Topeka and didn't include old equipment from state offices outside of Shawnee County.
And officials said it was impossible to know if any of the approximately 600 computers sold through the program last year might have included confidential information.
Young said there have been no reports of identity theft related to computers from
state agencies.
Even one computer slipping into the wrong hands "could cost the state dearly," Foster said, referring to money the state would have to pay to protect affected people from identity theft.
Of the seven computers still containing confidential information, they came from the adjutant general's office, the Department of Administration, the Kansas Health Policy Authority and the Kansas Sentencing Commission
By James Carlson
A review of the state surplus property program, which sells outdated equipment to the public, found seven of the 15 machines inspected contained information considered confidential under state and federal law, including one computer that still had 2,856 Social Security numbers in a file.
"After reading through this report, I had to take a couple nitroglycerin tablets and go lay down," said Rep. Virgil Peck, R-Tyro, a member of the Legislative Post Audit Committee that received the results.
Some of the computers were reformatted, but that doesn't permanently delete all files. Auditor Allan Foster demonstrated an off-the-shelf program that can retrieve such data off a hard drive.
He said some state agencies had policies for properly removing information but thought the surplus program would wipe the hard drives clean. Other agencies had no policy at all.
Carol Foreman, deputy secretary of the Department of Administration, wrote in a letter to the Legislative Division of Post Audit that now, when agencies transfer old machines to the surplus program, they will provide a certificate stating all data has been properly removed.
The surplus program also will inspect each computer from now on and notify agencies of improperly cleaned computers.
Gavin Young, spokesman for the Department of Administration, said they also were working with a company that helps destroy hard drives.
In their review of the 15 computers, Foster and his staff found state employee personnel information, the names and Social Security numbers of Medicaid recipients, employee accident reports, and an investigative report into alleged improprieties by a grant recipient.
"The results were pretty disturbing," Foster said.
He warned that the audit didn't grasp the full extent of the problem.
The report focused only on discarded computers in Topeka and didn't include old equipment from state offices outside of Shawnee County.
And officials said it was impossible to know if any of the approximately 600 computers sold through the program last year might have included confidential information.
Young said there have been no reports of identity theft related to computers from
state agencies.
Even one computer slipping into the wrong hands "could cost the state dearly," Foster said, referring to money the state would have to pay to protect affected people from identity theft.
Of the seven computers still containing confidential information, they came from the adjutant general's office, the Department of Administration, the Kansas Health Policy Authority and the Kansas Sentencing Commission
By James Carlson
Citibank Hack Blamed for Alleged ATM Crime Spree - blog.wired.com -18 Jun 2008
A computer intrusion into a Citibank server that processes ATM withdrawals led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines in February, pocketing at least $750,000 in cash, according to federal prosecutors.
The ATM crime spree is apparently the first to be publicly linked to the breach of a
major U.S. bank's systems, experts say.
"We've never heard of PINs coming out of the bank environment," says Dan Clements, CEO of the fraud watchdog company CardCops, who monitors crime forums for stolen information.
Credit card and ATM PIN numbers show up often enough in underground trading, but they're invariably linked to social engineering tricks like phishing attacks, "shoulder surfing" and fake PIN pads affixed to gas station pay-at-the-pump terminals.
But if federal prosecutors are correct, the Citibank intrusion is an indication that even savvy consumers who guard their ATM cards and PIN codes can fall prey to the growing global cyber-crime trade.
"That's really the gold, the debit cards and the PINs," says Clements.
Citibank denied to Wired.com's Threat Level that its systems were hacked. But the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to a sworn affidavit (.pdf) by FBI cyber-crime agent Albert Murray.
Federal prosecutors in New York have charged 32-year-old Ukrainian immigrant Yuriy Ryabinin, aka Yuriy Rakushchynets, with access device fraud for allegedly using the stolen information to go on a cash-withdrawal spree. Ryabinin, who is allegedly an active member of underground credit card fraud forums, is not charged with the intrusion itself. He and a co-defendant "received over the internet information related to Citibank customers, which information had previously been stolen from Citibank," according to an indictment (.pdf) in the case.
Also charged is 30-year-old Ivan Biltse, who allegedly made some of the withdrawals, and Angelina Kitaeva. Ryabinin's wife is charged with obstruction of justice in the investigation.
In addition to looting Citibank accounts, Ryabinin is accused of participating in a global cyber crime feeding frenzy that tore into four specific iWire prepaid MasterCard accounts last fall. From September 30 to October 1 -- just two days -- the iWire accounts were hit with more than 9,000 actual and attempted withdrawals from ATM machines "around the world," according to Murray's affidavit, resulting in a staggering $5 million in losses.
Ryabinin was allegedly responsible for more than $100,000 of the stolen iWire cash, which he pulled from Brooklyn ATMs. St. Louis-based First Bank, which issued the cards, declined to comment on the matter, citing the ongoing prosecution.
At the time of the ATM capers, FBI and U.S. Secret Service agents had already been investigating Ryabinin for his alleged activities on eastern European carder forums.
Ryabinin allegedly used the same ICQ chat account to conduct criminal business, and to participate in amateur radio websites. The feds compared photos of Ryabinin from some of the ham sites to video captured by ATM cameras in the New York Citibank and iWire withdrawals, and determined it was the same man -- right down to the tan jacket with dark-blue trim.
When they raided Ryabinin's home, agents found his computer logged into a carding forum. They also found a magstripe writer, and $800,000 in cash, including $690,000 in garbage bags, shopping bags and boxes stashed in the bedroom closet. Another $99,000 in cash turned up in one of the safe deposit boxes rented by Ryabinin and his wife, Olena. Biltse was also found with $800,000 in cash.
Ryabinin's wife told investigators that she witnessed her husband "leave the couple's house with bundles of credit cards in rubber bands and return with large sums of cash," a Secret Service affidavit (.pdf) reads.
Notwithstanding the court documents, Citibank said in an e-mailed statement that it was not the source of the breach. "There is no evidence that Citi servers were compromised in connection with this fraud," the company wrote.
Asked about Citibank's denial, a spokeswoman for the United States Attorneys Office for the Southern District of New York, which filed one of the criminal complaints in the case, said the office would not comment beyond what was in court documents.
Citibank added that it does not hold customers responsible for fraudulent withdrawals, but would not disclose how many customers were affected. Spokesman Robert Julavits did say in an e-mail that "Citibank has complied with all applicable notification requirements." Under New York's Information Security Breach And Notification Act, companies must generally warn consumers of data breaches in the "most expedient time possible."
The timing of the caper -- which prosecutors say began in October -- overlaps Citibank's previously-unexplained lowering of ATM withdrawal limits in New York last December.
Citibank was taciturn at the time, when New Yorkers began noticing that their ATM withdrawal limits had been slashed in half. The bank told the New York Daily News that the move was a response to "isolated fraudulent activity" in New York.
In an earlier incident in 2006, Citibank put transaction holds on some Citi-branded MasterCard debit cards. In that case, the action was later linked to a breach at office-supply retailer OfficeMax. That intrusion remains unsolved.
In the new case, the FBI affidavit says that Citibank knew by February 1 which accounts were leaked, but it left those accounts open while the fraud unfolded.
"Citibank identified all of the account numbers involved in ATM withdrawals during the period that the server was compromised … and established a fraud alert system that notifies Citibank each time one of the compromised Citibank account numbers is used," the affidavit reads.
That language suggests that the attackers may not have had access to stored account numbers and PINs, but instead were tapping into transactions in real time to vacuum up PIN codes as they flew past.
By Kevin Poulsen
The ATM crime spree is apparently the first to be publicly linked to the breach of a
major U.S. bank's systems, experts say.
"We've never heard of PINs coming out of the bank environment," says Dan Clements, CEO of the fraud watchdog company CardCops, who monitors crime forums for stolen information.
Credit card and ATM PIN numbers show up often enough in underground trading, but they're invariably linked to social engineering tricks like phishing attacks, "shoulder surfing" and fake PIN pads affixed to gas station pay-at-the-pump terminals.
But if federal prosecutors are correct, the Citibank intrusion is an indication that even savvy consumers who guard their ATM cards and PIN codes can fall prey to the growing global cyber-crime trade.
"That's really the gold, the debit cards and the PINs," says Clements.
Citibank denied to Wired.com's Threat Level that its systems were hacked. But the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to a sworn affidavit (.pdf) by FBI cyber-crime agent Albert Murray.
Federal prosecutors in New York have charged 32-year-old Ukrainian immigrant Yuriy Ryabinin, aka Yuriy Rakushchynets, with access device fraud for allegedly using the stolen information to go on a cash-withdrawal spree. Ryabinin, who is allegedly an active member of underground credit card fraud forums, is not charged with the intrusion itself. He and a co-defendant "received over the internet information related to Citibank customers, which information had previously been stolen from Citibank," according to an indictment (.pdf) in the case.
Also charged is 30-year-old Ivan Biltse, who allegedly made some of the withdrawals, and Angelina Kitaeva. Ryabinin's wife is charged with obstruction of justice in the investigation.
In addition to looting Citibank accounts, Ryabinin is accused of participating in a global cyber crime feeding frenzy that tore into four specific iWire prepaid MasterCard accounts last fall. From September 30 to October 1 -- just two days -- the iWire accounts were hit with more than 9,000 actual and attempted withdrawals from ATM machines "around the world," according to Murray's affidavit, resulting in a staggering $5 million in losses.
Ryabinin was allegedly responsible for more than $100,000 of the stolen iWire cash, which he pulled from Brooklyn ATMs. St. Louis-based First Bank, which issued the cards, declined to comment on the matter, citing the ongoing prosecution.
At the time of the ATM capers, FBI and U.S. Secret Service agents had already been investigating Ryabinin for his alleged activities on eastern European carder forums.
Ryabinin allegedly used the same ICQ chat account to conduct criminal business, and to participate in amateur radio websites. The feds compared photos of Ryabinin from some of the ham sites to video captured by ATM cameras in the New York Citibank and iWire withdrawals, and determined it was the same man -- right down to the tan jacket with dark-blue trim.
When they raided Ryabinin's home, agents found his computer logged into a carding forum. They also found a magstripe writer, and $800,000 in cash, including $690,000 in garbage bags, shopping bags and boxes stashed in the bedroom closet. Another $99,000 in cash turned up in one of the safe deposit boxes rented by Ryabinin and his wife, Olena. Biltse was also found with $800,000 in cash.
Ryabinin's wife told investigators that she witnessed her husband "leave the couple's house with bundles of credit cards in rubber bands and return with large sums of cash," a Secret Service affidavit (.pdf) reads.
Notwithstanding the court documents, Citibank said in an e-mailed statement that it was not the source of the breach. "There is no evidence that Citi servers were compromised in connection with this fraud," the company wrote.
Asked about Citibank's denial, a spokeswoman for the United States Attorneys Office for the Southern District of New York, which filed one of the criminal complaints in the case, said the office would not comment beyond what was in court documents.
Citibank added that it does not hold customers responsible for fraudulent withdrawals, but would not disclose how many customers were affected. Spokesman Robert Julavits did say in an e-mail that "Citibank has complied with all applicable notification requirements." Under New York's Information Security Breach And Notification Act, companies must generally warn consumers of data breaches in the "most expedient time possible."
The timing of the caper -- which prosecutors say began in October -- overlaps Citibank's previously-unexplained lowering of ATM withdrawal limits in New York last December.
Citibank was taciturn at the time, when New Yorkers began noticing that their ATM withdrawal limits had been slashed in half. The bank told the New York Daily News that the move was a response to "isolated fraudulent activity" in New York.
In an earlier incident in 2006, Citibank put transaction holds on some Citi-branded MasterCard debit cards. In that case, the action was later linked to a breach at office-supply retailer OfficeMax. That intrusion remains unsolved.
In the new case, the FBI affidavit says that Citibank knew by February 1 which accounts were leaked, but it left those accounts open while the fraud unfolded.
"Citibank identified all of the account numbers involved in ATM withdrawals during the period that the server was compromised … and established a fraud alert system that notifies Citibank each time one of the compromised Citibank account numbers is used," the affidavit reads.
That language suggests that the attackers may not have had access to stored account numbers and PINs, but instead were tapping into transactions in real time to vacuum up PIN codes as they flew past.
By Kevin Poulsen
Subscribe to:
Posts (Atom)