Sunday, May 07, 2006

Internet Crimes are On the Rise and Deadlier than Ever

Panda Software recently issued it's quarterly report, which comes to the frightening conclusion that 70 percent of all malware they detected in the first quarter of 2006 is related to cyber crime. Activity also seems to have hit record numbers!

Here is their summary:

This report confirms the new malware dynamic based on generating financial returns. Spyware, Trojans, bots and dialers were the most frequently detected types of malware between January and March 2006. Trojans accounted for 47 percent of new malware examples during the first quarter of 2006.

Seventy percent of malware detected during the first quarter of 2006 was related to cyber crime and more specifically, to generating financial returns. This is one of the conclusions of the newly published PandaLabs report, which offers a global vision of malware activity over the first three months of the year. Similarly, the report offers a day by day analysis of the most important events in this area. This report can be downloaded, free of charge, here.

Since this statistic interested me, I jumped over to the Anti-Phishing Working Group's page to see what they had to say. Please note that Panda, along with Websense and MarkMonitor share information with the APWG. They confirmed Panda's report that crime on the Internet seems to be at an all time high.

Here is a tickler from their report:

The total number of unique phishing reports submitted to APWG in March 2006 was 18,480, the most reports ever recorded. This is a count of unique phishing email reports. March 2006 continues the trend of more phishing attacks and more phishing sites. The IRS phishing attack doubled in volume in March as compared to February (in the USA, the tax filing deadline was April 17 in 2006, as the usual April 15 deadline fell on a weekend this year.)

Link, here.

Two of the most concerning forms of malware being used are Keyloggers and Redirectors. Keyloggers are a form of spyware, which record all the strokes on a computer and transmits them to back to the person (criminal), who installed the malware. They are normally used to steal financial information, used in identity theft schemes.

Sadly enough, Keyloggers are legal and easily bought anywhere, including the Internet. They allegedly have legitimate uses like spying on other people?

Perhaps, the FTC should go after some of these vendors like they recently did with the Private Investigators selling telephone records?

Redirectors are a trojan, which once installed on a computer, redirect the user to malicious sites, where their financial information is stolen. The sites are also known to download more malware (crimeware) on systems. Redirectors are extremely dangerous because there is little indication you are being hijacked.

The Anti-Phishing Working Group has some excellent educational information on this subject, including what to do if you become a statistic:

How to Avoid Phishing Scams

What To Do If You've Given Out Your Personal Financial Information

Too many people (who know what to look for) ignore and delete phishing attempts. There are a lot of places you can report activity and make an impact. In most cases, it only takes a minute or two to do so.

You can report phishing activity to the APWG, here. Activity can also be reported to PIRT, which is a joint venture by Sunbelt Software and CastleCops.

Another resource to report activity is the Internet Crime Complaint Center, which is associated with the FBI. You can report it a lot of places, but it is important to report it. If everyone took the time to report one phishy email a day, it would probably have a significant impact.

By reporting the activity that we see and taking advantage of the mostly volunteer efforts to fight it, we might make the Internet a safe place for everyone again. As access becomes cheaper and more widespread, the number of potential victims is growing at a record rate.

Continuing to ignore all those "Phishy" e-mails will only encourage the Phishermen to move forward with greater frequency. Additionally, the attacks are becoming more sophisticated and "how to kits" are being sold on how to do these dirty deeds. This will undoubtedly bring more and more Phishermen to the (already) murky waters of the Internet.

Of course, we can also take the time to educate newer users, also. In fact, awareness protects people more effectively than anything I've seen, thus far.

Saturday, May 06, 2006

Retailers Find their Stolen Merchandise for Sale on eBay

Shoplifting costs retailers billions of dollars a year and we all pay for it in the form of higher prices. On the low end, you have teenagers and opportunists "boosting" merchandise. Moving up the retail theft food chain you have people supporting drug habits and even organized gangs, who steal from retailers on a larger scale.

A common misconception is that the majority of losses stem from individuals stealing items for their own use. In fact, the majority of stolen goods are converted into cash.

With the increased focus on the traditional means of converting stolen merchandise into cash, such as refunding, common and professional "boosters" are flocking to eBay to accomplish their primary goal.

This was a matter of concern raised at the Retail Fraud Conference held in London recently. Penelope Ody of the Retail Bulletin reports:

Retailers at this week's Retail Fraud conference in London (May 4) had a new preoccupation adding to the usual concerns over dishonest cashiers, sweethearting and back door delivery thefts-eBay. According to Boots head of loss prevention and security, Robert Jennings, this is now in the top five areas of concern as retailers increasingly see their merchandise offered in bulk on the web auction site.

Link, here.

Note that the Jennings is saying for "offered in bulk," which would lead one to speculate that this isn't being done by the "opportunists" and is more likely the work of organized gangs.

Interestingly enough, there has been a lot of buzz recently on organized gangs involved in shoplift activity. Margaret Pressler of the Washington Post recently wrote:

Retailers and theft experts say criminals have discovered that large profits can be made relatively easily, and without much risk, by stealing merchandise from crowded, understaffed stores. They say the most stolen items tend to be high-priced, widely used products that are routinely sold in chain stores: over-the-counter medicines, razors, film, CDs and DVDs, baby formula, diapers, batteries, hair-growth and smoking-cessation products, hardware, tools, designer clothes and electronics.

Link, here.

AND another recent viewpoint from SecurityInfoWatch.com might lead one to believe that organized retail crime has ties to illegal immigration and terrorisim.

Liz Mart'nez wrote:

According to CIS Robert W. Nolen, a lead trainer in a course developed with Bureau of Justice Assistance grant money called "Understanding, Combating, and Surviving Terrorism," many criminals from terrorist countries specialize in the re-sale of stolen consumer goods. The profits from these enterprises are used to fund terrorist activities.

In many cases, men and women from El Salvador, Honduras and Mexico travel together, doing the actual stealing. Each person in the crew has a particular area of expertise, whether it be distracting store employees, doing the actual boosting, or driving the get-away vehicle. These professional thieves often earn $3,000 a week.

Link, here.

Although not stated in the article, if illegal immigrants are doing the stealing and criminals from terrorist countries are selling the goods, it makes me wonder how close their relationships could be?

Another issue, retailers have had with eBay is the sale of gift cards on the site. Whether purchased with bogus financial instruments, or issued as refunds (which could be a direct result of shoplifting), gift cards are another means of converting stolen proceeds into cash.

In another interesting article, again from the Washington Post, Ariana Cha wrote:

The shoplifters discovered some stores would allow them to return the goods without receipts for store credit or gift cards. They then sold those vouchers on the giant online marketplace. It was easy, instant and anonymous. The money flowed in -- they got 76 cents per dollar of stolen merchandise, a huge takeaway considering that shoplifters traditionally net 10 percent or less of the retail value of the items. The group made more than $200,000 in 10 months.

This is yet another example of many, where crimes of all sorts are occurring in the Internet auction world (particularly eBay). We can't hold auction sites accountable for being in collusion with criminals, but we can hold them accountable for not providing a safe shopping environment.

After all, how long would one of these retailers survive if they allowed the amount of crime to occur within their four walls with people walking around? My guess is that they would be out of business pretty quickly.

The same standard needs to be applied to the Internet and if this "business model" is to survive, the auctioneers needs to wake up and smell the coffee. Thus far, eBay has been able to blame everyone, but themselves; however as corporations become victims, the stakes are likely to grow.

Corporations have money and can afford a lot of lawyers.

Tiffanys might have already started this trend with it's pending litigation regarding the sale of counterfeit merchandise on eBay.

Thursday, May 04, 2006

PI's Get a Black Eye from the FTC for Selling Phone Records

In the information age, our personal information has been gathered, sold and indexed for profit. Unfortunately, all too often, this information isn't protected properly and used by people, who have no right to it.

Criminals, Snoops and Stalkers delight in being able to get their hands on people's personal information AND this results in people becoming victims of a lot of different crimes.

Recently Private Investigators of the Internet sort have been offering personal telephone records for sale. Since the information is being sold over the Internet, we can assume, it is being sold to anybody and everybody. The FTC is sending a message that this is illegal and some of these Internet PI's are probably going to end up with a "black eye."

Here is a press release from the FTC:

FTC Seeks Halt to Sale of Consumers’ Confidential Telephone Records

The Federal Trade Commission has filed federal court complaints charging five Web-based operations that have obtained and sold consumers’ confidential telephone records to third parties with violating federal law. The agency is seeking a permanent halt to the sale of the phone records, and has asked the courts to order the operators to give up the money they made with their illegal operations.

“Trafficking in consumers’ confidential telephone records is outrageous,” said Lydia Parnes, Director of the FTC’s Bureau of Consumer Protection. “It robs consumers of their privacy and exposes them to everything from snoops to stalkers. We intend to put a stop to it.”

In congressional testimony last February, the FTC said it was investigating companies that advertised on the Internet that they would obtain and sell telephone records. The testimony said that FTC staff had surfed the Web to locate companies that offered to sell consumers’ phone records, identified targets, and completed undercover purchases of the phone records. FTC staff followed up with warning letters to operators of 29 Web sites that continued to advertise the sale of phone records to the public.

The Telecommunications Act of 1996 states that customers’ phone records are their private property and can only be disclosed to the customer or with the approval of the customer. According to the FTC complaints in these cases, the defendants advertised on their Web sites that they could obtain the confidential phone records of any individual, including lists of outgoing and incoming calls, and make that information available to their clients for a fee. “The account holders have not authorized the defendants to obtain access to or sell their confidential customer phone records. Instead, to obtain such information, defendants have used, or caused others to use, false pretenses, fraudulent statements, fraudulent or stolen documents or other misrepresentations, including posing as a customer of a telecommunications carrier, to induce officers, employees, or agents of telecommunications carriers to disclose confidential customer phone records,” the FTC complaints state. The defendants then sold the records to third parties. According to a Commission complaint, one of the defendants, Integrity Security & Investigations Services, Inc., based in Yorktown, Virginia, also advertised, obtained and sold consumers’ financial records, including credit card information.

The agency charged that the practices violate the FTC Act and has asked the courts to permanently bar the illegal practices and order the defendants to give up their ill-gotten gains.

The FTC brought these cases with the invaluable assistance of the Federal Communications Commission. The FTC also acknowledges the assistance of Cingular Wireless LLC, Sprint Nextel Corp., and Verizon.

The defendants in these cases are: 77 Investigations, Inc., and Reginald Kimbro, based in Upland, California, and using mailing addresses in Jacksonville, Florida, Broomfield, Colorado, and Nashville, Tennessee; AccuSearch, Inc., doing business as Abika.com, and Jay Patel, based in Cheyenne, Wyoming; CEO Group, Inc., doing business as Check Em Out, and Scott Joseph, based in Fort Lauderdale, Florida; Information Search, Inc., and David Kacala, based in Baltimore, Maryland; and Integrity Security & Investigation Services, Inc., Edmund L. Edmister, Tracey Edmister, and F. Lynn Moseley, based in Yorktown, Virginia, with a mailing address in Laguna Beach, California.

The Commission vote to file the complaints was 5-0.

Link, here.

If you spot this type of activity, here is where you can report it:

To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form.

For a previous post, I did about private companies selling your information, link here.

BIN (Buy it Now) Scams on eBay

Fraud on eBay has victimized a lot of people AND eBay rarely admits fault, or takes effective action against the fraudsters. The latest activity seems to be BIN (Buy it Now) scams.

Ina Steiner of AuctionBytes reports:

"Over the past month, eBay sellers on U.S. discussion boards have been discussing the problem of Chinese "BIN bandits" on eBay. The problem described by posters is that newly registered, zero-feedback members from China are buying BIN (Buy It Now) items from eBay sellers in a systematic fashion, and not following through on the transactions."

It seems the intent of these BIN (Buy it Now) scams is to get the merchandise shipped (0ff-eBay) and pay for it via a payment scam. This might be done with fraudulent cashiers checks (rampant in the world of internet fraud), or with one of the fraudulent debit/credit card numbers (sold in Internet Relay Chat) chatrooms OR even with one of the counterfeit money orders that are flooding the world of Internet scams.

Another problem with this scam is eBay refunding the fees to sellers when one of these BIN bandits backs out of a transaction. There seems to be a lot of "negative feedback" regarding eBay's process to get the fees refunded. Allegations are that the process is full of red tape and it often is difficult to get a refund.

Ms. Steiner stated in her article:

"One seller alleges that in a previous BIN bandit episode that lasted over 7 months, eBay only took action when sellers flooded the California and New York Attorneys General's offices with complaints."

Another speculation from the article is:

"Some eBay sellers have speculated that the BIN bandits might be members of eBay's affiliate program who receive generous compensation for sending new bidders to eBay.com. In the U.S., affiliates can earn between 40 - 70 percent of eBay's revenue on winning bids or Buy It Now transactions within 7 days of an affiliate action. Affiliates also earn between $12 and $20 for each new active confirmed registered user (ACRU) driven to eBay (http://affiliates.ebay.com/)."

Link to article from AuctionBytes, here.

eBay is taking limited action, but only the sort that won't limit their profits. For one, they suggest only using PayPal (which they own and profit from) and there are a lot of people out there, who prefer other methods of payment.

The article refers to a lot of this coming from China, but other points of compromise could be Nigeria, Singapore and those Eastern European nations. "Buy it Now" fraud seems to be the latest mutation of Auction fraud, which sometimes includes Advance Fee scams.

When reading the AuctionBytes article, I came across a great site dedicated to fraud on eBay (eBayMotorsSucks). The site is very up-to-date and a great resource to protect people. I highly recommend it.

Here are some previous posts, I've done on Auction fraud:

Do It Yourself Hacker Kits

25 Ways to Avoid Auction Fraud From a Seller's Perspective

eBay's Fraud Hall of Shame

Wednesday, May 03, 2006

A Case of the Fox Watching the Henhouse

The head of a Medicaid fraud unit has been stripped of her responsibilities stemming from testimony she gave two years ago about committing fraud. Since she was testifying against her boss, the Governor, prosecutors made a deal with her that allowed her to continue working for the people of Connecticut.

Apparently, Kristine Ragaglia, head of Connecticut's Medicaid fraud unit, is being assigned to administrative duties after the new governor (M. Jodi Rell) reopened the case.

Even now, she can't be fired immediately.

When the investigation came to a head against former Governor (John Rowland), she left her post as head of the child protection agency, did a brief stint in the attorney general's office and then was hired to run the Medicaid fraud unit.

This all happened after she admitted to a grand jury of committing fraud.

For the full story from the Associated Press, link here.

This illustrates what's wrong with a lot of our social programs and the legal system. In my opinion, further investigation should also occur into everyone, who allowed this to happen.