Monday, July 31, 2006
On occasion, malware could (also) be injected into a system just by visiting a site.
Now they are impersonating an internationally known and (respected) law enforcement organization.
The Register is reporting:
419 advanced fee scammers have created an exact copy of the Interpol website, which is expected to be used to dupe victims into believing they are dealing with the real International Criminal Police Organisation.
Please note that the website is still active and hosted in China.
Full story from the Register, link here.
Warning from the real Interpol site, link here.
Interpol isn't the only public agency impersonated in recent years, others include the IRS and the FBI.
I wanted to add a thought - which is - neither the Register, or Interpol give any specifics as to what the e-mails ask a person to do. There are references to Nigerian fraud, but the site is hosted in China? It will be interesting to see how this progesses.
If anyone has seen one of the actual spam e-mails, I would appreciate a comment on this post.
Nonetheless, a "scam is a scam," and this looks like a scam to me.
Sunday, July 30, 2006
Here is an excerpt from the blog post:
Saturday, July 29, 2006
After thinking about it carefully, I decided I would post on it. After all, "how to scam" information is readily available in IRC chatrooms and "how to kits" are being sold right on the Internet. The fact is that all this information is already available to the scammers in "members only" chatrooms.
Kay (the site's author) maintains that the information is to "wake people up" to the problem with phishing. As I stated - earlier - after much reflection, I came to the conclusion that Kay is right.
And there is no doubt that phishing is a big problem that continues to grow, if we are to believe the Anti Phishing Working Group (APWG). Their May report states it is at an all time high.
The site (fightphishing.blogspot.com) points out security flaws at AOL, MIT, Citibank, Wells Fargo and even the IRS. Interesting enough, Kay hasn't pointed out any flaws with eBay, or PayPal. This week, Sophos reported that 75 percent of the phishing attempts are directed towards their customers.
For a scary look at why creating rogue websites might be so easy, here is a link to Kay's site.
Thinking about this - made me reflect on how a person doesn't need to be a "hacker, cracker, or phreak" to commit these crimes - all they need to do is go on the Internet.
Here is a interesting story (describing how non-technical crooks are obtaining technical resources via the Internet) by Kim Zetter at Wired News, "Confessions of a CyberMule."
The story details - how a drugged out prostitute - got involved with cybercriminals from Eastern Europe and successfully used stolen debit and credit cards to make a lot of money.
Please note - based on the description I read - this was no "hacker" doing all of this, but rather a "common criminal," who made contact (via the Internet) with the people providing the means to plunder our financial system.
The ghouls doing this are very adept at letting low-level criminals (mules) take all the risks for them. Of course - as in most of these crimes - he only kept a percentage and wired the rest of the money back to his Eastern European employers.
The fact that he was caught means little because there are plenty of more people to recruit out there.
If you would like to help fight phishing - help create awareness - and report it to a new group of volunteers that fight it, link here.
They take care of "getting the word out" to all the right places.
Friday, July 28, 2006
This week, Sophos is reporting a new version of this scam - where all you have to do is view the pictures of a prospective lover - and a trojan is downloaded on your system.
Here is the report from Sophos:
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded internet users to be on their guard following the discovery of a spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information.
When first run on a user's computer, the Troj/Keylog-HD Trojan horse displays a slideshow of 3 photographs of a young woman called "Victoria Stasova". Accompanying the photographs is a love heart and an AOL email address.
However, while the pictures are being displayed, the malware steals keypresses and information from the infected user's PC which could allow hackers to plunder bank accounts and commit identity theft.
Please note that the pictures of Victoria could be replaced by other attractive young women, or men. Here is an interesting site, Romancescam.com, which has a database (complete with pictures of the scammers).
I've written some previous posts on Romance Scams:
Postal Money Order Romance Scam
Phishing for a Lonely Heart
There is also a Yahoo Group - which is extremely active - that goes after these scammers:
Romance Scam 419 Yahoo Group (US)
Here is their credo:
"Welcome to the group Romance scams. Please feel free to tell us your story whether it is your own personal story or that of someone you know. This group provides a safe haven for all, free of criticism and judgment. Our goal is to educate by getting the word out to as many people as possible. Check out our photo, link, database, and file pages when you get the opportunity."
If you want to learn more about this type of scam - this is probably the best place to go.
So far as avoiding malware, never open or download from "unknown sources" and make sure the protection on your computer is up-to-date.
Nick Galvin in the Sydney Morning Herald reports:
"Forty-eight per cent of the auction users surveyed by the Communications Law Centre said they had experienced problems when buying an item. Most often they did not receive the goods they had paid for or, where the item was received, it was not the same as had been described on the site."
eBay Australia disputes this figure:
eBay's director of trust and safety, Alastair MacGibbon, said he had "severe questions" about the conclusions in the report.
"If there was even a remote chance the [centre's] figures were even marginally correct there is no way we would have survived a weekend let alone 10 years on the internet," he said.
Mr MacGibbon said the survey was inadequate and open to bias because it had been conducted online. However, he declined to reveal eBay's own figures on online fraud, other than to repeat that a "fraction of one per cent" of the transactions on the site resulted in confirmed fraud.
Link to Australia story, here.
Interestingly enough, there are stories throughout the world that support the Australian claim. In February, I did on a post - where the NCL (National Consumers League) released the top ten scams of 2005. In the report, which lists auction fraud as the "number-one" problem - they added a "telling" paragraph:
In the fall of 2003, online giant eBay removed the link from its Web site to fraud.org. As a result, the number of auction complaints reported to NCL's fraud center dropped to 1/6 its previous level. Based on statistics prior to eBay's action, NCL estimates that there would have been 30,720 auction complaints in 2005, representing 71 percent of complaints.
More recently, the State of California (where eBay is located) issued an alert on an "emerging" eBay fraud trend:
California Issues Alert on Emerging eBay Fraud Trend
And for a British perspective from the BBC on eBay fraud, link here.
eBay's take in this story was to blame their own "users." The reason eBay cited was (users) having their accounts taken over - because they responded to "phishing" e-mails and didn't have their computers protected properly.
Just this week, Sophos announced that 75 percent of the phishing attempts they saw target eBay and PayPal users. Normally, the intent is to "take over" an eBay, or PayPal account and use the account to commit fraud.
For the report by Sophos, link here.
eBay is immensely popular and loved by many. They are being targeted by criminals and this isn't their fault. Instead of down playing the amount of fraud - they need to take another approach - which is a "zero tolerance" attitude towards it.
After all -- should they fail to do so -- they will continue to be targeted and might lose the most important asset they have, which is their customer.
Until then, the main line of defense is to continue to educate the user and recommend that (all the users) support the fight against fraud on eBay by reporting what they see.
So far as the phishing attempts - a good place to report them is PIRT (Phishing Incident Reporting and Termination Squad) run by CastleCops and Sunbelt Software.
PIRT is run by a lot of dedicated volunteers - who like many of us - are sick and tired of seeing people get taken.
A great educational resource - to share with others and written by a eBay user - which is the subject of a previous post is:
25 Ways to Avoid Auction Fraud From a Seller's Perspective
And if you want to have a "safer" shopping experience on eBay, there is a service that bonds sellers and once they are bonded; guarantees the transaction. Here is a post, I did on buySAFE:
buySAFE Protects it's Customers from Fraud on eBay
Thursday, July 27, 2006
This bill (many believe) isn't consumer friendly and will weaken existing state laws to protect the rights of "identity theft" victims.
I decided to pass this on and see if anyone else wants to let Congress know how you feel.
Here is the letter:
Great news! Together, we're putting the kibosh on identity thieves. In roughly one year, consumers like you sent more than 420,000 emails to lawmakers across the country asking them to pass strong identity theft protections.
Due to these efforts, 25 states have passed laws protecting consumers. Last week, more than 1,500 consumers from 49 states and the D.C. called their representatives and asked them to “vote no” on HR 3997, a do-nothing identity bill. The effort paid off as the House delayed a vote on the bill! Help us kill this bill once and for all. Find out how you can help!
If you are interested in why (many of us believe) this isn't the bill to pass, here is my most recent post - along with previous posts about this subject:
The Financial Data Protection Act Doesn't Protect the Citizen
Tuesday, July 25, 2006
In many cases the keyword searches contained both phrases.
In the Secret Shopper scam, people are solicited to become "Secret Shoppers" - sometimes known as "Mystery Shoppers" - and go into (normally) Walmart to negotiate a bogus check (Walmart recently got into the business of cashing checks). They are then asked to wire the money using Walmart's MoneyGram services to Canada and report on the "customer service" aspects of their visits.
The checks, in most cases, are counterfeit! The person cashing them will be the one held responsible, which will mean a "financial hardship" and (possibly) criminal charges for their labor.
Once the money is wired, it's normally picked up immediately, and can't be recovered.
Here are some other posts regarding this scam:
Secret Shopper Scam Targets Walmart, Again
Secret Shoppers Scammed
Counterfeit Travelers Express (MoneyGram) Money Orders Showing Up ...
And here "cut and pasted" (from an earlier post) is where you can report these scams:
Internet Crime Complaint Center (FBI)
And Canada (where most of this seems to come from) has a site of their own to report activity:
Also, if you are seeing this scam, please feel free to e-mail me (firstname.lastname@example.org) , or leave a comment on this post. I'm curious to see how well the "keyword analysis" works.
Sunday, July 23, 2006
And to make it even easier for the crooks, it's "wireless."
Please note that the U.S. State Department plans to start issuing passports with RFID chips in August.
Here is an interesting story by Nic Fulton at Reuters:
Annalee Newitz and Jonathan Westhues presented their experimentations at the HOPE Number 6 conference in New York City in front of a crowd of hackers, tweakers and phone phreakers.
This is the first time someone has cloned an human-implanted RFID chip, Newitz said. Since I have been chipped Jonathan refers to me as an implanted pet.
Newitz said she has an RFID chip implanted in her right arm manufactured by VeriChip Corp., a subsidiary of Applied Digital.
Their Web site claims that it cannot be counterfeited that is something that Jonathan and I have shown to be untrue.
The pair demonstrated the cloning process: Westhues held a standard RFID reader against Newitz's arm to register the chip's unique identification number.
Next, Westhues used a home-built antenna connected to his laptop to read Newitz's arm again and record the signal off her implanted chip.
Westhues then takes the standard RFID reader and waves it past his laptop's antenna. The reader beeps, showing Newitz's until then unique ID. It actually has no security devices what-so-ever, Newitz said of VeriChip's claims that its RFID chips can not be counterfeited.
And Reuters - in the interest of fair reporting - updated the story to include a comment from Verisign, a leading vendor of RFID technology:
VeriChip spokesman John Procter said in a phone interview that he had read about Newitz and Westhues work, but the company had not been able to review the evidence. He had no specific comment regarding their cloning project.
We can't verify what they may or may not have done, Procter said, adding that: We haven't seen any first-hand evidence other than what's been reported in the media.
It's very difficult to steal a VeriChip, it' s much more secure than anything you'd carry around in your wallet, he added.
My thought for Verichip is please get out there and view some of the evidence. This technology threatens to put us all at risk!
And Verichip is right about one thing, not too much is safe in our wallets (these days) -- thanks to technology -- which seems to be hacked faster than it can be developed.
Saturday, July 22, 2006
Michael Smith of the Sunday Times reports:
"A NATIONAL fraud squad is being set up to tackle organised crime and to choke off funding for terrorists."
"The unit will act like the old Scotland Yard murder squad, being dispatched to forces lacking the manpower or expertise to investigate fraud."
"Lord Goldsmith, the attorney-general, will announce proposals tomorrow for the City of London police economic crime unit to take responsibility for investigating fraud throughout England and Wales."
"A national reporting centre is to be set up to collect intelligence on links between financial crime and terrorists. The National Fraud Intelligence Bureau will link the police and other government investigators with databases provided by the banks, insurance and credit card companies to cut the more than £14 billion annual cost of fraud."
For the full report by Michael Smith, link here.
Recently, the head of the RCMP (Royal Canadian Mounted Police) made a plea for additional funding to do the same thing.
And the FBI has been saying this for at least a couple of years now.
Here is the previous post, I did on that matter:
Do Financial Crimes and Internet Fraud Fund Terrorism
My only comment is that a lot of experts seem to agree on this.
Fraud is no longer a "low level" crime done by small time con artists and teenagers!
Here is a release by Press Wire:
Next week, the leadership of the House of Representatives plans to vote on "The Financial Data Protection Act," a controversial and weak version of data security legislation that would strip consumers of their existing state rights to protect themselves against identity theft.
"It's shocking that at a time when data breaches are in the headlines daily and consumers are at greater risk than ever for identity theft, Congress would choose to vote on a bill that would strip consumers of their existing identity theft protections," said Susanna Montezemolo, policy analyst with Consumers Union, nonprofit publisher of Consumer Reports magazine. "Congress should be helping consumers prevent identity theft, not making things worse," she added.
Ed Mierzwinski, Consumer Program Director for the U.S. Public Interest Research Group, added: "The states have given consumers strong identity theft protections, but Congress wants to take those rights away with this industry-approved bill that won't prevent data breaches and won't scare identity thieves into going straight. If House leadership is using this bill as a message, the message is quite simple: consumers lose out."
To understand why there are some - who would want to weaken this legislation - all one needs to do is look at the companies, who have been losing everyone's information.
Credit bureaus and the financial services industry have been making billions selling "personal information" for years.
According to the Privacy Rights Organization, which has monitoring these breaches, almost 90 million Americans have had their identities compromised. You can view their chronology, here. Note that in some of the breaches (the number was unknown) so the actual number of people compromised might be higher.
There are a few flaws (my opinion) in the current legislation. The new laws will allow companies, institutions and organizations to decide - via an internal investigation - whether disclosure is warranted, and gives them 45 days to report it if there is a "reasonable risk" of identity theft. If we look at this from a historical perspective (organizations reporting themselves), we are in a lot of trouble.
The law reeks of allowing the "foxes to watch the chicken coop."
The other thing that bothers me is the impact this might have on our safety and security. There is little doubt that the "identity theft" business is booming and controlled by organized crime.
Here is a previous post, I wrote about that:
Mexican Organized Crime Ring is Mass Producing Fake Documents - and Considers Terrorism an American Problem
In a era - where we are concerned about "border security and terrorism" - this law doesn't make sense.
So far as "making sense," here is a post I did regarding why some of this criminal activity has become so lucrative:
Are We Addressing Cyber Crime from the Wrong End
The Consumers Union recommends you write your representative to express your displeasure. You can do so on their website.
The Boston Police Officers behind this were also (allegedly) involved in narcotics, fraudulent gift cards, smuggling illegal immigrants, identity theft, sponsoring after hour parties with prostitutes, selling steroids, insurance fraud, trafficking in stolen electronics and "fixing" traffic tickets.
I wonder if the people who paid to have their traffic ticket "fixed," had their identities sold afterwards?
The AP is reporting (courtesy of KATV Boston):
"Three Boston police officers accused of taking $35,000 in exchange for protecting a cocaine shipment were arrested in Miami on federal drug charges in an FBI (website) sting operation, authorities said Friday. Roberto Pulido, 41, Carlos Pizarro, 36, and Nelson Carrasquillo, 35, were arrested late Thursday in Miami. Authorities described Pulido as the ringleader and said he was involved in a broad range of other illegal activities, from identity theft to smuggling illegal immigrants to selling steroids."
"Pulido allegedly provided names, dates of birth and Social Security numbers of more than 160 people to the group, according to the affidavit. He is accused of getting the information by running the license plates of people he stopped or arrested."
Full story, here.
There seems to be a lot of public officials getting caught with their hands in the "cookie jar." Recently, the FBI added a page where anyone can report misdeeds involving public officials.
Quite frankly, it saddens me to see how many public officials seem to be getting caught. After all, most of us were brought up to believe these people had a higher calling in life.
On the other hand, if it weren't for "good people" in law enforcement, they would still be out doing these shameful deeds.
SophosLabs is reporting that a new advance fee (spam) e-mail is circulating claiming to have found a cure for aids. Here is what they have to say:
"However, Sophos warns computer users that this is a ruse to steal personal details, and that the fraudsters behind the scam campaign can use such information to steal money from bank accounts and commit identity fraud."
"People who receive this email may believe they are helping the world fight AIDS, as well as potentially make themselves some money from the proceeds of any distribution of a successful cure. However, the scammers are just using another method to try to dupe computer users into divulging sensitive information," said Carole Theriault, senior security consultant for Sophos. "It's particularly sick of the hackers to exploit human illness in their search for innocent computer users to fleece."
"This email con-trick is the latest of many 419 scams. These scams are named after the relevant section of the Nigerian penal code where many of the scams originated and are unsolicited emails where the author offers a large amount of money. Once a victim has been drawn in, requests are made from the fraudster for private information which may lead to requests for money, stolen identities, and financial theft."
There is a copy of the letter on the alert from Sophos.
Unfortunately, the alert - which contains the e-mail in question - is cut-off before it is clear exactly what the scam entails. It also makes references to stealing personal information (identity theft) - which can be done via "social engineering," or by visiting a "rogue website" and picking up some malware on your system.
I decided to "dig a little deeper" and used one of my favorite tools, "Google."
Sure enough, I was able to find more information on this - including "WHOIS" data regarding the origin of the e-mails. Interestingly enough, this version of the scam has been around for since February, 2005. The e-mail in the Sophos alert was dated this month (July).
This version was reported by Joe Wein, who runs a Japanese software company that sells spam and on-line fraud protection.
In this version, the e-mail using a UK e-mail address from a IP address in Nigeria. The letter claims to be from an Indian doctor.
It appears Joe corresponded with the scammer and the lure to obtain personal information appears to be of a "social engineering" (human con) type. The e-mail asks for patients medical information, which in turn will probably be used for "identity theft" purposes.
The additional e-mails also mentions having the "aids drugs" sent to people. Please note that there also is a big problem with the sale of "useless" counterfeit drugs on the Internet. Most of us get spam e-mails about this all the time, at least in our spam filters.
In both of the e-mails, I was unable to find any "direction" to a "rogue site," which might install spyware, malware, or crimeware on a computer.
If you would like to view this version, link here.
Having the proper protection on your computer is extremely important, but being knowledgeable of "social engineering" is critical, also.
The term "buyer beware" (caveat emptor) is a good thing to think about before proceeding with a transaction on the Internet. A little "digging" and verifying facts is prudent, also.
"If it's too good to be true - it might not be."
Wednesday, July 19, 2006
The Internet Crime Complaint Center (IC3) is reporting:
The FBI has been alerted to a newly discovered malware located at http://www.irrealhost.com. Malware is software designed to infiltrate or damage a computer system without the owner's consent.
The identified malware lures victims to the site through the receipt of an SMS message on their cellular phone. An SMS message is a Short Message Service that permits the sending of short messages, also known as text messages. The message thanks the recipient for subscribing to a dating service, which is fictitious, and states the subscription fee of $2.00 per day will be automatically charged to their cellular phone bill until their subscription is canceled at the online site.
Recipients visiting the site http://www.irrealhost.com to cancel their subscription are redirected to a screen where they are prompted to enter their mobile phone number, then given the option to run a program which is supposed to remove their subscription to the dating service.
When the run option is selected on the Web site, the executable adds several files to the host and changes registry settings to open a backdoor port and lower Windows security settings. The host file is modified to prevent the victim from browsing to popular anti-virus Web sites. The executable also turns the infected computer into a "zombie" network, which can be remotely controlled by the hackers.
For the alert link, here.
In case, you are like me and need clarification on some of the "technical terms," here are descriptions. New terms for computer fraud, such as "vishing" come about all the time and it's hard for the average person to keep up.
Wikipedia is probably the best (most up to date) reference (for new IT terms), I have found, thus far.
Malware is sometimes called crimeware and zombie networks (botnets) are known to be used by cybercriminals for nefarious purposes.
A keylogger could even be installed by visiting one of these "rogue websites." These programs record all the "keystrokes" on a computer and send them (electronically) to the person who installed them on a system. Keyloggers are actually legal and marketed as a means to spy on your loved ones, or anyone else. Criminals use them to record your access information to financial accounts and then steal the money out of them.
If you spot this activity - besides taking a deep breath and not following through with the request - the best thing to do is report it. You can report it to the Internet Crime Complaint Center (IC3), here.
The sad thing is that those of us who know - often just ignore the attempt - which leaves those of us (who don't know) vulnerable.
Tuesday, July 18, 2006
Of course using the telephone to rip-off people is nothing new. Telemarketing scams have been around for years.
The lures used to "dupe" innocent people are normally the same ones used in phishing, like telling you an account has been compromised. It's even possible they might already have some of your information (a lot of it has already been compromised) and be trying to get a credit card's CVC code, or obtain a password to an account.
According to a recent BBC article, the recent bouts with "vishing" started with spam e-mails directing someone to call a number, where they would be prompted to give up personal information. The scam has now mutated (they always do) and now people are being called by "autodialers," which dial number after number and leave a recorded message.
The rise in popularity of Voice over Internet Protocol (VoIP) is being cited by security experts as the reason why vishing is becoming a problem. VoIP has made calling long distance cheap, which means that vishing crosses borders; making it hard to trace and or prosecute.
The BBC article also states that it is relatively easy to spoof "caller-id" with VoIP. Security Focus recently did an article that supports this contention. In the article, a hacker easily showed the reporter how it was done.
For anyone unfamiliar with "spoofing caller id," fraudsters aren't the only ones who do it. In fact, many legitimate corporations use "caller id spoofing services" to trick people (my own words) into picking up the telephone.
For a post, I wrote about this, link here.
So far as how to protect yourself from this sort of scam, I would highly recommend that if you receive any telephone calls (or a e-communication to call a number) asking you to "verify" personal, or financial information that you take a "deep breath" before proceeding. Most of us have access to legitimate telephone numbers with places we do business with. The key to protecting yourself is to always verify who you are talking to and make sure they are entitled to the information in question.
And remember that since "vishing" is relatively new, financial institutions might now be the only organizations impersonated. The history of phishing tells us that sometimes government institutions are also impersonated. In the past couple of years, we have seen the IRS and even the FBI impersonated in phishing schemes. As a matter of fact in October, 2005 - I did a post on the Jury Duty Scam - where fraudsters (we might now term as "vishers") were calling up to verify personal information.
Maybe "vishing" isn't as new as we thought it was?
Monday, July 17, 2006
The good news is that the only loss was the "hooded jackets!"
For the full story on SFGate.com, link here.
In my opinion, Craig and Craigslist - who provide a "mostly" free service - have been extremely honest and proactive about protecting their "users" from crime.
Although, I could find nothing about this (new and frightening scam) - here is a link to their warnings about some of the scams attempted on their site. Hopefully this one will make their list soon.
The dangers of meeting someone that you have met only over the Internet have been well documented. Although primarily written in the context of "romance encounters," anyone meeting someone they meet on the Internet needs to be careful and verify (via a trusted source) who they are dealing with before proceeding.
For a resource from the University of Oklahoma (The Police Notebook), which covers this subject - link here.
I'll have to admit, I had never been exposed to the "Bid Reaper" before. I found the site to be extremely informative, and a "informative" read for anyone trying to navigate the "sometimes" murky waters of Internet auctions.
Bid Reaper's motto is - Telling "IT" like it is - and it details what is going wrong on eBay - right now.
I plan to continue my visits to "Bid Reaper" and highly recommend that anyone interested in protecting themselves on eBay - do so - also!
And the pictures (see above) are very "interesting," to say the least. The very vision of the "Bid Reaper" should instill fear in auction fraudsters - as well as - eBay's marketing department.
To visit the "Bid Reaper," click here.
Sunday, July 16, 2006
In an article by CNNMoney.com, here is what these security experts are saying:
Kidnappers, identity thieves and terrorists could all conceivably commit "contactless" crimes against victims who wouldn't know they've been violated until after the fact.
"The basic problem with RFID is surreptitious access to ID," said Bruce Schneier security technologist, author and chief technology officer of Counterpane Internet Security, a technology security consultancy. "The odds are zero that RFID passport technology won't be hackable."
For a link to the full story: click here.
And if we think "hackers" haven't already started "cracking" this technology, Wired Magazine recently wrote an expose on "The RFID Hacking Underground," which details how it's already being done. In the story, a hacker steals the details off an "access" card and gains entry into a (supposedly) secure building.
Taking too much of the "human element" out of security is dangerous. The "bad and the ugly" have proven this, time after time.
Quite frankly - on a personal level - this technology scares me. Here are some previous posts, I've written on RFID:
RFID, How Effective for the Long Term and What is the Cost?
RFID, A Necessary Evil; or an Invasion of Privacy?
RFID, Abuse in the Private Sector?
State Department is Taking Another Look at RFID
Friday, July 14, 2006
In a recent release from the IRS site:
The IRS saw an increase in complaints in recent weeks about these e-mails, which are designed to trick the recipients into disclosing personal and financial information that could be used to steal the recipients’ identity and financial assets.
“The IRS does not send out unsolicited e-mails asking for personal information,” said IRS Commissioner Mark W. Everson. “Don’t be taken in by these criminals.”
The IRS has seen a recent increase in these scams. Since November, 99 different scams have been identified, with 20 of those coming in June – the most since 40 were identified in March during the height of the filing season.
Many of these schemes originate outside the United States. To date, investigations by the Treasury Inspector General for Tax Administration have identified sites hosting more than two dozen IRS-related phishing scams. These scam Web sites have been located in many different countries, including Argentina, Aruba, Australia, Austria, Canada, Chile, China, England, Germany, Indonesia, Italy, Japan, Korea, Malaysia, Mexico, Poland, Singapore and Slovakia, as well as the United States.
If you get any of these e-mails, the IRS requests that you forward them to email@example.com. I highly recommend that you do so - the IRS seems to be actively investigating them.
For the full news release: Click Here.
Here is a story from SmartMoney.com about illegal immigrants using people's personal information.
In another vein, here is a story (released in March by the Washington Post) about how tax preparers are trying to "legally" sell information from people's tax returns.
Sadly enough, my personal belief that the current "identity theft" crisis has (in part) been spawned by the mass gathering of people's personal information for marketing purposes.
Tuesday, July 11, 2006
The problem is that anyone, who chooses to use their "free service," will become another "identity theft" statistic.
Here is the alert from Websense:
Websense® Security Labs™ has received reports of a new phishing attack that targets customers of Bank of America and various other banks. Users receive a spoofed email message, which claims that a new security program called SFN (Stop Fraud Now) has been launched. The program claims to provide protection against cloning of credit cards and asks users to provide details, such as Social Security Number, card number, and ATM Personal Identification Number (PIN). The message provides a link to a phishing website that requests users enter their personal information and account details.
The phishing site is hosted in Canada and was up at the time of this alert.
Bank of America' in collaboration with ALL the banks around the world which offers services of transactions through the internet and not only and several institutions against frauds launched a revolutionary program called SFN (Stop Fraud Now)'.
By registering on SFN your card is protected 99.99%. You probably wonder why we say that the chances of suffering a loss are 0. The moment you register you will receive a code which contains an international unique code (IUC). This code arrives to the bank which your card was released from. This way your card can't be cloned without knowing this code. Only the issuer bank can reproduce your card in case you loose it or has been stolen. Also you have many options from your account. On-line assistance through chat or virtual phoning (skype) non-stop and also the possibility of blocking your account through the push of a button anytime you find anything suspicious about it. You can unblock it as easy after solving the issues. Another helpful option you can find it in the internet Online section. There you have two buttons On-line and Off-line which allows y! ou to keep your card off-line for transactions and to active it only when you wish to shop or make a transaction. We guarantee it's a 100% efficient and secure program and monitored 24 hours a day, 365 days a year.
Click here <> to see the list of banks which support SFN program
Click here <> to visit our website for more informations!
JOIN NOW FOR MORE PROTECTION!Your card no longer can be cloned! Your card is monitored non-stop for a period of 356 days preventing suspicious transactions on the internet but also from the bancomat!
You have free assistance from our team anytime you're unclear about our services! Once you created your account you can set your card to on-line or off-line for internet transactions! This option offers you 100% ASSURANCE that ONLY YOU are able to use the card for online transactions!
The chances of being a victim of a material loss is 0.01% and in the case supposing our system didn't work at the efficiency we promised, we guarantee 100% that your money will be recovered!This service is offered by Bank of America in association with European Central Bank and National Australian Bank The project is of federal nature and is protected by the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). It is 100% FREE !
For more information about this program visit our website
Bank of America
Electronic Banking Services
P.O. Box 37000
San Francisco, CA 94137
For the full Websense alert, link here.
My fantasy is that the FBI reaches across the border to the RCMP (Royal Canadian Mounted Police) and takes this one down!
This isn't the first time, the cybercriminals have used the name of the FBI:
Monday, July 10, 2006
Thursday, July 06, 2006
This evening, I came across a story from the Online Journal: "New version of Nigerian phishing e-mail scam promises jobs, riches, poker and great lunches" - which is essentially calling "phishing" a Nigerian scam. After reading it, I started to understand why Nigerians might find some of this offensive. To read the article: Click Here.
This inspired me to do a little digging.
Since I've done a little research on phishing, I decided to refer to the Anti Phishing Working Group and their most recent report (May), which coincidentally reported a "all-time" record of recorded "phishing attempts."
Nigeria isn't even listed in their "top-ten."
According to the APWG:
"In May, Websense Security Labs saw a continuation of the top three countries hosing phishing websites. The United States remains the on the top of the list with 34.1%. The rest of the top 10 breakdown is as follows: China 15%, Republic of Korea 8.17%, France 3.94%, Germany 3.38%, Japan 2.65%, Malaysia 2.59%, Canada 2.37%, Italy 2.02%, and Brazil 1.7%."
If the APWG is correct - then how could phishing be called a Nigerian scam?
Advance fee - which is also referred to as 419 - has taken on many forms and is a worldwide problem. A lot of it originates in Europe, Canada and even the United States. Lottery scams - which are one form - seem to be coming from Canada, or Great Britain and Romance scams from Eastern Europe are a huge issue.
Recently one of the bogus tools, used in advance fee scams have been counterfeit, or altered money orders. People are tricked into cashing these items and wiring the money back to a "fraudster." According to the U.S. Postal Inspection Service - they are being produced (the counterfeit items) in Eastern Europe and West Africa. So far as the altered items - they seem to be produced in the U.S. Prison System and are used primarily in Romance Scams.
I did mention West Africa - but only as one source - and Nigeria is only one of the countries in West Africa. So far as the "other sources," we can look to points of origin that aren't even anywhere near Nigeria, including the United States.
Interestingly enough, what many term as "Nigerian Fraud," wasn't invented in Nigeria and can be traced back to 1588 AD - what what is known as the "Spanish Prisoner Letter."
Another fact - which many of us - fail to "recognize" is that Nigeria is doing something about their problems with fraud. In fact, some might argue that they are pursuing it more "aggresively" than in many of the other countries mentioned in this post.
In recent years, Nigeria has led a very public campaign against corruption within Nigeria. President Olusegun Obasanjo formed the Economic & Financial Crimes Commission (EFCC), which has been extremely aggressive in fighting fraud in Nigeria. Recently, they were taken off a money laundering "blacklist" and for a list of stories - where they have made an impact - link, here.
There is little doubt that Nigeria realizes it has a fraud problem and that there are "good guys" over there fighting the "good fight."
They key to winning the war is for the "good guys" to work together and go after those who are bad.
So far as the rest of us - the next time we run across a scam on the Internet - perhaps we should take a deeper look at it's point of origin. Not only is it unfair to blame the world's fraud problem on Nigeria, but it confuses efforts to bring forth resolution.
Tuesday, July 04, 2006
If it's too good to be true, it probably isn't.
Recently, the FTC (Federal Trade Commission) and the Postal Inspection Service went after some of these "services." Here is a quote from a recent FTC press release:
“Credit repair schemes are a big problem for consumers,” said Eileen Harrington, Deputy Director of the FTC’s Bureau of Consumer Protection. “Credit repair promoters generally charge hundreds of dollars, but don’t deliver on their claims. The fact is, they can’t. No one can legally remove accurate and timely information from your credit report.”
Here are some recommendations from the FTC on how to avoid these schemes:
- Avoid any company that wants you to pay for credit repair services before they provide any services. It is against the law.
- Avoid any credit repair company that will not tell you your legal rights and what you can do, yourself, for free.
- Avoid any credit repair company that tells you not to contact a credit reporting company directly.
- Avoid any credit repair company that advises you to dispute all of the information in your credit report.
- Avoid any company that suggests creating a “new” credit identity – and then, a new credit report – by applying for an Employer Identification Number to use instead of your Social Security number. That is against the law. If you follow illegal advice and commit fraud, you also may be subject to prosecution.
To sum up the FTC's intent in the recent efforts to stop this:“We have two goals with this announcement,” Harrington said. “One is very specific. It is to stop Bad Credit B Gone’s deceptive practices, and force them to return their ill-gotten gains to consumers. The other is broad. It is to put other credit repair firms on notice that we are on the beat, and it is to alert consumers that there is absolutely no reason to pay for credit repair – ever. Despite their claims, there is nothing that any credit repair firm can do for you for a fee that you cannot do for yourself at little or no cost.”
If someone was trying to repair their finances "at little, or not cost," the FTC has a page with all the details - including people's legal rights.
If you think someone has - or is trying to scam you - file a complaint, here.
Monday, July 03, 2006
In her own words:
"Goods that are damaged, counterfeit, don't match what was advertised or are never delivered remain a persistent problem for eBay and its customers -- even though the numbers represent a relatively small fraction of transactions on the Web site. How big a problem is unclear. EBay Inc. does not disclose specific totals."
She interviewed Ina Steiner of Auction Bytes, who clarifies this; despite eBay claims to the contrary:
"Ina Steiner, editor of AuctionBytes, an online newsletter that follows eBay and other electronic auction sites, said the estimate does not include many unresolved disputes that exceed the company's time limits for consideration or were not counted for other procedural reasons. It also does not include cases in which customers persuade their credit card company to cancel the charge. And Steiner points out that by comparing confirmed cases of fraud with the number of goods listed rather than the number of actual sales, eBay makes the percentage seem smaller."
In 2005, the NCL (National Consumers League) listed auction fraud as the most prevalent type on the Internet. Interestingly enough, eBay removed the link from their site to them (which tabulated the complaints) so the percentage might be higher than they reported.
For the full story - which contains some excellent tips on how to protect yourself on eBay - here is the link.
For a new service, which protects buyers and sellers on eBay:
buySAFE Protects it's Customers from Fraud on eBay
Sunday, July 02, 2006
Mexican Organized Crime Ring is Mass Producing Fake Documents - and Considers Terrorism an American Problem
And this problem could go beyond illegal immigrants having the means to blend in our society, several of the 9-11 terrorists entered the country using forged documents.
If what she is saying is true, this organized crime ring could threaten all of us.
From the Daily Bulletin:
Suad Leija has many secrets.
The stepdaughter of Manuel Leija-Sanchez -- a key figure in what federal authorities believe is a document fraud organization run by the Castorena and Leija-Sanchez families -- has been in hiding and on the run from her own family.
To help U.S. authorities crack down on document fraud, human smuggling and a host of other international crimes, she has revealed her family business, identified relatives and shed light on a series of national security failures.
Fraudulent documents allegedly produced by the families include Social Security cards, driver's licenses, passports, hazardous materials licenses, utility bills and a variety of other forms of identification. To one degree or another, all can be used to board aircraft, transport dangerous materials, earn employment at secure government facilities, and otherwise help illegal immigrants blend into the fabric of American life.
And here is a scary thought about how their "business" might enable a terrorist to cross the border:
During the visit, Suad and her husband met with Natividad and her uncle, Juan Luis Echeveste, who is Natividad's bodyguard. She asked what would happen if the family's fake documents ever fell into the hands of a terrorist trying to enter the U.S.
The answer was frightening, Suad said.
My grandfather said, "Terrorism is an American problem, not a Mexican problem."
Organized crime groups are working together and Suad confirmed this when she said:
"I told (the congressmen) about Pedro and my stepfather, and how they worked together in the cartel,'' Suad said. "I told them about my family and their connections to the Russians, Polish people and the possible threat they pose to this country.''
Of note, many law enforcement experts speculate that the Eastern Europeans are the main players in "computer crimes," which has led to a record amount of "identities" being stolen. If this is the case, the relationship would seem to "mutually advantageous."
For the full story by the Daily Bulletin: Click Here
I written about this before and I'll say it again - I'm not against human beings trying to better themselves - but we can no longer allow criminals to control our borders! After reading this, it's no wonder we are facing an "identity theft crisis" when you consider where they must be getting the information to produce the fake documents.
Unfortunately, the "identity theft crisis" is minor in comparison to the potential of this activity giving terrorists the means to enter the country and murder Americans.
They are a "clear and present danger" to our citizens and should be dealt with, accordingly.
Here is a report by the Los Angeles Grand Jury, which estimated that LA County is losing half a billion dollars a year in fraud in their child care (Back to Work) program.
And if it's this bad in LA, I wonder how much we are losing nationwide? If I'm not mistaken, every State in the Union is running one of these programs.
Here are the findings, directly from the most recent LA Grand Jury report:
MILLIONS OF TAX DOLLARS LOST TO CHILD CARE
Millions of tax dollars have been lost to fraud from child care funds allocated by the State of California and administered by the County of Los Angeles Department of Public Social Services (DPSS) in a program entitled California Work Opportunity and Responsibility to Kids (CalWORKS). As currently administered, the program is equivalent to an ATM for thieves. Our research included previous civil grand jury reports, audits, contracts, other documents, and interviews with over 100 individuals involved in the CalWORKS program.
This 2005-2006 County of Los Angeles Civil Grand Jury investigation revealed:
Only 28% of the children placed with license-exempt child care providers were verified as present with their child care provider, according to the April 2005 California Department of Education (CDE) Error Rate Study Report.
Forty-nine (49) individuals who cheated the CalWORKS child care program of $3,421,578, between September 2004 and February 2006, have been successfully prosecuted by the County of Los Angeles District Attorney.
DATE DISPOSITION AMOUNT
September 9, 2004 13 convictions $925,000
December 9, 2004 12 convictions $500,000
January 26, 2006 10 convictions $1,200,000
February 23, 2006 14 convictions $796,578
Up to 50% of the more than one billion dollar CalWORKS program may be lost due to fraud and poor oversight as estimated by several of the DPSS personnel.
The 2005-2006 County of Los Angeles Civil Grand Jury recommends that DPSS require verification in each step of the CalWORKS process to ensure that parents have the work opportunity intended, that children are cared for in healthy, safe environments while their parents are working, and that tax dollars are used as authorized. Our study shows that child care welfare fraud is a continuing burden on the taxpayer. There is an urgent need for prompt and thorough implementation of our recommendation.
For a link to the full report: Click Here
The report likened the program to an "ATM for thieves." Sadly enough, we've seen a lot of fraud uncovered in "entitlement" programs this year and this will ultimately hurt those who are "truly needy." I say not only go after the thieves, but also go after the people in charge of administering these programs. If fraud is this rampant - someone needs to "inspect the inspectors."
If the civil servants running these programs did this at a "private company," the company would go broke if they were allowed to continue. Before this happened - unless those in control of the company were insane - they would be fired.
The standard should be no less for those in charge of spending "public funds!"
A recent press release from BuySAFE said:
(www.buysafe.com), the leading online trust and safety company for e-commerce transactions, today launched the first service that enables Retail Websites to display a meaningful trust signal (the buySAFE Seal) backed with a broad guarantee. Merchants who qualify to use the buySAFE Seal have passed the buySAFE Business Inspection, which ensures the merchant is trustworthy, reliable and committed to delivering on the terms of the sale. These retailers can then display the buySAFE Seal on item listings, which tells consumers the transaction is guaranteed with a surety bond of up to $25,000. Additionally, all buySAFE Bonded Sellers agree to allow buySAFE to continuously monitor their performance. This ensures a virtually risk-free shopping experience.
For the full press release link, here.
In a follow-up press release, buySAFE did an impact study:
The study analyzed 1.6 million item listings from 188 Internet retailers.
- the visitor-to-buyer conversion rate of Bonded Items was 2.1 percent higher than that of non-Bonded items
- Bonded Items received 4.7 percent higher prices than non-Bonded items
- Overall, using buySAFE increased revenues by 6.8 percent
- buySAFE impacted both high and low-end product sales. For example, in the high-end jewelry category, Bonded Items saw the average sales price increase 40 percent. In the lower-end camera and photography accessory category, Bonded Items saw an increase in the average sales price of nine percent.
This study would indicate to me that the greatest increase in sales corresponds with the types of merchandise that are considered "desirable" to criminals, or items that are easily sold, elsewhere.
These are some pretty impressive statistics and when I spoke with Rob Caskey, I asked him for proof that buySAFE actually made good on their claims. The reason I did this is that - eBay claims to provide protection - and I've read a lot of "horror" stories of how frustrating it can be to file a claim.
Rob (Caskey) directed me to a recent story in BusinessWeek.com by Rob Hoff. In his own words, he said:
That said, I'm pretty satisfied now, because I just got a check from buySAFE, the company that offers bonding to online merchants--including Glacier Bay. Essentially, it's a reimbursement for what I paid. Although eBay's feedback system has worked amazingly well, at least for me, clearly it didn't work in this particular case, and I'm sure others like it. I had never paid much attention to that buySAFE seal, but you can bet I will on future auctions.
AuctionBytes (Ina Steiner), also did a story on this.
I've written about the individual (human) frustration of victims on eBay and often commented that they needed to get their act together. Now market forces are beginning to fill the "niche" that they have failed to provide.
Here are some previous posts, I've written about fraud on eBay:
Saturday, July 01, 2006
"I wish we could be perfect. Human existence is not perfect, but I can tell you it is a very small proportion, and there is nothing more important than finding those few bad apples and throwing them out of the barrel."
I had considered writing a post about this mid-level manager, then it occurred to me that Mr. Chertoff was correct (from a global perspective) and that - from a security standpoint - there is nothing more important than throwing those "bad apples" out of the barrel.
"Bad apples" don't only exist in "Homeland Security," and although someone getting caught there makes good "press," we have bigger problems out there that need to be dealt with.
One of the biggest threats, we face today is rogue nations obtaining nuclear capabilities. AQ Khan, who developed nuclear weapons for Pakistan, admitted selling secrets to North Korea, Libya and Iran. Many believe that he obtained a lot of his knowledge from the Chinese, who were caught stealing nuclear secrets from us during the Clinton Administration, Online NewsHour: Spies Among Us -- June 9, 1999."
And there is evidence that the Chinese actively seek to plant insiders to steal information. Here is a previous post, I wrote about that.
If any of this is true, we are still being damaged as a result of "insider" problems from the 90's. Two of the biggest threats to world peace today are Iran and North Korea and their "nuclear ambitions."
Insider problems exist at all levels - and are a favorite means for rogue governments, foreign businesses, criminals and terrorist organizations to defeat any and all security measures.
Ira Winkler of the National Computer Security Association wrote:
The Federal Bureau of Investigation estimates that U.S. Corporations lose $100 Billion annually due to industrial espionage. While many people believe that the espionage is committed by well financed organizations that can only be stopped by national agencies, that is very incorrect. Industrial espionage usually exploits simple and very preventable vulnerabilities to produce tremendous results.
The theft of sensitive information from U.S. corporations is the goal for many foreign nations and companies. Adversaries do not care about what form the information takes. Whether information is in electronic format or is thrown away in the trash, it is irrelevant as long as the information is compromised.
Industrial spies know how to bypass any strong part of a security program to attack an organization at it's weakest point.
For Mr. Winkler's full analysis, link here.
Mr. Winkler's analysis brings up some very valid points and scary insights. The people who engage in insider theft will use any and all means to accomplish their goals. Look at all the major breaches that have been caused by a laptop being left unsecured?
Perhaps, I got off topic, but my vote is that we move on and forget this mid-level manager. Homeland Security has bigger fish to fry and the fact that he was caught indicates that they are willing to clean up their own backyard. After all, there are a lot of other backyards out there that probably need to be cleaned up and this is where our focus should lie.