Saturday, July 02, 2005

Investigating Fraud

Investigating computer crimes poses many problems for law enforcement. It isn't easy to investigate crimes that cross jurisdictions and borders, especially given how rapidly technology is advancing.

In the recent CardSystems case, it is still unknown whether the stolen information is being used, although there is a report out of Japan that about 1 million dollars in fraudulent credit card charges may be linked to it. Of course, CardSystems isn't commenting.

The point of compromise could very well be an insider, or an insider planted by organized crime. Recently, a case was solved at Teledata Communications Inc., where an insider at their help desk, who had access to banking information was responsible for causing 50-100 million in losses. Insider involvement in these scams is a common denominator. Here is a recent post, I did.

Congress is planning to look into this problem as the public becomes increasingly frustrated. Senator Bill Nelson (Democrat-Florida) and some of his peers have asked for a study about how terrorists could use information obtained in these data intrusions.

Choice Point, a data broker who was compromised, has recently stated they will not give out sensitive personal information unless it is requested by the person, or a government entity. Hopefully other data brokers will tighten restrictions also, but the fact remains that a lot of this information can be freely obtained through the internet and or via software programs that are marketed as a means of conducting your own personal investigations.

Laws must be enacted to protect the innocent, awareness raised and resources allocated to go after the criminals. You can take action by writing your political representative and reporting any potential crimes to the appropriate authority. All too often, we fail to do this when an obvious scam crosses our path.

Thursday, June 30, 2005

IBM States Phishing Increases 300 Percent in April

IBM is saying that phishing attacks rose 300 percent in the month of May, which passed the most recent record in January. 9.1 million e-mails were detected in May, three times the 2.8 million discovered in April.

Most of these attacks are carried out by software robots, which as also known as bots. Fraud e-mails imbed a program on a computer, which is under the control of another site that attempts to steal personal information.

Phishing is a form of online fraud using e-mail. Fraudsters attempt to dupe people into providing personal information. The information can be used in identity theft, or sometimes financial information from people's accounts is phished to be used in fraud schemes.

Many of these schemes are suspected to be done by organized gangs. For more information on this please read a previous post.

For more information, click on the title of this post. Phishing can be researched further by using the keyword phishing in the search box at the top. Contained in some of these posts are direct links to resources to protect yourself from this growing menace.

Tuesday, June 28, 2005

Aftermath of the CardSystems Data Breach

A lot of people are saying that many of these large scale data intrustions are only now coming to light because of a law requiring disclosure that was passed in California last year. I've always said that awareness and action, both legal and political is what is needed to stop a crime that claims almost 9 million victims a year. There are some refreshing signs that this is beginning to happen.

Here is an article from the AP passed on by MSNBC about the attorneys general of 44 states demanding more information. This would include exactly how the intrusion occurred and whom on a personal level is at risk.

Here is another article via Yahoo news about a law firm based in San Rafael, California that is filing a class action law suit in behalf of California victims.

It is the individual, who has up until now been forced to bear the brunt of this criminal activity. All too often, I suspect that large corporations ignore the damage this does to the individual and pass their own costs of fraud on by charging higher prices for their goods and servives. The time is now for large corporations to become the solution by protecting their customers. Disclosure laws will help us (the consumer) make make intelligent choices on who to give our business.

Sunday, June 26, 2005

Organized Fraud Gangs

With the advent of the internet, fraud has become increasingly more global. There is evidence that there are major organized groups (gangs) running a lot of the frequently mutating financial scams. Recently, we have seen fairly high quality counterfeit money orders, cashier's checks and washed counterfeit bills indicating a fairly high level of sophisitication. We have also seen increased sophistication in phishing and pharming scams and repetitive large scale data intrusions, where both personal information and financial instruments (credit card numbers) were compromised.

The known players in these enterprises are the Russians, Nigerians, Asian, Armenian and Mexican organizations. As stated in my previous post, many of these groups plant people in organizations to skim financial and personal information. Although in some instances, these plants perform scams within the organization they infiltrate, more often than not, they merely skim information to be used in outside fraud scams that might even be committed in a different country.

Recently, there has been a tendency to see the various groups work in collusion with each other. For instance, counterfeit Postal Money Orders, have been traced to being produced in both Nigeria and Eastern Europe. Traditionally, counterfeiting was a primary function of the Asian gangs. 419 (Advance Fee) scams are now as likely to originate in Russia and Eastern Europe in what was traditionally a Nigerian scam.

Quite often, both personal information and counterfeit financial instruments are being produced by one organization and passed by another. Information and instruments are also often sold. When the Advance Fee scam mutated into the Auction Scam, it was difficult to prosecute because many of the people passing the counterfeit instruments were considered innocent victims. In a further mutation of this scam, people are merely pretending to be victims, obtaining the instruments and attempting to negotiate them. Recently, in the news, the Postal Inspection Service arrested numerous people for doing this.

Although not known, it makes one wonder if these groups could also be doing business with terrorist organizations.

Most of the groups are involved in a lot of activities, including drug trafficking, extortion, murder and white slavery. Interestingly enough, they consider the fraud schemes as the safest because they carry light penalties and there is less chance of getting caught.

Although, most of these groups work in collusion (network) with other groups, within their parent organizations, they maintain ethnic purity within their own ranks. This makes it extremely difficult to infiltrate these organizations.

In light of recent events and the ever growing bill that these people are causing, we can no longer afford ignore this activity. Proactive measures must be taken to combat this menace and we must realize that it is no longer contained within national boundaries. Should we fail to act, we might find that this menace will destroy the way we know society today.

Here is a link to a previous post on legislation to increase the penalties on these crimes. There are links to political representatives in both the US and UK. Write them and show support.