Saturday, June 24, 2006

Ron Gonzales, Another Politician Accused of Fraud

It seems that politicians getting caught with their "hands in the cookie jar" is becoming a huge problem. To add to the growing list, the Associated Press is reporting:

Mayor Ron Gonzales was booked on fraud, bribery and conspiracy charges Thursday following a grand jury probe into a secretly negotiated garbage contract that cost taxpayers more than $11 million.

Gonzales was released on a $50,000 bond after being indicted on six counts. He denied any wrongdoing and rejected calls to step down.

"At this point, Mayor Gonzales is committed to completing his term," deputy chief of staff Deborah Herron said.

Here is the report from the Associated Press, courtesy of Yahoo News.

Although Mayor Gonzales claims he received no personal benefit from this deal - a prudent person is going to wonder what his true motivation was? This deal was designed to benefit a "few" at the cost of "many."

Mayor Gonzales may join other notable public figures, such as Congressman Jefferson, Randy "Duke" Cunningham and Tom Delay in what is becoming an "exclusive" club of former political figures being accused, or convicted of fraud.

This is a sad commentary on the state of politics today.

In fact, the problem seems to be so bad that the FBI recently added a page, where the public can report fraud in government. Sadly enough - with the amount of scandals surfacing - it is probably a prudent move on their part.

Here is a previous post, I wrote on that with a link to the page:

FBI Site to Report Corrupt Civil Servants

Here is another post, I wrote on the recent scandal involving Congressman Jefferson:

Is the Latest Congressional Scandal a Nigerian Fraud

Friday, June 23, 2006

Congress Votes to Compensate Veterans for Identity Theft

Congress is voting to provide compensation for the 26.5 million veterans who have had their identities compromised.

United Press International is reporting:

"The Judiciary Committee of the U.S. House of Representatives took a step Wednesday toward compensating veterans who might be victims of identity theft because of the loss of millions of Veterans Affairs Department personnel records, CongressDaily reported Thursday."

"On a voice vote, the committee approved the legislation, clearing the way for likely House approval next week. The bill was in response to the theft of a laptop computer reportedly holding the files of 26.5 million veterans from the Maryland home of a Veteran Affairs employee."

"An Office of Veterans Identity Protection Claims would be established to process claims of veterans who might have their identities stolen by thieves who steal money or run up credit card bills, the report said."

Here is the report from United Press International.

Meanwhile, the government is having additional problems with information being stolen. As I wrote in my last post, the FTC (Federal Trade Commission) lost two laptops and it's being reported that the USDA might have had 26,000 people compromised when their computers were hacked.

Data breaches are nothing new, but perhaps now that they have "hit home," Congress will finally enact long awaited legislation to address the rash of data thefts that have occurred in recent years.

The legislation seems to have been "delayed" by special interest groups that have the intent of "watering down" the proposed legislation to the point, where many feel it wouldn't be very effective.

Here is a previous post, I wrote about this:

Congress Tries to Silence Identity Theft Initiatives

If you don't want to see the legislation "watered down," here is a link where you can write your representative and let them know how you feel.

The bottom line is that laws need to protect people and not special interests, where the motivation to "water down" legislation is purely financial.

Of course, a more "holistic" approach would probably impact this problem in a positive manner. Here are some thoughts on that:

Are We Addressing Cyber Crime from the Wrong End

FTC Loses Laptops - Compromises Information of Suspected Fraudsters

The Federal Trade Commission is reporting that one of their attorneys lost two laptops - stolen from a car - which contained sensitive information on people being targeted for investigation.

As reported from the Associated Press:

The car theft occurred about 10 days ago and managers were immediately notified.

Many of the people whose data were compromised were being investigated for possible fraud and identity theft, said Joel Winston, associate director of the FTC's Division of Privacy and Identity Theft Protection.

Here is the report from the AP, courtesy of Fox News.

There are some interesting resources from Fox on how to protect yourself from becoming a victim from what some consider is rapidly becoming an epidemic.

Fox's Identity Theft Center

Fox's Cyber Security Center

Fox's Crime Center

The AP article also lists a lot of the recent data breaches, we seem to see (far too often). Here is another resource from the Privacy Rights Organization on the almost weekly breaches. You can view their chronology, here.

The real "kicker" for me is that the FTC now plans to provide these suspected "fraudsters" with identity theft monitoring!

Here is a previous post, I wrote after the Veteran's Administration compromised 26.5 million veterans by losing a laptop:

The VA Data Breach is a Symptom of a Bigger Problem

Monday, June 19, 2006

Soccer (Football) Fans Killed by Teenagers Spoof Downloads Trojan

Websense is reporting that a spoof e-mail - which lures it's victims with the headline "Teenagers Kill Soccer Fans" - has a Trojan Horse downloader hidden in it.

Here is the alert from Websense:

Websense® Security Labs™ has reports of a new email that is spoofed as a story about a group of soccer fans that have been killed by teenagers. The email includes the subject: "soccer fans killed by 5 teens" and includes an attachment called "soccer_fans.jpg.exe".

If the attachment is run, a Trojan Horse downloader connects to a website that is hosted in the United States and was up at the time of this alert. The filename downloaded is called "dianaimag.exe". When that file runs, it attempts to disable Microsoft's Firewall and then visit another website to download code.

Both sites are hosting adult content and may have been compromised, or may part of the authoring of the malicious code.

For the alert from Websense, link here.

This is an obvious attempt to take advantage of the World Cup, which is going on right now. The funny thing is that since they used the term "soccer," the spoof will lose meaning in most of the countries where it is the most popular. I guess these criminals aren't as smart as they think they are:)

Diary of an Identity Theft Victim

I came upon an interesting series of blog posts by Julie O'Brady on her experience of becoming a statistic (one of 9 million according to the FTC) of identity theft.

Julie recounts the "trail of tears" a victim experiences - from discovery of the problem to finally clearing her financial name - and documents it in a series of posts.

In Julie's own words, here is her summary:

The months of June and July, 2005 meant that each day for me was back to Square One with my own personal investigation; i.e. doing research online, contacting every possible authority I could, and then working with the attorney general, private investigator, police detective, and finally postal inspector. I took it upon myself to prepare extensive documentation that I updated and shared with all the authorities and agencies working on the investigations.

To my knowledge, at the very least, the 2 suspects were apprehended by the senior inspector and another victim was identified and quite possibly spared the victimization of the Nigerians.The 2 suspects were college age students who had already secured fake IDs; were picking up lots of merchandise through the drop box; had been selling the merchandise on eBay and other auction sites; and then sending proceeds to the Nigerians who recruited them!

Here again - as Julie has aptly highlighted - only through a lot of "tenacity" was she finally able to get help from a postal inspector - who was able to catch two (possibly more) of the "growing army of Internet recruits" that more organized entities use to do their dirty work.

This highlights why greater efforts need to be made to go after the root sources of crime on the Internet. Since many of the recruits claim to be victims - all too often - there is no prosecution and since the "recruiters" are normally overseas, little is done from a legal standpoint.

Julie did take the time to write about this - and more importantly - didn't give up, which makes her worth of admiration. She also has put together a series of resources to help others.

For Julie's entire story, link here.

Here are some other examples, where organized entities use recruits (dupes) to commit crimes for them:

Cyber Gangs Luring Children to Launder Money

BBB Worker Takes Job Processing Fraudulent eBay Transactions