Saturday, December 29, 2007

Will you be the next person arrested after a criminal borrows your identity?

With new Social Security verification laws on the horizon, up to 20 million illegal aliens are probably will have to come up with a legitimate identity in order to remain employed.

Up until now, anyone has been able to make up a number and pass it off with false identification. DHS (Department of Homeland Security) was supposed to begin going after businesses that employed people with "no match social security numbers" in September, but a law suit has temporarily blocked them from implementing the process.

Interestingly enough, one of the arguments is that Social Security records aren't accurate enough to ensure mistakes won't be made. This is probably a "no brainer" defense with all the fraud that exists with social security numbers.

Given that a lot of illegal immigrants look Hispanic, a lot of them will probably seek out legitimate identities of U.S. citizens with Hispanic surnames.

Hidden within the camoflauge that illegal immigration creates is a lot of criminal activity. When another person's identity is used to commit a crime, there is a potential that they are going to face more than financial problems after becoming a victim.

Here is a scary story -- possibly a premonition of things to come -- of a senior U.S. citizen, who obviously had his identity stolen by a criminal. The story also reveal why relying on social security numbers to identify people might lead to mistakes being made.

Eloisa Ruano Gonzalez of the Yakima Herald-Republic wrote:

It seemed like a bad dream when 72-year-old retiree Rafael "Ralph" Franco woke up to a loud pounding on his front door, opened it, and found four federal agents waiting to seize him.

The longtime Yakima resident was arrested about 6 a.m. on Nov. 28 at his South Second Street apartment. Immigration officers believed that Franco, a U.S. citizen, was an undocumented immigrant convicted of several alcohol- and weapon-related crimes.

Of course, Hispanic identities aren't the only ones used by criminals. In fact, there are more and more reports of innocent people being charged with crimes after a criminal assumes their identity, commits crimes and disappears into the mist after making bail or being released because the jail is full.

The issue of people wrongfully getting arrested because they are suspected of illegal immigration is probably only one small part of the overall problem.

Stealing personal and financial information and putting it on counterfeit documents has become an organized activity. I was recently in the Mission District of the sanctuary city of San Francisco and full sets were being offered, along with a variety of drugs for as little as $200.00. A full set is normally a drivers license, Social Security and green card.

Please note, I've personally seen this activity in other cities besides San Francisco. It's pretty much out in the open and little to nothing seems to be done about it.

Suad Leija -- the stepdaughter of the "Jefe" of an organized counterfeiting cartel --recently provided evidence to the government that counterfeiting documents is an extremely organized enterprise, which operates across the entire United States.

One of the more ironic things Suad was able to show the government was proof of her Uncle serving a prison sentence in Texas under an assumed name.

There is also considerable evidence that hackers have already stolen millions (billions?) of people's information and sell it pretty openly in anonymous Internet venues.

Put these two organized activities together and they will likely easily defeat any legislation requiring Social Security numbers to match.

I started this post with an observation about Hispanic identities being targeted, but the truth of the matter is that the 20 million or so illegal immigrants seeking legitimate identities is only one small part of a bigger problem. Even if the problem were simply related to illegal immigration -- people of Hispanic origin aren't the only ones crossing our borders illegally.

Figuring out exactly what country an illegal immigrant came from is difficult. Most of them aren't likely to reveal very many personal details. I was able to find a rather outdated study from that reveal some old statistics on the matter:

In October 1996, 15 countries were each the source of 40,000 or more undocumented immigrants (See Table 1). The top five countries are geographically close to the United States--Mexico, El Salvador, Guatemala, Canada, and Haiti. Of the top 15 countries, only the Philippines, Poland, and Pakistan are outside the Western Hemisphere. The estimated undocumented population from Poland has declined by more than 25 percent, from 95,000 to 70,000, since 1988, possibly reflecting changed conditions in that country over the last several years.
Sara Carter of the Washington Times did an article in August about a report she saw from the DEA (Drug Enforcement Administration) that people of Middle Eastern/South Asian descent were posing as Hispanics. The article alleged that a partnership was being formed by something they have in common, or trafficking narcotics.

Even with NATO having boots on the ground in Afghanistan, opium production is at an all time high. Most of this is allegedly being bought by the Taliban, who now seem to operate pretty freely from the tribal areas in Pakistan.

Criminals trafficking narcotics aren't the only ones using false identities. In fact, more and more, the use of false (other people's) identities is being used to facilitate all kinds of criminal activity.

Identity theft may very become the great facilitator (enabler) of more and more crime. If criminals are able to get away with using someone else's identity, we are going to see a lot of more people victimized.

As long as we continue to consider identity theft a "low priority issue," it will continue to grow and multiply like a cancer.

The bottom line is that until we start addressing the factors that make enable stealing and using information too easy, we aren't going to fix the problem.

Doing this is going to take the cooperation of everyone from the average citizen to executive types in major corporations and our leaders in government.

Yakima Herald-Republic story, here.

Thursday, December 27, 2007

Symantec awarded $21 million award against Chinese Software Pirates

On Christmas Eve, Symantec announced a legal victory against Chinese pirates selling their cloned software at super cheap prices.

Please note, I stole the super cheap description from Symantec's video called, The 12 days of Christmas Spam." The super cheap tag can either refer to price, or the quality of counterfeit software (personal thought).

From the press release:

Symantec Corp. (NASDAQ: SYMC) today announced that it was awarded $21 million in damages against a large network of distributors selling counterfeit Symantec software.

The judgments were handed down by the United States District Court for the Central District of California in Los Angeles, CA in favor of Symantec against ANYI, SILI Inc., Mark Ma, Mike Lee, John Zhang, Yee Sha, and related defendants.

"Our customers are the real winners as a result of this case," said Scott Minden, director, Symantec Legal department. "A judgment like this is a crippling blow against these particular syndicates and will drive them even further underground, making it more difficult for them to sell directly to unsuspecting users. It complicates their ability to operate behind the guise as legitimate businesses."
The investigation conducted by Symantec in collusion with the FBI and Chinese authorities also led to some criminal charges being filed in China.

It appears that this particular case involved pirated software being made to appear as if it was the real deal. According to industry experts, the counterfeiting problem has increased 10,000 percent in recent history.

The software industry alone estimates it loses $40 billion a year because of pirated software. I wonder how many jobs this equates to?

Pirated (super cheap software) is also hawked via the millions (billions?) of spam e-mails attacking our in boxes in record amounts. Recently, Symantec issued a report based on the spam data they monitor revealing that over the current holiday season 71percent of all e-mail sent is spam.

Counterfeit software also can contain malware (malicious software), which can lead to your system becoming a zombie (part of a botnet to facilitate more spam) and even steal your personal and financial details. These details are then used to steal money either from you directly, or to steal money from financial institutions.

I'm sometimes amazed how a lot of current criminal activity ties in together via the digital world. All the average person needs to do is to watch all the spam messages they get and consider all the different schemes that are behind them. The schemes are nothing new, but the digital age has enabled criminals to reach out to more people than ever before.

Either this is occurring naturally, or someone pretty organized people are running operations along the lines of major corporations?

Besides the more personal dangers of buying pirated software, there is a lot of evidence the activity is making a lot of money for organized crime, rogue governments and terrorist groups, alike.

Press release from Symantec, here.

Tuesday, December 25, 2007

Storm Worm bot-herders use scantily clad women in Santa attire to recruit zombies!

Here is a warning from Dancho Danchev about a site that might leave your computer with a worm.

The site invites a person to watch a bunch of scantily clad women in Santa attire for "free."

From the Mindstreams of Information blog:

Stormy Wormy is back in the game on the top of Xmas eve, enticing the end users with a special Xmas strip show for those who dare to download the binary. The domain is logically in a fast-flux, here are some more details :

Administrative, Technical Contact
Contact Name: John A Cortas
Contact Organization: John A Cortas
Contact Street1: Green st 322, fl.10
Contact City: Toronto
Contact Postal Code: 12345
Contact Country: CA
Contact Phone: +1 435 2312633
Contact E-mail: cortas2008 @

In case you are less than technically astute (a lot of us are) the storm worm has been around for awhile. Wikipedia offers a good explanation of how it will trash a Windows system, here.

Downloading it normally leads to your computer becoming a spam spewing zombie controlled by a bot-herder. Of course, becoming infected also poses certain information theft risks, also.

Full post from Dancho, here.

(Screen shot courtesy of the Mindstreams of Information blog)


Found some more information on this on the SANS Internet Storm Center, which can be seen, here.

And apparently some splogs have been set up on blogspot to support this current storm on the Internet:

If you google for you'll see a number of spam blogs set up with that domain in their body and directing traffic to (take a look for that in your proxy logs while you're at it.)

Visiting will redirect you over to and attempt to install a fake video codec, which itself appears to be a downloader to deliver more coal to your stocking.
IT also appears that the hackers behind this are moving on to New Years lures and a new domain.

Shortly before 1600 GMT 25-DEC-2007 we got a report indicating that the Storm Botnet was sending out another wave of attempts to enlist new members. This version is a New Years-themed e-card directing victims to "uhave post" (spaces inserted to break the URL) NOTE: Please do not blindly go to this URL -- there is malware behind it.

Also reported SANS Internet Report Center, here.

Sunday, December 23, 2007

Could buying that knock-off item fund the next terrorist attack?

While this story is from a British perspective, it reveals how the trade in counterfeit (knock-off) merchandise is funding some pretty nasty characters beyond the borders of the British Isles.

Richard Elias recently revealed in Scotland on Sunday:

The sale of fake CDs, DVDs, clothing and perfumes in Glasgow and other British cities is helping to raise money for one of the world's most-notorious terror outfits – the group held responsible for the slaughter of US journalist Daniel Pearl in 2002.

MI5 is now targeting British-based supporters of Jaish-e-Mohammed (JeM), a pro-Kashmiri group dedicated to gaining the disputed territory its independence. Its aims include the "destruction" of the United States and India.

This isn't the first time the words terrorist organization and counterfeit merchandise have been used in the same sentence. And in reality, the problem goes far beyond the borders of the United Kingdom.

A good video about the counterfeit problem by KRQE in New Mexico is posted on YouTube, which can be seen, here.

The video references a report by the IACC (Internation Anticounterfeiting Coalition). The IAAC stated in a white paper that:

Low risk of prosecution and enormous profit potential have made criminal counterfeiting an attractive enterprise for organized crime groups. Congress recognized organize crime’s increasing role in the theft of intellectual property when it made trademark counterfeiting and copyright piracy predicate acts under the federal RICO statute (see 18 U.S.C. § 1961). Recently, ties have been established between counterfeiting and terrorist organizations who use the sale of fake goods to raise and launder money.

Counterfeiting is becoming a worldwide problem that poses a threat to the economy and public safety. Unfortunately, a lot of people view it as a victimless crime and continue to support it by purchasing knock-off merchandise.

If you take the time to read the IAAC White Paper, it also reveals that a lot of countries that we do business with in the global economy are some of the biggest culprits.

And the biggest offender seems to be China!

This should be no surprise considering the amount of unsafe product being found at your local store coming from that country.

While there are obviously more players in all of this than terrorist organizations, supporting any of them with our business isn't in the public's best interests.

IAAC White Paper, here.

Scotland on Sunday story, here.

Are Internet Check Scam Artists staging a December Surge?

(Picture of counterfeit financial instruments recently intercepted in the mail by an International law enforcement task force)

In the past several days, I've noticed a surge in counterfeit check alerts from the FDIC (Federal Deposit Insurance Corporation). From December 19th to the 21st, the FDIC issued 26 alerts from various financial institutions throughout the United States reporting counterfeit activity using their information.

These checks are used in all the different varieties of overpayment scams. The basic MO (method of operation) in these scams is to trick someone into negotiating a bogus financial instrument and sending the money back to the person behind the scam. The victim is offered a small part of the money for doing this.

Of course, they are held liable for all of it when the item is discovered to be fraudulent.

Some of the known varieties of the overpayment scams are the lottery, auction, secret shopper, romance and work-at-home (job) scam(s). Please note you can search any of these "scam" terms at the top of this page for more information.

Spam e-mail is normally the vehicle in which these scams are presented, however they show up in more traditional print venues (including junk mail) from time to time, also.

One thing to bear in mind is that counterfeit checks (cheques) often appear to be legitimate in verification systems. The reason for this is simple, they use legitimate account numbers.

Victims have even asked employees at their financial institution of choice if the instrument was legitimate. Sadly, the items are often so good that the person is told that they are real. A financial institution employee verifying an item offers you no guarantee that the item is good. The person passing the instrument is the one who is liable for it.

Another tricky thing is that many financial institutions will also give their customers credit for these items in their accounts. This often gives the victim a false sense of security and causes them to send the money back to the scammer before realizing what is going on.

Federal rules dictate that banks can only put holds for a specified period of time depending on what type of check it is. The people behind the scams know about this and take advantage of it.

Although the money can be sent in a lot of different ways, most scammers prefer the use of Western Union, or MoneyGram wire transfer services. The reason for this is once the money is picked up (often within minutes), there is no recourse for the person who sent it.

Besides counterfeit checks, we've seen other instruments counterfeited on an industrial scale and sent to unsuspecting people, also. The known items in circulation are have included Postal Money Orders, Travelers Express (MoneyGram) Money Orders, American Express Gift Cheques and Visa Travelers Cheques.

The end result of these scams is that the person negotiating the item will be held financially liable. People are also getting arrested in certain circumstances for passing these items, also.

The National Consumers League recently set up a site (, which is a great reference on Internet scams involving checks (complete with visual presentations), here.

Here is a post, I wrote with more information on how to verify one of these items:

Tools to verify those too good to be true financial instruments you got in the mail

Please note that if the deal you are being presented is too good to be true, or you are being asked to wire money it probably isn't worth going to the effort of trying to verify the item.

Also note that these scams have become so sophisticated that there is no guarantee that any amount of verification can guarantee the item is legitimate!