Saturday, March 01, 2008

Will counterfeit documents enable the next terrorist attack?

(Cartoon by Suad Leija. Suad is the artist, however the political opinions are those of her husband. More cartoons can be seen on her new site, here.)

With the 2008 election in full swing, most of the candidates seem content to dodge the issue of border security.

Tied into another controversial issue, which is illegal immigration, discussing it is probably considered a no-win situation. It's probably likely that no matter what stance they take, it will cost them votes.

Perhaps, the reason it's so controversial is that we are a country of immigrants and most of our ancestors came to this country to seek a better life.

In most cases, what we consider poverty in this country, is a far better standard of living than where they are coming from.

Businesses take advantage of this "cheap labor" (payroll is always a key expense in any business) and because of their illegal status, illegal immigrants don't tend to complain about low wages and no benefits.

Since illegal immigrants are human beings and get sick etc., the taxpayer normally ends up paying for all the social costs associated with their employment. This is a pretty good deal for the employers using this "in-sourced" form of labor.

If you really wanted to solve the illegal immigration problem, it would probably be pretty simple. All you'd have to do is go after the businesses hiring them.

If the process were more transparent, they would probably have to take care of the people, who work for them a little better, also.

The biggest problem with illegal immigration is that all sorts of criminals, and some say, people with political agendas (terrorists) can easily camouflage themselves in the worldwide exodus of people from poor and war-torn countries. The illegal immigration process is controlled by organized criminals, who only care if the person they are bringing in has the money to pay them.

If you think illegal immigration consists of only people from Mexico, this is no longer the case. More and more, they are coming from a lot of different places and illegal immigration is hardly a problem just in the United States.

Whether they are here to find work, commit crimes or plan the next 9/11 -- the first thing someone entering a country illegally needs to do is make themselves appear to be legal. The way they do this is by using counterfeit documents to establish a (seemingly)legitimate identity.

In the hands of terrorists, counterfeit documents are an enabler to murder innocent people because they were at the wrong place at the wrong time. Given that Atta and the 9/11 crew used counterfeit documents to establish themselves in the U.S., it amazes me that as I write this, the business in them is booming.

The story of Suad Leija has been covered extensively in the mainstream media. Suad is the stepdaughter of one of the prominent leaders of an organized counterfeit document cartel operating throughout North America. Suad met and eventually married an American businessman, with alleged ties to the intelligence community.

The businessman then tried to strike a deal with Suad's family to use their database to identify potential terrorists -- who had been provided counterfeit documents -- in exchange for the release of a prominent member of the family, who had been arrested in Chicago.

The operation took a turn when the cartel refused to provide this information and Suad ended up assisting the authorities in identifying the main players in the cartel, as well as, the scope of their operation throughout the United States.

There have been 38 arrests and the court case is still underway.

Please note that ties to an intelligence operation have not been confirmed by a government source. Nonetheless, if you've followed the story, this is probably a fairly good deduction.

I wouldn't expect the government to confirm, or deny this story. Revealing details about intelligence operations compromises their efforts. This is probably why the intelligence community is and always will be the unsung heroes in the "War against Terror."

Charlie Wilson's War, the Tom Hanks movie, although probably a little "Hollywood" in nature is probably a good example of how a few good intelligence types can make a big difference. True stories, such as this one, normally are only officially confirmed years after the fact.

Just the other day, Newsweek released an update to the Suad story, with more details about the operation.

Joe Contreras (Newsweek) writes:

When federal prosecutors indicted 22 members of the Leija Sánchez counterfeit ID organization in Chicago last April, they described the arrests as "a significant setback" to one of the largest criminal enterprises of its kind ever to operate in the United States. But they made no mention of Suad Leija and the remarkable tale of how her marriage to an undercover American agent and her choice of country over family led to the downfall of the fake-document ring. Suad began cooperating with the U.S. Immigration and Customs Enforcement (ICE) agency in January 2006 and gave investigators the names and addresses of her stepfather's siblings and top lieutenants, who had been photographed while under surveillance by the Feds. Her decision to aid ICE officials, she says, grew out of concern that the fake green cards, driver's licenses and Social Security cards churned out by her family's document mills could be used by terrorists to stage another devastating attack on American soil. "Just as I wouldn't help a drug peddler sell narcotics to kids, there's no way I'd do it for terrorists who want to use fake identification produced by my family," Suad told NEWSWEEK in a phone interview from an undisclosed location. "If another September 11 were to happen and I'd done nothing to stop my family, then I would be just as guilty."

The Newsweek story also points out that these counterfeit documents are hardly being only sold to illegal immigrants, who want them to get a job:

Senior ICE officials also see the booming fraudulent documents business as a bona fide threat to national security. The industry generates annual revenues in the hundreds of millions of dollars, and its primary markets are the estimated 12 to 20 million foreigners living illegally in the United States and teenagers wanting to sneak into a bar. But some of the 9/11 hijackers obtained legitimate ID documents under false pretenses, and a terrorist suspect linked to Al Qaeda named Nabil al-Marabh allegedly produced fake ID documents at his uncle's print shop in Toronto prior to the attacks on New York and Washington. Though the clientele of the Leija Sánchez ring was overwhelmingly Latin American in origin, federal prosecutors say that documents were sold to Algerians, other Arabs and Pakistanis. "That's where the vulnerability is," says James Spero, a deputy assistant director in the ICE office of investigations. "You can buy a set of documents that will make it appear you are legally in the U.S. for as little as $100, and nobody in these organizations does background checks on their customers."

The article ends with the conclusion by Mr. Contreras based on interviews with ICE officials:

ICE agents have arrested 38 members of the Leija Sánchez organization to date, and from his Mexican prison cell Manuel is currently fighting extradition to the U.S. His old business associate Pedro Castorena was flown from Mexico to Denver last month to stand trial later this year on fraud, conspiracy and money-laundering charges, and Suad is expected to testify for the prosecution. But as the decline and fall of Pablo Escobar's Colombian Medellin cartel proved in the 1990s, the decapitation of a criminal organization's leadership will not disrupt the industry as long as there is strong demand for its product. And as of this week, ICE officials reported no decline in the availability of bogus documents on the streets of any major U.S. city.

Not mentioned in the Newsweek article is that the lead ICE agent on this case, Cory Voorhis, was arrested and is being charged with "exceeding his unauthorized access to a federal criminal database."

Voorhis and his legal team contend that he was only exposing plea bargain practices that allowed illegal immigrants charged with serious crimes to not be deported by the Denver DA's office.

Please note the crimes in question are a little more serious than just crossing the border without the right documentation.

Some are comparing this case to another case, which has received a lot more attention in the media. As stated on his legal defense site:

There are troubling parallels with the 2005 prosecution in El Paso, Texas of two Border Patrol agents, Ignacio Ramos and Jose Compean. Ramos and Compean were convicted of shooting a fleeing drug smuggler primarily on the testimony of the drug smuggler himself, who was granted immunity by the US Attorney. It has since been revealed that the US Attorney knew of the smuggler’s long criminal history yet succeeded in withholding this evidence from the jury.

A news release from his legal defense site stated that this might jeopardize the current prosecution of the Castorena-Leija counterfeit documents cartel.

From the news release:

The federal prosecution of Cory Voorhis, the Immigration and Customs Enforcement (ICE) agent who is charged in a high-profile case with three federal misdemeanors for allegedly illegally accessing a restricted database, could lead to the dismissal of charges or to drastically reduced charges for the alleged head of the notorious Mexico-based criminal Castorena Family Organization (CFO), some say.
The Suad Leija story isn't over yet and only time will tell what the final outcome will be. The full story of Operation Paper Tiger can be purchased (which includes actual wiretap transcripts) on the Paper Weapons site.

The most recent Newsweek story written by Joe Contreras can be seen in full (recommended), here.

In case you are interested in the Cory Voorhis case, a lot of information can be seen on his legal defense site, here.

Suad has also put up a new site, to further her personal interests once this story comes to a conclusion. Please note that Suad is only 23 years old and hopefully has other things in her life to pursue once this drama is over.

Below is another example of her work, which can be seen on her site (linked above). Please note that she is only the artist and the expressed views of those of her husband.

Thursday, February 28, 2008

Finjan discovers criminal database with 8700 account credentials to trusted domains!

Is the Corporate World under attack by hackers? A new report from Finjan suggests that top level domains have been compromised and access details are for sale on the black market.

It should be noted that government domains have been allegedly compromised, also.

From the Finjan press release:

Finjan Inc., a leader in secure web gateway products, today announced it has uncovered a database containing more than 8,700 harvested FTP account credentials, including username, password and server address - in the hands of hackers. These stolen credentials enable criminals to compromise servers and automatically inject crimeware to infect users visiting them. Among those stolen accounts are those of Fortune-level global companies in a wide range of industries including manufacturing, telecom, media, online retail, IT, as well as government agencies. The stolen FTP accounts include some of the world’s top 100 domains as ranked by

Dark Reading Kelly (Jackson Higgins) went more into depth on the risks associated with this new discovery:

The so-called (Me-or-you-Profit) site is selling username, password, and server addresses of these FTP servers as well as the NeoSploit Version 2 crimeware package, which basically lets the bad guys who buy it instantly infect these sites with malicious code -- with the goal of stealing valuable and confidential data from them as well as any visitors to the sites. It also “qualifies” the stolen accounts so that buyers either can then set a price to resell the compromised FTP credentials to other cybercriminals, or determine which are the more potentially lucrative sites to hack.

“With a click of a button they say ‘I want to infect his FTP server’ with the crimeware,” says Ben-Itzhak. Finjan did not test all of the sites to see if they had been infected yet or not.

From a more social perspective, this continues the scary trend of crimeware for sale, which enables not very technical criminals to commit fairly technical crimes at will.

Besides the fact that (in theory at least) sensitive information can be stolen from some of these sites, a visitor can be compromised when visiting a "trusted site."

Besides the risk of sensitive information being compromised, compromised sites, once publicized might face another problem a.k.a. unfavorable public exposure. This could lead to a loss of trust in their brand, and as seen recently, potential litigation.

This doesn't even take into consideration all the other assorted costs of recovering from a large scale data compromise that becomes public knowledge.

Finjan is inviting the corporate world to make inquiries, whether or not, their particular site is at risk. I'll provide the link to do so, here.

They are also providing more information on this latest crimeware kit on their "Malicious Page of the Month."

Dark Reading story, which seems to be a good information source on this story, here.

Tuesday, February 26, 2008

Truston and Identity Force team up to provide identity theft protection/recovery services

Truston -- who provides a privacy and user friendly means to protect a person from identity theft -- has announced a partnership with Identity Force.

Truston allows a person to protect themselves without giving up any of the personal information that is normally used by identity thieves to commit a wide assortment of crimes. It also allows a person to protect themselves, as well as, find out if they have anything to be concerned about free-of-charge.

A person is only charged for using the service when they recover from identity theft and then is only charged for however long the process takes. This is a big difference from most identity theft protection/prevention services, who charge a person on a long-term basis regardless of whether or not they have been actually become an identity theft victim.

Many of the identity theft protection services do not cover a person unless they were signed up (and paying) at the time they became a victim.

In addition to this, the monthly charge for using the recovery services is about the same as most of the competition. Because the recovery services are used on an "as needed" basis, the overall cost of using Truston is far less than the competition.

Identity Force provides identity theft protection services to a large number of customers including government agencies, such as the Department of Veterans Affairs, Transportation Security Administration, Federal Emergency Management Agency, National Institutes of Health, U.S. Coast Guard and Department of Education.

Because of this, Truston will now be available to a substantial customer base, many of whom, might not want to provide all their personal information to a third-party. Given that many of these people were referred to Identity Force after a data breach -- where a system was compromised and their information was exposed -- Truston provides an approach that might give them greater piece of mind.

Here is part of the announcement from the press release:

Truston, a provider of award-winning online services for identity theft protection, today announced that it has partnered with Identity Force to provide its customers with Truston's online identity theft recovery and prevention services.

As Truston's web-based platform is designed to be private-labeled by partners, the myTruston features will be offered through the Identity Force member dashboard and completely integrated for a seamless customer experience. Through the use of Truston's application programming interface, the myTruston service is embedded within the Identity Force website, taking on its look-and-feel and not requiring an additional user login.
Recently, Truston was named one of the Hot Companies of 2008 by the Network Products Guide in Silicon Valley.

Tom Fragala, Truston's CEO, was himself an identity theft victim and has spent thousands of hours advocating for victims of this growing crime.

He also does a blog on identity theft, which can be seen, here.

Full press release on the Truston/Identity Force partnership, here.

Monday, February 25, 2008

Australian Competition and Consumer Commission releases the little black book of scams

I normally write with an emphasis on what is going on in North America, but in the digital world a scam can travel thousands of miles with a click of a mouse, or probably more frequently a "bot."

Most of the scams I see don't vary much from country to country.

Ran into this interesting educational tool provided by the Australian Competition and Consumer Commission on how to identify and not fall victim of fraudsters a.k.a. scammers. After reading it, I found a lot of great information in here that is a worthwhile read for anyone interested in the wide variety of scams that are out there.

In their own words:

The little black book of scams highlights a variety of popular scams that regularly target Australian consumers and small business in areas such as fake lotteries, internet shopping, mobile phones, online banking, employment and investment opportunities. It also offers consumers tips on how to protect themselves from scams, what they can do to minimise damage if they do get scammed and how they can report a scam.

The entire book can be downloaded free of charge, here.

Sunday, February 24, 2008

Will the Experian versus Lifelock law suit help identity theft victims?

Lifelock -- one of the companies that offers identity theft protection at a cost -- is being taken on by one of the big three credit bureaus. Last week, Experian filed a law suit seeking damages for their costs associated with placing and replacing credit alerts.

Before continuing on, it needs to be noted, as it has been by Lifelock CEO Todd Davis that Experian and the other members of the big three are involved in the identity theft protection business, also.

There is an interesting article by Terry Bibo at the about a Catepillar retiree, who was offered free credit monitoring after a data compromise. According to the article, the retiree tried to use the company provided protection service (, which is owned by Experian. The end result is seven months later all he has received is someone else's credit report and nothing has been done to protect him from becoming a victim.

It should also be noted that Lifelock isn't the only identity theft protection service that operates along the business model of charging people to place credit alerts or freezes on their reports.

Other companies, such as Debix and Trusted ID offer pretty much the same service.

Unfortunately, I'm not certain that any of this is necessarily going give any additional recourse to the millions of identity theft victims, who should be what this is all about. This law suit seems to be more about who is going to cash in on the identity theft protection industry, which by most estimates is showing double digit growth.

Lifelock has been under fire since it was disclosed by Ray Stern at the New Phoenix Times that one of the founders, Robert Maynard had been banned by the FTC to work in the credit repair industry and had been accused of identity theft by his father, who bears the same name he does.

At the time, Lifelock marketed their product by claiming it was inspired by Maynard being wrongfully arrested after his identity was stolen. The article revealed evidence that this wasn't true, and revealed that Maynard had been arrested for not paying his bill at a casino. The story was backed up with a booking photo of Maynard and a statement from an official source at the Clark County DA's office that Maynard had never claimed identity theft at the time of his arrest. In fact, according to the source at the DA, he made full restitution, which prevented the case from being prosecuted.

Shortly thereafter, CEO Todd Davis made headlines when he organized a "posee," complete with film crew to go after the person, who stole his identity to get a loan. The identity thief in question was described as mentally disabled by the authorities and the charges were dropped because of the questionable tactics used, referred to as coercion.

There are a lot of forms of identity theft and not all of them show up on a credit report. The fact that Todd Davis' social security number (which he plasters all over the universe as a marketing tool) is a pretty good indicator of this.

Stephen Lemons, who writes Feathered Bastard column for the New Phoenix Times wrote about the pending law suit. He pointed out that despite the negative publicity that Lifelock has received, it's business continues to grow.

The advertising campaign referred to consists of everything from television advertising to blogs. In fact, some of these blogs could probably be classified as splogs (my opinion). Recently, I've even seen e-mails touting the service that were caught in my spam filter. These e-mails have the following verbiage, "BBB: "LifeLock is the best Identity Theft Protection We Have Found."

When looking into this it was pointed out to me that the BBB (at least the Better Business Bureau?) doesn't provide endorsements.

Another thing, I noted in the several unsolicited e-mails I've received was that I was getting them because I had "opted in" at either Lifelock, or an affiliate. Strange, I don't remember ever opting in to receive e-mail campaigns from Lifelock? I do remember tracing a mysterious link from a Lifelock affiliate to this blog. When you tried to click on this link, which was set up on a Chinese domain, it redirected right to the main Lifelock website.

There are a lot of players in pay per credit alert business. Will this litigation eventually be the precedent for further litigation? I suspect Lifelock is the initial target because of some of the aggressive marketing tactics they use.

In November, the New York Times published an article by Brad Stone about Gideon Yu and his investment in Debix. In the article, he wrote:

Gideon Yu, the former chief financial officer of YouTube and current chief financial officer of Facebook, is one of the most notable new executives in Silicon Valley. But while Mr. Yu operated in high-tech’s highest circles over the last two years, an impersonator was quietly using his name and credit card number to make fraudulent purchases.

This is another testament that just about anyone can become an identity theft victim and it noted the frustration Mr. Yu went through trying to resolve his personal issue.

Another item mentioned in the article was that the credit bureaus make it difficult for the average person to protect themselves:

Other individual investors and venture capital firms also see opportunity in the business of combating identity theft. The big three credit agencies — Equifax, Experian and TransUnion — offer several tools for preventing ID theft, but generally make putting such measures in place difficult for consumers — requiring them to send requests by certified mail, for example, and making them renew fraud alerts every 90 days.

What's interesting about this is that most identity theft has been enabled by the buying and selling of too much personal information without protecting it very well (my opinion). It makes sense that those profiting from selling information and protecting us from the fall out wouldn't want to make identity theft protection easy. If they did, it probably would cut into some profit margins by making it harder to issue credit. Of course with the record amount of bad debt out there, this might not be such as bad idea (my opinion again)?

I'm not sure where this lawsuit will go, or if this action will spawn others in the future. The only thing I do know is that it would be nice to see the victim get a fair shake for once. There has to be a better way for the average consumer to protect themselves.

The article quotes Gail Hillebrand at the Consumers Union:

Many consumer advocates say that no one should have to pay anything to defend against identity theft. “Having to renew a fraud alert every 90 days is a pain, and I can see why there’s demand for these services,” said Gail Hillebrand, a senior lawyer at Consumers Union. “But the ultimate solution is not for consumers to pay someone extra. It’s for the credit agencies to make this an easier process and to extend fraud alerts for a year.”

NY Times article about Gideon Yu and Debix, here.

Feathered Bastard article, which contains a link with the actual Experian complaint, here.

In case you can't afford the extra money to protect yourself, or simply are frugal, here are two links on how to "do it yourself," I recommend taking a look at:

FTC site on how to deal with identity theft, here.

Information by the Privacy Rights Clearinghouse, here.

Consumers Union (quoted above) does a lot of work to advocate for better laws that will be more consumer friendly, also.

Click here to Guard your Identity

On eBay, the buyer better beware!

Despite a lot of publicity that eBay is going after fraud, the bottom line is that the buyer better BEWARE when they purchase something on eBay, or for that matter, any digital auction site.

This morning, I read a story from Wales, where a person just got caught selling laptops that didn't exist.

From the Evening Leader:

Christopher Malcolm Amos, from Green Lane, Shotton, admitted swindling customers of the online auction site out of thousands of pounds to fuel his gambling addiction.

Under the user name 'Whitefruit,' the 22-year-old accepted payments from 130 bidders wanting to buy laptop computers.

Some used eBay's PayPal facility, while others transferred the cash directly into Amos's bank account, but nobody ever received their orders.

Please note that at least some of the fraud victims used eBay's preferred method of payment, PayPal.

And Mr. Whitefruit, who I gather is a gambling addict, didn't get into very much trouble for swindling about 100 people. He was ordered to pay some restitution and got a 12 month suspended sentence.

I'm sure eBay fraudsters around the world are quivering in their boots!

I ran into another story in the ChronicleHerald (Halifax, Canada) describing a significantly larger operation involving selling neat "tech toys" that never existed:

Police said Wednesday several complaints about alleged electronic commerce crimes have come in during the past week to 10 days. Customers are from such countries as Australia, Sweden, Norway, the United States, Italy and Estonia. Const. Jeff Carr, a spokesman with Halifax Regional Police, said Canadian EBay users have allegedly been victimized as well, but there are no complaints from the Maritimes.
The person behind this, who hasn't been caught yet was selling laptops that didn't exist.

The story also indicates that PayPal was used on some of these transactions:

He said one complaint, from PayPal of San Jose, Calif., includes more than 100 alleged victims. PayPal, which was acquired by EBay in 2002, is an online money-sending service that provides users worldwide an opportunity to buy and sell goods without sharing personal financial information.

Even when you get the merchandise you paid for on an auction site, you are taking the chance that it is a cheap "knock off," or might be some of the stolen merchandise being fenced on some of these digital marketplaces.

Knock off merchandise can be dangerous when it doesn't work as well as the item it is passing itself off does. Buying stolen merchandise poses certain moral issues, also.

When buying something on an auction site, it is up to the buyer to make sure (beware) they are getting what they paid for. This can include using some good old "horse sense," and being able to realize when the deal you seem to be getting is a "little too good to be true."

Previous posts, I've written about fraud on eBay, can be seen, here.

Evening leader story, here.

I've also written about a company called buySAFE, who certifies sellers and guarantees what they sell. The seller pays for this -- and while I suppose the cost is included in their cost of goods sold -- this might be a good way to avoid fraud without having to do a lot of homework.

buySAFE's CEO, Steve Swoda does a blog, which I read from time to time can be seen by clicking, here.