e-crime monitor

Web hit by hi-tech crime wave

gmcknight — Sun, 25 Apr 2010 13:20:37 +0000

BBC Article

http://news.bbc.co.uk/2/hi/technology/8630160.stm

Web hit by hi-tech crime wave

Hi-tech criminals are racking up more than 100 attacks a second on the world’s computers, a survey suggests.

While most of these attacks cause no trouble, the Symantec report suggests that one attack every 4.5 seconds does affect a PC.

The wave of attacks was driven by a steep rise in malicious software in circulation, said the annual report.

The number of malware (malicious software) samples that Symantec saw in 2009 was 71% higher than in 2008.

Crime family

This meant, said Symantec, that 51% of all the viruses, trojans and other malicious programs it has ever seen were logged during 2009. In total, Symantec identified almost 2.9 million items of malicious code during that 12 month period.

The steep rise in malware was driven largely by the growing popularity of easy to use toolkits that novice cyber criminals are using to turn out their own malware, said Tony Osborn, a technology manager for the public sector at Symantec.

Some of the kits were available for free, said Mr Osborn but others cost a lot of money. One, called Zeus, was available for around $700 (£458) and many had become so successful that their creators now offer telephone support for those who cannot get them to work.

During 2009, Symantec say more than 90,000 variants of the Zeus kit and it was responsible for the growth of one of the most prolific malware families during the year.

Zeus relies on spam to lure people to websites where victims will be tricked into installing malicious code or which sneaks on to a computer via a known vulnerability.

Often, said the report, this can help criminals set up botnets – networks of hijacked home PCs that can be used to send spam or plundered for lucrative personal data. In 2009, Symantec saw almost seven million distinct PCs that were members of botnets.

There was one very simple reason that novices bought and used the kits, said Mr Osborn.

“It’s all about money,” he said.

Established gangs were also showing no signs of holding back in their attempts to steal saleable information.

“Why would they?” he said. “It’s easy money and it’s very hard to catch people.”

“It’s become a day job for a lot of people,” he said.

There was evidence, suggests the report, that professional cyber criminals were tuning their tactics to try and get better results. Many now scour social network pages for details about employees inside companies and craft their spam and other messages to capitalise on the details they can gather.

The continuing growth of hi-tech crime meant that many developing nations were starting to suffer significant numbers of attacks. Brazil and India were becoming hot spots of cyber crime, said Mr Osborn.

This was because, he said, the infrastructure in those nations was rapidly improving as people move to broadband and use the web for more and more of their daily lives.

“Those are the places where education and understanding about security are taking a while to catch up,” he said

Youth Oriented Message on Internet Fraud Comic

gmcknight — Thu, 22 Apr 2010 14:59:20 +0000

By hAnnAh_K | View this Toon at ToonDoo | Create your own Toon

This is a cartoon’s artist effort to help young people learn about the potential risk of Identity Theft

If you value your online security, you should welcome the iPad

gmcknight — Sat, 10 Apr 2010 22:56:06 +0000

Source

http://www.guardian.co.uk/technology/2010/apr/09/ipad-apple-security

If you value your online security, you should welcome the iPad
Complaints about the iPad’s limited nature overlook the havoc that open Windows PCs have caused

Charles Arthur
guardian.co.uk, Friday 9 April 2010 13.13 BST
Article history

Over the past week I’ve been reading Fatal System Error by Joseph Menn, an unhelpfully-titled book that takes you deep into the heart of how gambling sites (often tacitly controlled by organised crime) fought off distributed denial-of-service (DDOS) attacks in the early 2000s.

Fatal System Error
by Joseph Menn
304pp, PublicAffairs, £14.99

Buy Fatal System Error at the Guardian bookshop
They succeeded – upon which the people behind the botnets creating the DDOS then decided it was simpler to work on the raw material they already had: thousands and thousands of PCs running Windows which they could control, to the extent of extracting personal and, crucially, financial data. That led in turn to sites such as CarderPlanet, where criminals would buy and sell details of millions – millions! – of credit cards, social security numbers, and so on.

And making sure that the botnets kept being topped up were organisations like the Russian Business Network (RBN), a shady organisation apparently based in St Petersburg, which has proven peculiarly beyond the reach of the law – perhaps because, as is alleged, one of the key figures in it is related to a senior official in the city. (If the RBN is ringing a bell, we’ve written about it before; it’s believed to be behind the evil piece of malware known as CoolWebSearch, or CWS, which many people have found impossible to eradicate from their PCs. In June 2007, Trend Micro noted that it was one of the most widespread spyware infections in the UK: “With over 60 different variants, this spyware is significantly more complex than average making it harder to detect and remove.”)

Menn’s book is riveting, as much for the terrifying detail it includes – both about gambling sites (I’d never have trusted any online poker site before, and after reading this I’m even less inclined to) and the extent of botnet infection and the feckless lack of high-level international cooperation – especially by George Bush’s administration – that allowed their architects to enrich themselves.

And then this week, a couple more data points. First, ComputerWorld pointed to a study suggesting that 1 in 10 of Windows PCs is still vulnerable to the Conficker worm a year after it was so widely publicised. (Also worth noting from December: one Chinese ISP hosts 1 in 7 of Conficker infections.)

Then Intego, the antivirus people, sent me an excited email saying that it had updated its VirusBarrier X6 product to scan the iPad. “VirusBarrier X6 was the first anti-malware program to scan iPhones and iPod touches and is now the first to scan the iPad,” it announced breathlessly.

A little puzzled, I emailed back, asking what it was looking for, exactly. Aside from infected Microsoft Word documents, what sort of things could it be scanning for? What iPhone, iPod Touch or iPad-specific viruses are there?

No reply.

There’s a simple reason for that, of course. There aren’t any viruses for the iPad, or iPod Touch, or iPhone. If you’re using them to log in to your bank, or eBay, or PayPal, then you can be completely confident that there aren’t any keyloggers watching what you type and sending it to a website somewhere in Russian or China.

Yes, I’m aware that there have been proofs-of-concept attacks against the iPhone OS: one which would put up a message on any jailbroken machine where the owner had installed SSH, and could turn them into part of a botnet controlled from Lithuania by changing its default password (so the owner couldn’t). That’s bad, right? Yes, it is. But it only happened if you hacked your machine about. (Interestingly, the problem was even worse on Android phones, as that doesn’t have Apple’s restrictive App Store system.)

The enormous irony is that the people who would be affected by this are a subset of those who complain about the limitations of the iPad and iPhone – that they don’t allow you to program them directly, in the way that general-purpose computers do. So they hack their iPhone to be able to do what general-purpose computers do. And they get hit just like people using general-purpose computers do. And please, don’t tell me about your marvellous antivirus package. I’m afraid I trust those about as much as online poker sites. Botnet creators have specialists who find zero-day (unnoticed) weaknesses in programs such as Internet Explorer, Microsoft Word, Excel and Powerpoint, and Adobe’s Acrobat Reader and Flash player to infiltrate your computer.

Just as most people don’t manage to touch the edges of the processing power of their computers, most also don’t need the capability to program them. The ability to run absolutely any program that can be found anywhere is actually a huge disadvantage when you’re using a browser that is full of security holes that will let programs download and install themselves (which applies to Internet Explorer, and Firefox, and Apple’s Safari: they all have security flaws).

What people actually need for many of their computing tasks is computers that are much more like appliances: restricted to doing just a few things really well. I don’t ask my dishwasher to wash clothes, and I don’t wash plates in the washing machine. Similarly, people don’t travel to their local bank branch in a rocket. A bicycle or car or even walking does just fine. Our problem has been that for years computers didn’t have quite enough power to do what we wanted, so we demanded more; but despite Microsoft retrospectively discovering that the internet is full of bad people, Windows’s security isn’t good enough. We need appliance-like computers that do less, not more.

I think that the iPad, which is already the best-selling tablet computer in the world – as Apple has announced 450,000 sales, and that’s before it begins selling the 3G version at the end of this month, and before it starts selling internationally; the world market for Windows-based tablets was estimated at 1.25m – actually holds out the best hope for people who don’t want to have their bank login details and credit card details and pretty much everything else siphoned off to enrich criminals around the world. Menn’s book is a salutary reminder that those people exist, that they’re very busy, and that they’re on the case all the time targeting Windows users.

Brian Krebs, a security researcher who used to write a must-read column for the Washington Post on online security, put it bluntly last October:

“An investigative series I’ve been writing about organized cyber crime gangs stealing millions of dollars from small to mid-sized businesses has generated more than a few responses from business owners who were concerned about how best to protect themselves from this type of fraud.

“The simplest, most cost-effective answer I know of? Don’t use Microsoft Windows when accessing your bank account online.”

He suggested using a Linux-on-USB-stick approach, where you’d reboot from it any time you wanted to do some online banking. Some might find that a slight hassle. Less hassle though than finding your account has been cleaned out.

But now of course there are alternatives. You might think that the iPad is expensive (and we don’t know how much it will cost here in the UK). That’s certainly true. But until we see the shape of tablets running Google’s Android or even ChromeOS – expected later this year – the alternatives, it seems to me, are stark. You can get a USB stick and install Ubuntu on it (free) to fire up your PC when you want to do some banking (might seem like a hassle); you can buy an iPod Touch (£120 or so, no fussy contracts); or you can await an iPad (price unknown) or Android/ChromeOS tablet (price and release date unknown).

That’s only if you value your financial and personal privacy, obviously. (And none of those will save you from being phished; just remember, Amazon, eBay and PayPal only and always include your user name in the subject of their emails; and banks never email you. If they do, go to the main site, not via the link in the email.)

Only if we get to a situation where easily-attacked machines are in the minority of systems accessing the net, not the majority, are we going to be safe from botnets. That day might never come. But it’s as well to make sure you’re not among those being targeted.

It’s true, by the way, that internet service providers could do a lot more: it’s a big pity that the digital economy bill didn’t include some sort of responsibility on them to limit botnets by cutting off people whose machines are clearly infected (which would do a lot more for the economy than “temporarily suspending” the accounts of people accused but not proven to have grabbed a few torrents).

But in the absence of that, your online security is in your own hands.

And I think that if you’re looking at a Windows PC right now, you might want to reconsider who’s going to see your login details as you check your bank account. You think I’m exaggerating? But you haven’t read Menn’s book. I have. Still certain that the iPad is pointless?

Canadian-based researchers have shed light on the dark world of cyberspying

gmcknight — Wed, 07 Apr 2010 01:09:29 +0000

TORONTO – Canadian-based researchers have shed light on the dark world of cyberspying.

http://cnews.canoe.ca/CNEWS/Canada/2010/04/06/13480731-qmi.html

Ron Deibert, director of the Citizen Lab at the Munk School of Global Affairs, University of Toronto, said they have uncovered how a complex ecosystem of cyber espionage used seemingly innocent social websites like Twitter for sinister purposes.

“Networks such as these thrive as a result of a vacuum at the global level,” Diebert said. Shadows in the Cloud: Investigating Cyber Espionage 2.0 provides details on cyber attacks against the Indian government, Dalai Lama, United Nations and other countries.

The Shadow Network, linked back to two individuals in China, obtained classified and personal information, compromising governments businesses and academic computer networks, according to the researchers.

While the report found no evidence that the People’s Republic of China, or any other government, was involved in the high tech thefts, it did question whether China would take action to stop it.

The researchers argue that without global conventions on cyberspace, the information highway becomes too dangerous to navigate.

“There is a real risk of a perfect storm in cyberspace erupting out of this vacuum that threatens to subvert cyberspace itself, either through over reaction, a spiraling arms race, the imposition of heavy-handed controls or through gradual irrelevance as people disconnect out of fear of insecurity,” the report says.

The investigation was a collaborative effort by the Information Warfare Monitor (Citizen Lab, Munk School of Affairs, University of Toronto and SecDev Group) and the Shadowserver Foundation (volunteer security professionals).

Cyber Insecurity: U.S. Struggles To Confront Threat

gmcknight — Tue, 06 Apr 2010 11:17:43 +0000

Cyber Insecurity: U.S. Struggles To Confront Threat
by TOM GJELTEN

Director of National Intelligence Dennis Blair testifies before the House Intelligence Committee in February on the annual threats assessment of the U.S. intelligence community.

Americans do not often hear that someone has found a way to overcome U.S. defenses, but military and intelligence officials have been sounding downright alarmist lately with their warnings that the country is ill-prepared to deal with a cyberattack.

Director of National Intelligence Dennis Blair opened his annual survey of security threats in February by advising Congress that “malicious cyberactivity is growing at an unprecedented rate,” and that the country’s efforts to defend against cyberattacks “are not strong enough.”

Blair’s predecessor as intelligence chief, Mike McConnell, was even more candid in a Washington Post commentary later that month.

“The United States is fighting a cyberwar today,” McConnell wrote, “and we are losing.”

No country in the world is more dependent on its computers than the United States. Data networks now underlie the U.S. power grid, its military operations and the telecommunications, banking and transportation systems. That means the U.S. is uniquely vulnerable to sophisticated computer hackers.

‘Explosion’ Of Computer Attacks

The Pentagon’s Quadrennial Defense Review, released in February, reported that the department’s computer networks “are infiltrated daily by myriad of sources, ranging from small groups of individuals to some of the largest countries in the world.” A senior defense official who follows the cyberthreat closely tells NPR that in the past two years, the Pentagon has experienced an “explosion” of computer attacks, currently averaging about 5,000 each day.

One of the biggest was in 2007, when hackers targeted the Pentagon, NASA and the departments of Energy, Commerce and State. The origin of the attack was unknown, but U.S. officials suspect it came from China. Among the victims was Defense Secretary Robert Gates, whose unclassified e-mail account was penetrated.

James Lewis, a cyber-expert at the Center for Strategic and International Studies, says the 2007 hackers gained access to massive amounts of U.S. government data — some of it important, some of it worthless.

“In fact, I felt sorry [for them],” Lewis says. “Some guy, probably in Beijing, is having to sit there and translate state dinner menus from 1994. He’s probably going nuts.”

The difference between cybercrime, cyber-espionage, and cyberwar is a couple of keystrokes. The same technique that gets you in to steal money, patented blueprint information or chemical formulas is the same technique that a nation-state would use to get in and destroy things.
- Richard Clarke, cybersecurity adviser to presidents Bill Clinton and George W. Bush
A 2003 computer attack so impressed the FBI that agents gave it a code name: Titan Rain. The hackers managed to penetrate a variety of military networks without being detected.

“There’s still some debate about who did it and why they did it,” says Richard Clarke, who was a top cybersecurity adviser to Presidents Bill Clinton and George W. Bush. “But it proved that it is possible to get into even well-defended networks and exfiltrate terabytes of information — and nothing can be done about it.”

U.S. officials estimate that the 2007 attacks and Titan Rain each resulted in the loss of as much as 10 terabytes of data, an amount roughly comparable to the contents of the entire Library of Congress. There have been other large, and possibly related, attacks as well.

“Some people say there’s really been only one event, ongoing for years, and it’s just that we occasionally stumble on it,” says Lewis, who served as the project director of the center’s Commission on Cybersecurity for the 44th Presidency.

A New Crime Category Emerging?

The cyberattacks are also becoming more sophisticated and harder to trace. Hackers in China, for example, are now able to take control of thousands of personal computers in the United States simultaneously, and remotely command them to send out bogus e-mails or viruses. Such robot computer networks, called Bot Nets, can do great damage when directed by malicious hackers.

“People who have computers and no [anti-virus] protection are susceptible to being captured, unknown to them,” says Harry Raduege, a retired Air Force lieutenant general and former commander of the Pentagon’s Joint Task Force for Global Network Operations. “They could then become part of a Bot Net army that could be used to attack an organization, a nation or an industry.”

Up to now, most computer attacks have fallen under the category “cybercrime.” There have not yet been any significant acts of cyberterrorism, though U.S. intelligence officials say al-Qaida and other terrorist groups are committed to developing a cyber capability.

Goals Change, Threat Stays The Same

Attacks traceable to foreign governments and corporations, according to cyber-experts, have largely been for espionage purposes — at least until now. The December 2009 attack on Google and other companies operating in China was apparently an effort to steal industrial secrets, according to U.S. and company officials.

Still, the danger of an all-out cyberwar remains pressing.

“The difference between cybercrime, cyber-espionage, and cyberwar is a couple of keystrokes,” says Clarke, who authored a forthcoming book on cyberthreats. “The same technique that gets you in to steal money, patented blueprint information or chemical formulas is the same technique that a nation-state would use to get in and destroy things.”

The big fear is that an adversary, in the heat of a cyberwar, might try to take down the U.S. power grid, telephone network or transportation system.

“My guess is that it’s only a few advanced militaries that could damage the electrical grid or damage some other networks,” Lewis says. “But they have that capability. They have probably done the reconnaissance necessary to use it, and if we got into a fight, we could expect some kind of cyberattack.”

Covering A Vast Space

Asked about the U.S. capability to defend itself from such an attack, Lewis, the cyber-expert with CSIS, feigns a shocked look.

“I didn’t realize we had defensive capabilities,” he says.

He adds, laughing, “No, that’s not fair. How can I say that?”

Raduege, who is now directing the Deloitte Center for Cyber Innovation, argues that some attacks on the Pentagon have been countered relatively well, such as the 2007 incident that resulted in the penetration of Gates’ personal e-mail account.

“When the secretary was attacked, of course someone got in. But somebody also noticed it right away, was able to isolate those attackers, clean up the system, and then put the users back online immediately,” Raduege says. “So I think that’s a real tribute to the people who are really fighting the network, as we say. It’s a real battle space.”

The problem for U.S. cyberwarriors is that the “battle space” is so vast.

“The government has its hands full defending the Defense Department and the intelligence community,” says Clarke. “And, really, about the only parts of the U.S. government that are moderately well-defended [are] the Pentagon and the CIA.”

Improving Overall Quality

Cyberdefense efforts at other government departments are spotty at best. The Treasury Department is doing “a relatively good job,” Lewis says. But he adds that other agencies are doing “a relatively dreadful job.”

“They may as well just change their passwords to ‘Welcome, Chinese Friends,’ ” he says.

As for the critical civilian infrastructure, including the power, telecommunication and transportation grids, it is largely in private hands, meaning the U.S. military is not authorized to protect it.

In recognition of the country’s vulnerability to computer attacks, the Pentagon has established a new U.S. Cyber Command, due to be directed by a four-star general, and the Obama administration has designated a cybersecurity coordinator, with responsibilities that extend across all U.S. government agencies. Still, critics say more must be done.

“Right now, the government is saying that Cyber Command will defend the military and the intelligence community. Homeland Security Department will defend the rest of the federal government,” says Clarke. “The rest of us are on our own.”

Timeline: Major Cybersecurity Incidents Since 2007

gmcknight — Tue, 06 Apr 2010 11:12:09 +0000

Timeline: Major Cybersecurity Incidents Since 2007
by TOM GJELTEN

Mikkel William/iStockphoto.com
U.S. government and private computer networks find themselves facing much more frequent and much more sophisticated cyberintrusions.
text sizeAAAApril 5, 2010
April-June 2007

A series of cyberattacks on U.S. government agencies and departments results in the loss of 10 terabytes to 20 terabytes of data. That’s more data than what’s stored in the Library of Congress. Defense Secretary Robert Gates’ unclassified e-mail account is hacked.

May 2007

Estonia’s Parliament, banks, ministries and news media face “distributed denial of service,” or DDoS, attacks. In DDoS attacks, Web sites are inundated with traffic, causing them to collapse. The attacks come as Estonia is in a heated dispute with Russia over the relocation of a Soviet-era war memorial. Estonian officials blame the Kremlin for the attacks.

October 2007

An e-mail sent to 1,000 staff members at the Department of Energy’s Oak Ridge National Labs contains an attachment that accesses the lab’s nonclassified databases.

August 2008

Hackers insert pictures of Adolf Hitler into the country of Georgia’s Foreign Ministry Web site, while other government Web sites are disabled by DDoS attacks. The cyberattacks come as Russian forces engage in combat with Georgian troops. U.S. intelligence officials conclude that the Russian government was behind the attacks, perhaps acting through organized crime channels.

August-October 2008

Hackers gain access to e-mails and computer files at the presidential campaign headquarters for John McCain and Barack Obama. Investigators reportedly trace the penetrations to computers in China.

November-December 2008

Several thousand military computers at the Tampa, Fla.-based U.S. Central Command, the headquarters for military operations between east Africa and central Asia, are infected with malicious software. Investigators conclude that the malware was introduced via thumb drives that had been scattered in a parking lot.

March 2009

Researchers at the University of Toronto announce that they have discovered an extensive cyberespionage network, which they call “GhostNet.” The GhostNet operators are said to have infected 1,295 host computers in 103 countries around the world. The researchers cannot conclusively identify the GhostNet operators but suspect Chinese involvement.

July 2009

Cyberattacks are launched against government, financial and media Web sites in South Korea and the U.S. Among those targeted is washingtonpost.com, the newspaper site. South Korea blames North Korea for the attacks, but the origin of the attacks is not determined.

December 2009

Google and more than 30 other U.S. companies in China are subject to significant computer attacks, resulting in the loss of technological secrets.

Source: Center for Strategic and International Studies (Technology and Public Policy Program); news reports
by TOM GJELTEN

May 2007

October 2007

An e-mail sent to 1,000 staff members at the Department of Energy’s Oak Ridge National Labs contains an attachment that accesses the lab’s nonclassified databases.

August 2008

August-October 2008

Hackers gain access to e-mails and computer files at the presidential campaign headquarters for John McCain and Barack Obama. Investigators reportedly trace the penetrations to computers in China.

November-December 2008

March 2009

July 2009

December 2009

Google and more than 30 other U.S. companies in China are subject to significant computer attacks, resulting in the loss of technological secrets.

Source: Center for Strategic and International Studies (Technology and Public Policy Program); news reports

E-mail scams exploiting Haiti earthquake generosity

gmcknight — Tue, 16 Mar 2010 12:36:05 +0000

E-mail scams exploiting Haiti earthquake generosity

By Razia Iqbal
BBC News

Criminal gangs stole this image from genuine charity SOS Children
Criminal gangs have been cashing in on the Haiti earthquake by seeking funds for bogus charities via millions of spam e-mails, a BBC investigation has learned.
The Haiti earthquake led to millions of pounds being raised to help people with next to nothing who, literally overnight, found they had even less.
But alongside genuine appeals and donations, something more sinister started to emerge.
Within days, scam e-mails began appearing on the internet. Some had what looked like logos from genuine charities.
One said it was from the British Red Cross, but was traced to a computer in Nigeria; another used the Unicef logo, but was nothing to do with them.
Our investigation focused on two e-mails. One was from a charity called Help the World, which is not registered with the Charity Commission.

Razia Iqbal and the BBC team confront one of the fraudsters

There was a mobile number on the e-mail which we rang. A man responded and told us how the funds they were raising were being used.
He told us: “We are repairing the centre of the disaster in Haiti. We focus on the schools in Haiti. We have to let the children have their future back, you know without education there’s no future.”
None of this was true. Scam e-mails tend to list only mobile numbers, which a bona fide charity would steer clear of.
We checked with the Charity Commission, who have no record of Help the World.
However, unusually for such e-mails, there was a London address which we checked out. It turned out to be a jazz and blues bar.
A second group we investigated called itself the M E Foundation and was also not registered with the Charity Commission.
In the e-mails, a Mr David Isco Iker was said to be running the charity. I asked him how they were getting their donations and what they were using the money for.
He said: “We get mostly phone donations… mostly for food, medical supplies.”

The BBC has passed this fake ID card to police after its investigation
This was all also untrue. Unsolicited, the M E Foundation sent us photographs of the Haiti projects they said they were involved with.
One showed rows of white tents with a logo on each one. We discovered the camp belonged to the well established Cambridge-based charity, SOS Children.
Chief executive of SOS Children, Andrew Cates, told us the picture was one of theirs, cut and pasted from their website, and not from Haiti, but from the Pakistani earthquake a few years ago.
He said: “The problem is it’s not just about exploiting a donor or a charity, really they’re exploiting the victims. Because they’re taking money people want to give to the victims of these natural disasters and they’re stealing it.
“So I don’t feel that they’re robbing me, I feel that they’re taking from the mouths of children we’re trying to help and that is something which is very difficult not to get angry about.”

HOW TO AVOID SCAMS
Make sure emails are genuine. If you have any concerns about a request for donations that appears to come from a charity, contact the charity directly
Ask for a charity collector’s identification and the charity’s name and registration number
Check if a charity is on the public register of charities at www.charitycommission.gov.uk
If you think you have been targeted, report it to the police or contact the Charity Commission
If you want to donate to a particular charity online, visit the charity’s website
Source: Charity Commission
Research from the Office of Fair Trading shows that last year, around two million people were conned out of cash via scam e-mails of various kinds.
But given the scale and nature of the Haiti tragedy, there is something quite different about this cyber crime.
Richard Hurley from Cifas, the UK’s fraud prevention service, said: “They’re very sophisticated and with that sophistication goes a large level of a very insidious nature which deliberately preys on your feelings for those innocent victims and your desire to help them.
“So it’s making use of human suffering and the best in human nature at the same time simply for commercial profit.”
The evidence against the M E Foundation was piling up. Their listed address in London turned out to be a newsagents which had been there for 20 years.
The newsagent said he was offended to learn that people were stealing money from others and using his address as a cover.
The other address listed for the M E Foundation was in Malaga, so we went there to try to talk to the people involved. We told our contact in Spain we would send our donation for the charity via courier.
The address given to us was in a run-down area of Malaga, and our courier waited for the contact. It all happened in a flash.
Our courier spoke to the man, in Spanish, very briefly. He clearly identified himself as the man I had spoken to.
However, as soon as the BBC team appeared with a camera and a microphone, he fled, shedding his coat, flip flops, and fake ID.

Cyber crime losses in US almost ‘double’ during 2009

gmcknight — Tue, 16 Mar 2010 12:32:37 +0000

Cyber crime losses in US almost ‘double’ during 2009

http://news.bbc.co.uk/2/hi/technology/8569805.stm

Net criminals cashed in during 2009, suggests a report.
US losses to online crime almost doubled during 2009, reveals a report.
Losses totalled $560m (£371m) in 2009, up from $265m (£176m) in 2008, showed the annual report by the Internet Crime Complaint Center (IC3).
Complaints about online fraud grew 22% during 2009 and the IC3 received more than 336,655 reports of high-tech crime incidents from victims.
The most popular scams involved requests for advanced fees and non-delivery of merchandise.
Death threat
Non-delivery accounted for almost 20% of all complaints with ID theft being the subject of 14.1% of the total crimes reported.
“Internet crime is evolving in ways we couldn’t have imagined just five years ago,” said Donald Brackman, director of the National White Collar Crime Center which helped draw up the report.
One scam that proved popular in 2009 involved people receiving an e-mail from the “Ishmael Ghost Islamic Group”. The sender claims he has been told to assassinate the recipient and their family. Only by giving a donation to a UK group that helps Islamic expatriates will the death threat be lifted.
While the average loss from online fraud during 2009 was $575 the total jumped significantly because some victims lost enormous sums to criminals, said the report. About 1% of the crimes reported involved losses of more than $100,000.
More than half of those falling victim, 55%, were aged 40 or older.
The report also tried to put figures on the character of the hi-tech crime population. Figures it gathered suggest that 76% of criminals are male and more than 50% of them live in six locations; California, Florida, New York, Texas, Washington and the District of Columbia.
The IC3 is backed by the FBI and the National White Collar Crime Center and was set up so those who fall victim to scams can easily report the incident.

ATM Technique for Stealing Debit Cards

gmcknight — Fri, 12 Feb 2010 21:40:51 +0000

Link

https://show.zoho.com/public/rahuldutt/beware of atm theft

Theft of Domain

gmcknight — Wed, 02 Dec 2009 14:28:03 +0000

It won’t happen to me, right?

That’s what I thought! As many of you have probably already read in DNJournal or elsewhere, last week was a rough week for me. I awoke Monday morning to discover that I had been hacked. Someone had stolen my domain name, CFJ.com , from my Godaddy account. At the time, we didn’t know if it was isolated to that name or even just to Godaddy. So of course, wide spread panic ensued.

To clarify, the thief did not hack into Godaddy. It appears that they installed a keylogger on my computer, most likely by sending me an email which I in turn opened (although not necessarily with an attachment). The keylogger then tracked my keystrokes for an uncertain period of time and relayed the information back to the thief until he/she had all the information they need (i.e.- my Godaddy Username and Password).

The whole thing was well planned and carefully orchestrated. The thief never even took possession of the domain name him/herself. The domain was sold on NamePros.com through private messaging on the forum prior to them logging in to my Godaddy account and pushing the domain to the account of the unsuspecting (perhaps naïve) buyer. The whole thing only took a couple of minutes.

The transaction, as I said, took place on NamePros.com. The thief sold/traded CFJ.com for a sum of cash plus 15 other domain names, mostly 3 Character .NET, .ORG and .COM domains. What boggles my mind is how someone could think they could buy a 3 Letter .COM for a bag full of mediocre domains and a small amount of cash? The buyer didn’t even take the time to check the WHOIS first and see if they were actually negotiating with the owner of the domain or an authorized representative! Please, do us all a favor (as well as yourselves) and when you see a 3 Letter .COM domain name being advertised for sale on DNForum or NamePros at $3,000 or less, use your better judgment and take a pass. At least do your due diligence to make sure you aren’t buying stolen goods. If we all took some precaution it would make it a lot harder for these criminals to resell the stolen domains in the short window that they have to offload them and we could start making some progress towards stopping them.

I have to give a big applause to Godaddy, and specifically to my Executive Account Manager Tess Diaz, for the way that this situation was handled. They acted fast, were able to lock down the domain so as to prevent it from being transferred out of Godaddy, and everything was surprisingly non-bureaucratic, contrary to what people often believe Godaddy can be. I actually find it hard to believe that any other registrar could have, or would have, acted in such an effective manner. In the end, we were able to recover CFJ.com safely back in to my account in just about 12 hours! Record time for a domain theft recovery. However, I can tell you that those were a rough 12 hours. Although they don’t advertise it, Executive Account customers are eligible for a free security service at Godaddy called “Domain Transfer Validation Service”. This service does not allow any domains to be transferred away from your Godaddy account without verbal authorization and a separate, secure authorization PIN from the account holder and can only take place at a pre arranged phone number which is not stored in your account (necessarily). Further, the only person authorized to transact these transfers at Godaddy is your account manager. Of course, I have now entrusted my portfolio of domains to this service and will begin migrating many of my domains not registered at Godaddy over to my Godaddy account. To my knowledge, no other registrar offers such a service.

I must aslo give a special thanks to Warren Weitzman whose advice on this matter was crucial in my timely recovery. Warren, unfortunately, was recently victim of an even larger hijacking when 12 of his most valuable domain names were stolen from his Enom account. It took 2 weeks to recover all of his domains, but luckily they were recoverable. Warren’s advice to publicize the theft as broadly as possible was critical in the recovery process. Informing other domain investors, who are in general the only on demand buyers for these stolen names, is very important in order to prevent further reselling of the domain and complicating of the recovery process. It is also important to broadcast the theft because these are rarely isolated incidents and often, as was the case this time, there are other stolen domains also being marketed and often the owners haven’t even discovered the theft yet. Awareness is a key element in prevention.

Domain Hijacking is on the rise, whether it’s due to the depressed economy, ever increasing domain values or simply that these cyber criminals see the security weakness in the domain registration and registrar model and are exploiting it while they can, I’m not certain, but it is likely a culmination of all of these factors. These guys are clever, and unfortunately by definition, they are always one step ahead of the security software such as Anti-Virus and Firewall protection. Updates are created in response to new types of attacks.

I’d like to make one last note. Although I don’t often like to speak badly about anyone as it doesn’t reflect well, in this case something needs to be said and I can only hope it gets a reaction. NamePros.com was entirely uncooperative and unresponsive in this incident. Despite multiple phone calls and emails, I received no response and no assistance in this matter from them. The thief used NamePros to transact the stolen domain name(s) and the whole thing is well documented through private messaging and a forum string which I do not have access to without the help of NamePros. This information is critical to law enforcement in finding the identity of the thief, yet NamePros refuses to cooperate in any way whatsoever. As one of the leading forums in the domain industry, NamePros has a responsibility to help protect the community from these criminals. NamePros.com has often been the platform of choice for these criminals to offload their stolen goods and yet NamePros does nothing about it and takes no action in assisting the victim’s (who represent their community) or law enforcement. I am sad to say that this time around, NamePros.com has failed me…shame on you!

Protect yourself the best you can with good antivirus software and firewall, but remember that awareness of your domain activity and having good contacts at your registrars is essential for protecting your domain investments. Happy Domaining!