Internet Surfers Need To Be Aware of Fraud
Originally published May 12, 2008
By Arlene Karidis
Special to the News-Post

While the Internet is a powerful tool for staying connected to the world around us, it is also a stomping ground for scam artists who take advantage of trusting shoppers.

In 2007, 10.5 million cases of Internet fraud were reported to the Federal Trade Commission. In 2005, 21.5 percent of all fraud reported involved Internet scams. And these numbers are just a drop in the bucket, as most cases are never reported, according to Sally Greenburg, executive director of the National Credit League (NCL).

Staying on Guard

Even the Better Business Bureau has fallen prey to cyberspace fraud.

"Scamsters have stolen the bureau's logo and e-mailed companies' high-ranking executives requesting information, claiming that the company was reported to the Better Business Bureau for unethical or illegal practices," says Angie Barnett, president and CEO of the Better Business Bureau of Greater Maryland.

An education, common sense, and technology to protect consumers are all good safety measures to protect consumers.

"But staying one step ahead of technology used for online scams continues to be a cat and mouse game," said Dennis Natowski, a Mount Airy resident and consultant who works as a security specialist in decoding communications.

In addition to the Consumer Protection Act, which applies to fraud in any form, there is legislation specifically targeting online identity thieves, for example, outlawing deceptive spam. But even with these laws in place, there is still the huge challenge of tracking down fraudsters in the first place, according to a spokesperson for the Office of the Attorney General.

"Many spammers and people who place spyware on others' computers are located overseas. And then there are scammers from just about any location who insulate their activities by using 'zombie computers,' which is technology enabling them to route their spam or spyware and make the original sources difficult to trace,"

While there is an expansive array of identity theft strategies, three are most commonly in evidence in Maryland, according to Barnett. One such ploy is phishing.

"It's as if the hacker or fraudster throws a big net out and fishes for identity information, usually by sending e-mails under the pretense that a legitimate organization is asking for personal information," Barnett said. "If one in several thousand takes the bait, there could be good money in it for the fraudster."

As common as phishing is the advanced fee loan, where information is illegally obtained from consumers who turn to the Internet for small loans they cannot get from the bank. The information is sold to other scammers or used by the perpetrators themselves.

There are also overpayments where scammers pass off bogus checks for products sold online for over the amount of the sale. Perpetrators arrange to have partial refunds wired to them before the check clears.

Technology Forges Ahead

Technology available to scam artists is becoming increasingly more sophisticated. Viruses can be planted in computers that hijack victims' web browsers, taking them to a fake copy of the site. Trojan horses are hidden programs unloaded to allow unauthorized access to users' computers. Commonly the author claims to offer a free product, but when the program to obtain the product is run, the malicious, hidden program is installed.

While technology used for illegal purposes is advancing, so are consumer protection measures -- from single-use credit cards to purchase items without exposing account numbers, to more sophisticated firewalls that keep hackers out, to more sophisticated fraud alerts.

Most recently, federal guidelines were established, known as the Payment Card Industry Data Security Standard, laying out ways retailers can process credit card information.

New software scans fingerprints used to identify people asking for personal information.

While this particular technology is used only by businesses, more and more technology is trickling down to consumers.

Source: The Frederick News-Post.com

Cyber Crime: Business As Usual
Date: May 14, 2008
Source: ITbusinessedge.com via Computer Research Center
By: Carl Weinschenk

It is clear that cyber criminality is migrating from amateurs to professionals. One graphic — and somewhat chilling — reminder was posted last week by a McAfee researcher who found a site that actually quoted prices for certain types of stolen data.

Francois Paget said the size of the account and cachet of the institution figured in the pricing. The example offered in this SC Magazine post is an MBNA account carrying $22,000 “retails” at $2,317. The sales come with guarantees: If the buyer can’t access the account or it has been closed, the site will furnish a replacement. Piaget’s initial post is here.

This points to a scenario in which criminal enterprises are so solid and confident that they act like legitimate businesses. The gangs are awash in money – many of it reinvestment of money that they have stolen – while law enforcement has little funding and lacks the unity of purpose enjoyed by criminal gangs.

The story in Canada is virtually identical to the U.S. and Western European nations. This InterGovWorld.com story suggests the crooks are recruiting the best and the brightest kids, just as big business does. The story says that 17 people between the ages of 17 and 26 recently were arrested in connection to cyber crimes in the Montreal area.

This CNN story does a good job of explaining the emergence of an organized cyber criminal underground and provides context for the cat-and-mouse game between the dark side and authorities. The writer says that one group — Rock Phish — is thought to be responsible for more than half of the phishing sites in the world. The site obviously has a lot of bright designers and linguists working for it – just like any multinational. The story says that spams are written in perfect English, German, French and Dutch and that precise counterfeit logos are used.

Companies such as McAfee, of course, are on the front lines in the fight against organized cyber crime. CEO and president Dave DeWalt outlined the latest trends for eChannel Line and other sites and publications last month. The company sees an “alarming” increase in the amount and sophistication of malware and says there have been increasingly sophisticated attacks on government departments and corporations. He said these targets are beginning to tackle cyber security in the same way they traditionally protect physical assets. The emergence of IPv6, DeWalt said, is worrisome because its sophistication creates more more vulnerabilities.

The FBI clearly sees the threat from organized cyber crime. This release from the bureau details cooperative effort — known as the Strategic Alliance Cyber Crime Working Group — between the United States, Australia, Canada, New Zealand and the United Kingdom. The group’s goals are to develop an overview of “transnational” cyber threats; to create a portal for the group to work; to release information bulletins on threats and trends; to consider an experts’ exchange; and to share curricula and provide targeted training.