With cybercriminals increasingly using malware and phishing attacks to steal sensitive personal information, it’s perhaps not surprising that a company that makes online security software would want to acquire a business that offers identity theft protection services — even one that has been heavily penalized for not living up to its promises. [More]
Fighting spam scammers might sometimes seem like a pointless game of Whac-A-Mole, but international law enforcement authorities say they have bopped one particularly large mole on the head by arresting the alleged ringleader of a global email scam ring that swindled $60 million from its victims. [More]
Company Loses $197K In Cyberheist, Has To Bribe Chinese Police With Cigarettes & Cash To Get Some Of It Back
If someone steals nearly $200,000 from your business and you were able to track down the location of the thief, you’d hope the local police would be willing to arrest that criminal and help you get your stolen money back. But for one American business owner whose money had been illegally siphoned off by a Chinese company, it took payments of cigarettes and cash for the authorities to care. [More]
Congress was understandably alarmed at the news that cyberbaddies, believed to be criminals based in Russia, were able to gain access to previous years’ return data for 104,000 U.S. taxpayers. The Senate Finance Committee held a hearing today, where the Inspector General of the IRS explained that the agency simply isn’t keeping up with the criminals who want its data. [More]
In the Big Bang Theory episode “The Zarnecki Incursion,” Sheldon’s World of Warcraft account is hacked and his in-game character is robbed of all its amassed treasure and weaponry. The local police and FBI both laugh off his demands to track down the virtual thief, but in the real world there are prosecutors going after this new form of criminal. [More]
Through hacks of hundreds of thousands of websites, a Russian crime ring has reportedly gained access to 1.2 billion user name and password combinations, along with hundreds of millions of e-mail addresses. [More]
It’s hard to feel bad for the banking business, but financial institutions can take a huge hit when consumers are the victims of large-scale fraud or ID theft. Replacing debit and credit cards, issuing refunds, investigating sketchy transactions can all add up — and of course that cost ultimately gets passed on to customers. This is why federal regulators are putting banks on alert to be mindful of increasingly popular ATM fraud and to be prepared for attacks on their websites. [More]
When nefarious types are in need of remote PCs to do their dirty work, they can turn to underground, invitation-only services that rent out computers owned by marks who aren’t aware their hardware is being prostituted.
Fortune has a great profile on the “Ocean’s 11” of HELOC fraud. Armed with just laptops and cellphones set to the right area code, he and his crew would drain home-equity lines of credit from unsuspecting homeowners accounts, piecing together enough of a profile on them from publicly available information to break through their account security. At his peak, he was pulling down millions a week, operating out of fancy hotel suites and drinking heavily from an endless stream of high-end liquor, jewelry, and prostitutes. And despite the FBI’s best dragnet efforts, he still remains at large today.
There’s many ways your credit card can be stolen and exploited, but this is one of the more sophisticated: In this WIRED video, Detective Bob Watts of Newport Beach Police Department shows how crooks take your credit card numbers they steal off the internet and turn a blank plastic card into something they could swipe through a Best Buy scanner or plunk down at a fancy restaurant, complete with holograms and embossing. Using these techniques, one criminal ring racked up over a $1 million in fraud before they got busted.
Albert Gonzalez, the mastermind behind most of the multi-million dollar credit card breaches in the past few years, is being sentenced this week. (Feds are asking for 25 years.) Now his former accomplice, Stephen Watt, has told Wired that while Gonzalez was busy stealing and selling credit card data he was also being paid under the table by the U.S. Secret Service to inform on others, earning as much as $75,000 in cash annually.
The Washington Post says that a hacker encrypted 8 million patient prescription records from a Virginia state website last week, deleted the backups, and replaced the home page with a ransom note. If the state doesn’t pay $10 million within 7 days, the hacker has threatened to sell the data to the highest bidder.
Don’t be too surprised if you get a letter from your bank or credit union in the next few weeks telling you it’s replacing your credit card. If your data was among the latest set compromised, Visa and Mastercard are already alerting financial institutions so they can cancel the account number.
As part of their inquiry, FTC staff made undercover purchases from the sites. No one asked the clandestine buyers to provide verification of a prescription and the shipped drugs did not include doctors’ instructions or dosage information, officials said.
We write a lot about data loss at American companies and financial institutions. Some of you might wonder why we spend so much time on Verizon losing the occasional CD, or the occasional Citibank security breach. Maybe you’re wealthy, with a million dollars in credit and a shimmering Porsche. Maybe you’ve got 75 bucks in your checking account and need to eat beans and rice until your next paycheck. Either way, cyber-crime tends to seem faceless, not really a threat to you personally.