Monthly Archives: June 2010

e-Banking Bandits Stole $465,000 From Calif. Escrow Firm

June 28, 2010

A California escrow firm has been forced to take out a pricey loan to pay back $465,000 that was stolen when hackers hijacked the company’s online bank account earlier this year.

In March, computer criminals broke into the network of Redondo Beach-based Village Escrow Inc. and sent 26 consecutive wire transfers to 20 individuals around the world who had no legitimate business with the firm.

Anti-virus is a Poor Substitute for Common Sense

June 25, 2010

A new study about the (in)efficacy of anti-virus software in detecting the latest malware threats is a much-needed reminder that staying safe online is more about using your head than finding the right mix or brand of security software.

Last week, security software testing firm NSS Labs released the results of its latest controversial test of how the major anti-virus products fared in detecting real-life malware from actual malicious Web sites: Most of the products took an average of more than 45 hours — nearly two days — to detect the latest threats.

Exploiting the Exploiters

June 23, 2010

Most computer users understand the concept of security flaws in common desktop software such as media players and instant message clients, but those same users often are surprised to learn that the very software tools attackers use to break into networks and computers typically are riddled with their own hidden security holes. Indeed, bugs that reside in attack software of the sort sold to criminals are extremely valuable to law enforcement officials and so-called “white hat” hackers, who can leverage these weaknesses to spy on the attackers or interfere with their day-to-day operations.

The Case for Cybersecurity Insurance, Part I

June 22, 2010

In very few of the many stories I’ve written about online banking fraud against businesses has insurance paid for much — if any — of the losses victim companies suffered. However, several victims I’ve interviewed from recent incidents did have cybersecurity insurance coverage bundled as part of a larger business risk insurance policies; in each case, the businesses suffered fairly substantial thefts, and appear likely to recoup all of their direct financial losses.

A Spike in Phone Phishing Attacks?

June 20, 2010

A couple of readers have written in to say they recently received scam telephone calls warning them about fraud on their credit card accounts and directing them to call a phone number to “verify” their credit card numbers.

These sometimes-automated attacks prompt people to call a supplied telephone number — often a toll-free line. In most cases, the calls will be answered by bogus interactive voice response system designed to coax account credentials and other personal information from the caller.

Sophisticated ATM Skimmer Transmits Stolen Data Via Text Message

June 17, 2010

Operating and planting an ATM skimmer — cleverly disguised technology that thieves attach to cash machines to intercept credit and debit card data — can be a risky venture, because the crooks have to return to the scene of the crime to retrieve their skimmers along with the purloined data. Increasingly, however, criminals are using ATM skimmers that eliminate much of that risk by relaying the information via text message.

Police Arrest 178 in U.S.-Europe Raid on Credit Card ‘Cloning Labs’

June 15, 2010

Police have arrested 178 people in Europe and the United States suspected of cloning credit cards in an international scam worth over 20 million euro ($24.52 million), according to a report from Reuters.

The stories so far are all light on details or whether this bust was connected to specific fraud forums that facilitate the trade in stolen credit card data, but the wire reports include the following information: