Category Archives: Web Fraud 2.0

U.S. Charges 37 Alleged Money Mules

September 30, 2010

Troy Owen never thought he’d see the day when the cyber thieves who robbed his company of $800,000 would ever be charged with any crime. Owens said that investigators told him that the perpetrators were mostly overseas in places like Ukraine and Moldova, and that it might be tough to catch those responsible.

But on Thursday afternoon, authorities in New York announced they had charged more than 60 individuals — and arrested 20 — in connection with international cyber heists perpetrated against dozens of companies in the United States, including Owen’s.

Fake LinkedIn Invite Leads to ZeuS Trojan

September 28, 2010

13 Comments

A major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan.

Spam Affiliate Program Spamit.com to Close

September 27, 2010

22 Comments

Spamit, a closely guarded affiliate program that for years has paid some of the world’s top spammers to promote counterfeit pharmacy Web sites, now says that it will close up shop at the end of September.

I’ll Take 2 MasterCards and a Visa, Please

September 22, 2010

93 Comments

When you’re shopping for stolen credit and debit cards online, there are so many choices these days. A glut of stolen data — combined with innovation and cutthroat competition among vendors — is conspiring to keep prices for stolen account numbers exceptionally low. Even so, many readers probably have no idea that their credit card information is worth only about $1.50 on the black market.

SpyEye Botnet’s Bogus Billing Feature

September 17, 2010

11 Comments

Miscreants who control large groupings of hacked PCs or “botnets” are always looking for ways to better monetize their crime machines, and competition among rival exploit kit developers is leading to several ingenious new features. The SpyEye botnet kit, for example, now not only allows botnet owners to automate the extraction of credit card and other financial data from infected systems, but it also can be configured to use those credentials to gin up bogus sales at online stores set up by the botmaster.

‘Stuxnet’ Worm Far More Sophisticated Than Previously Thought

September 14, 2010

29 Comments

The “Stuxnet” computer worm made international headlines in July, when security experts discovered that it was designed to use a previously unknown security hole in Microsoft Windows computers to steal industrial secrets and potentially disrupt operations of critical information networks. But new information about the worm shows that it leverages at least three other previously unknown security holes in Windows PCs, including a vulnerability that Redmond fixed in a software patch released today.

A One-Stop Money Mule Fraud Shop

September 13, 2010

29 Comments

A recent chat with an individual who was almost tricked into helping organized criminals launder thousands of dollars stolen through e-banking fraud introduced me to one of the most clever and convincing money mule recruitment Web sites I’ve ever encountered.… Read More »

Crooks Who Stole $600,000 From Catholic Diocese Said Money Was for Clergy Sex Abuse Victims

August 30, 2010

43 Comments

Organized thieves stole more than $600,000 from the Catholic Diocese of Des Moines, Iowa earlier this month, sending the money in small chunks overseas with the help of dozens of co-conspirators here in the United States.

Researchers Kneecap ‘Pushdo’ Spam Botnet

August 27, 2010

7 Comments

Security researchers have dealt a mighty blow to a spam botnet known as Pushdo, a massive grouping of hacked PCs that until recently was responsible for sending more than 10 percent of all e-mail worldwide.

NetworkSolutions Sites Hacked By Wicked Widget

August 16, 2010

23 Comments

Hundreds of thousands of Web sites parked at NetworkSolutions.com have been serving up malicious software, thanks to a tainted widget embedded in the pages, a security company warned Saturday.

Web application security vendor Armorize said it found the mass infection while responding to a complaint by one of its largest customers. Armorize said it traced the problem back to the “Small Business Success Index” widget, an application that Network Solutions makes available to site owners through its GrowSmartBusiness.com blog.