Organized Crime ID Theft from Eastern Europe
0 comments
by Doug Pollack
We all hear about how more and more identity theft is now being done with the internet. What you don’t hear as much about is how an increasing percentage of US-based identity theft is perpetrated by organized crime overseas.
A recent FBI press release titled “38 Individuals in US and Romania Charged in Two Related Cases of Computer Fraud Involving International Organized Crime” describes a frightening phishing scheme that:
“uses the Internet to target large numbers of unwary individuals, using fraud and deceit to obtain private personal and financial information such as names, addresses, bank account numbers, credit card numbers and Social Security numbers. Phishing schemes often work by sending out large numbers of counterfeit e-mail messages, which are made to appear as if they originated from legitimate banks, financial institutions or other companies.”
The level of organization of this criminal enterprise and effectiveness of their efforts is remarkable. According to the indictment:
“The Romania-based members of the enterprise obtained thousands of credit and debit card accounts and related personal information by phishing, with more than 1.3 million spam emails sent in one phishing attack. Once directed to a bogus site, victims were then prompted at those sites to enter access device and personal information. The Romanian “suppliers” collected the victims’ information and sent the data to U.S.-based “cashiers” via Internet “chat” messages. The domestic cashiers used hardware called encoders to record the fraudulently obtained information onto the magnetic strips on the back of credit and debit cards, and similar cards such as hotel keys. Cashiers then directed “runners” to test the fraudulent cards by checking balances or withdrawing small amounts of money at ATMs. The cards that were successfully tested, known as “cashable” cards, were used to withdraw money from ATMs or point of sale terminals that the cashiers had determined permitted the highest withdrawal limits. A portion of the proceeds was then wire transferred to the supplier who had provided the access device information.”
As organized crime becomes increasingly sophisticated in using our affinity for online commerce to their advantage, we should all be extra cautious, especially in watching out for something that has become as commonplace as the phishing scam.
