jm + fraud   34

Breaking open the MtGox case, part 1
Earlier today news broke of an arrest in Greece of a Russian national suspected of running a large-scale money laundering operation focused on Bitcoin. The man has since been publicly identified as Alexander Vinnik, 38, and over $4 billion USD is said to have been trafficked through the operation since 2011. We won't beat around the bush with it: Vinnik is [WizSec's] chief suspect for involvement in the MtGox theft (or the laundering of the proceeds thereof).
mtgox  theft  bitcoin  fraud 
8 weeks ago by jm
Global ‘Wana’ Ransomware Outbreak Earned Perpetrators [just] $26,000 So Far
As thousands of organizations work to contain and clean up the mess from this week’s devastating Wana ransomware attack, the fraudsters responsible for releasing the digital contagion are no doubt counting their earnings and congratulating themselves on a job well done. But according to a review of the Bitcoin addresses hard-coded into Wana, it appears the perpetrators of what’s being called the worst ransomware outbreak ever have made little more than USD $26,000 so far from the scam.
money  fraud  ransomware  wana  brian-krebs  bitcoin  cryptocurrency  viruses 
may 2017 by jm
Automated unemployment insurance fraud detection system had a staggering 93% error rate in production
Expect to see a lot more cases of automated discrimination like this in the future. There is no way an auto-adjudication system would be allowed to have this staggering level of brokenness if it was dealing with the well-off:

State officials have said that between Oct. 1, 2013, when the MiDAS [automated unemployment insurance fraud detection] system came on line, and Aug. 7, 2015, when the state halted the auto-adjudication of fraud determinations and began to require some human review of MiDAS findings, the system had a 93% error rate and made false fraud findings affecting more than 20,000 unemployment insurance claims. Those falsely accused of fraud were subjected to quadruple penalties and aggressive collection techniques, including wage garnishment and seizure of income tax refunds. Some were forced into bankruptcy.

The agency is now reviewing about 28,000 additional fraud determinations that were made during the relevant period, but which involved some human review. An unknown number of those fraud findings were also false.
fraud  broken  fail  michigan  detroit  social-welfare  us-politics  computer-says-no  automation  discrimination  fraud-detection 
march 2017 by jm
Data from pacemaker used to arrest man for arson, insurance fraud
Compton has medical conditions which include an artificial heart linked to an external pump. According to court documents, a cardiologist said that "it is highly improbable Mr. Compton would have been able to collect, pack and remove the number of items from the house, exit his bedroom window and carry numerous large and heavy items to the front of his residence during the short period of time he has indicated due to his medical conditions."

After US law enforcement caught wind of this peculiar element to the story, police were able to secure a search warrant and collect the pacemaker's electronic records to scrutinize his heart rate, the demand on the pacemaker and heart rhythms prior to and at the time of the incident.
pacemakers  health  medicine  privacy  data  arson  insurance  fraud  heart 
february 2017 by jm
Banks biased against black fraud victims
We raised the issue of discrimination in 2011 with one of the banks and with the Commission for Racial Equality, but as no-one was keeping records, nothing could be proved, until today. How can this discrimination happen? Well, UK rules give banks a lot of discretion to decide whether to refund a victim, and the first responders often don’t know the full story. If your HSBC card was compromised by a skimmer on a Tesco ATM, there’s no guarantee that Tesco will have told anyone (unlike in America, where the law forces Tesco to tell you). And the fraud pattern might be something entirely new. So bank staff end up making judgement calls like “Is this customer telling the truth?” and “How much is their business worth to us?” This in turn sets the stage for biases and prejudices to kick in, however subconsciously. Add management pressure to cut costs, sometimes even bonuses for cutting them, and here we are.
discrimination  racism  fraud  uk  banking  skimming  security  fca 
january 2017 by jm
Tesco Bank: 20,000 customers lose money - BBC News
"Any financial loss that results from this fraudulent activity will be borne by the bank," Mr Higgins said. "Customers are not at financial risk."


Well, that would be surprising....
tesco  banking  fraud  security  hacks  uk 
november 2016 by jm
Northland man denies burning down house but insurer refuses to pay out
This is a mad story. The insurance company is accusing a guy in NZ of using remote-login software from 400km away to trigger a "print" command to a complicated Heath Robinson setup in order to light a fire to burn down his house
fraud  insurance  weird  nz  crime  printers  remote-login 
september 2016 by jm
the Wire-Wire fraud
'Researchers learn about wire-fraud scam after Nigerian scammers infect themselves with their own malware.'
The researchers observed Wire-Wire scores of $5,000 to $250,000 with the average between $30,000-$50,000 from small- and medium-sized businesses. The scammers themselves were "well-respected and admired" in their communities.


I've heard about this scam -- it's nasty, and worst of all, banks won't reimburse the losses.
scams  fraud  wire-wire  nigeria  malware  banking 
august 2016 by jm
Revealed: How copyright law is being misused to remove material from the internet
Automated DMCA takedowns used to fraudulently censor online content.
In fact, no copyright infringement had occurred at all. Instead, something weirder had happened. At some point after Narey posted her comments on Mumsnet, someone had copied the entire text of one of her posts and pasted it, verbatim, to a spammy blog titled “Home Improvement Tips and Tricks”. The post, headlined “Buildteam interior designers” was backdated to September 14 2015, three months before Narey had written it, and was signed by a “Douglas Bush” of South Bend, Indiana. The website was registered to someone quite different, though: Muhammed Ashraf, from Faisalabad, Pakistan.

Quite why Douglas Bush or Muhammed Ashraf would be reviewing a builder based in Clapham is not explained in “his” post. BuildTeam says it has no idea why Narey’s review was reposted, but that it had nothing to do with it. “At no material times have we any knowledge of why this false DCMA take down was filed, nor have we contracted any reputation management firms, or any individual or a group to take such action on our behalf. Finally, and in conjunction to the above, we have never spoken with a ‘Douglas Bush,’ or a ‘Muhammed Ashraf.’”
fraud  censorship  mumsnet  dmca  takedowns  google  automation  copyright 
may 2016 by jm
100 thieves steal $13m in three hours from cash machines across Japan
'Police believe that as many as 100 people, none of whom have been apprehended, worked together using forged credit cards containing account details illegally obtained from a bank in South Africa. The culprits used the fake cards at 1,400 convenience store automated teller machines on the morning of 15 May, according to police. Each made a single withdrawal of 100,000 yen – the maximum allowed by the cash machines.'

1,600 forged/stolen credit card credentials from a single bank, then a synchronised attack made possible by the eventually-consistent ledger model of ATM accounting.

(via William Gibson)
atms  banking  japan  fraud  security  credit-cards 
may 2016 by jm
How Stingrays were unmasked
'THE DRAGNET: How a man accused of million-dollar fraud uncovered a never before seen, secret surveillance device'
stingrays  crime  fraud  surveillance  mobile  police  imsi-catchers 
january 2016 by jm
How VW tricked the EPA's emissions testing system
In July 2015, CARB did some follow up testing and again the cars failed—the scrubber technology was present, but off most of the time. How this happened is pretty neat. Michigan’s Stefanopolou says computer sensors monitored the steering column. Under normal driving conditions, the column oscillates as the driver negotiates turns. But during emissions testing, the wheels of the car move, but the steering wheel doesn’t. That seems to have have been the signal for the “defeat device” to turn the catalytic scrubber up to full power, allowing the car to pass the test. Stefanopolou believes the emissions testing trick that VW used probably isn’t widespread in the automotive industry. Carmakers just don’t have many diesels on the road. And now that number may go down even more.


Depressing stuff -- but at least they think VW's fraud wasn't widespread.
fraud  volkswagen  vw  diesel  emissions  air-quality  epa  carb  catalytic-converters  testing 
september 2015 by jm
Bank of the Underworld - The Atlantic
Prosecutors analyzed approximately 500 of Liberty Reserve’s biggest accounts, which constituted 44 percent of its business. The government contends that 32 of these accounts were connected to the sale of stolen credit cards and 117 were used by Ponzi-scheme operators. All of this activity flourished, prosecutors said, because Liberty Reserve made no real effort to monitor its users for criminal behavior. What’s more, records showed that one of the company’s top tech experts, Mark Marmilev, who was also arrested, appeared to have promoted Liberty Reserve in chat rooms devoted to Ponzi schemes.


(via Nelson)
scams  fraud  crime  currency  the-atlantic  liberty-reserve  ponzi-schemes  costa-rica  arthur-budovsky  banking  anonymity  cryptocurrency  money-laundering  carding 
april 2015 by jm
Apple Pay suffering fraud problems
Fraud in Apple Pay will in time, come to be managed – but the fact that easily available PII can waylay best in class protection should give us all pause.
fraud  apple  apple-pay  pii  identity-theft 
january 2015 by jm
Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins | Threat Level | WIRED
'The attacker specifically targeted a collection of bitcoin mining “pools”–bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces. The redirection technique tricked the pools’ participants into continuing to devote their processors to bitcoin mining while allowing the hacker to keep the proceeds. At its peak, according to the researchers’ measurements, the hacker’s scam was pocketing a flow of bitcoins and other digital currencies including dogecoin and worldcoin worth close to $9,000 a day. “With this kind of hijacking, you can quite easily grab a large collection of clients,” says Pat Litke, one of the Dell researchers. “It takes less than a minute, and you end up with a lot of mining traffic under your control.”'

'In total, Stewart and Litke were able to measure $83,000 worth of cryptocurrency stolen in the BGP attack [...] but the total haul could be larger'
bitcoin  mining  fraud  internet  bgp  routing  security  attacks  hacking 
august 2014 by jm
It’s So Easy
Attempting to cash out of Bitcoins turns out to be absurdly difficult:
Trying to sell the coins in person, and basically saying he ether wants Cash, or a Cashiers check (since it can be handed over right then and there), has apparently been a hilarious clusterfuck. Today he met some guy infront of his bank, and apparently as soon as he mentioned that he needs to get the cash checked to make sure it is not counterfeit, the guy freaked out and basically walked away. Stuff like this has been happening all week, and he apparently so far has only sold a single coin of several hundred.
bitcoin  fail  funny  mtgox  fraud  cash  fiat-currency  via:rsynnott  buttcoin 
march 2014 by jm
Target Hackers Broke in Via HVAC Company
Avivah Litan, a fraud analyst with Gartner Inc., said that although the current PCI standard does not require organizations to maintain separate networks for payment and non-payment operations (page 7), it does require merchants to incorporate two-factor authentication for remote network access originating from outside the network by personnel and all third parties.


Target shared the same network for outside contractor access and the critical POS devices. fail. (via Joe Feise)
via:joe-feise  hvac  contractors  fraud  malware  2fa  security  networking  payment  pci 
february 2014 by jm
Who Made That Nigerian Scam? - NYTimes.com
The history behind the 419 advance-fee fraud scam.
According to Robert Whitaker, a historian at the University of Texas, an earlier version of the con, known as the Spanish Swindle or the Spanish Prisoner trick, plagued Britain throughout the 19th century.
nigerian-scam  419  aff  scams  spam  fraud  history 
january 2014 by jm
IPSO representative trivialising impact of the Loyaltybuild data breach
A very worrying quote from Una Dillon of the Irish Payment Services Organisation in regard to the Loyaltybuild incident:
“I wouldn’t be overly concerned if one of my cards was caught up in this,” Dillon says. “Even in the worst-case scenario – one in which my card was used fraudulently – my card provider will refund me everything that is taken”.


This reflects a deep lack of understanding of (a) how identity fraud works, and (b) how card-fraud refunds in Ireland appear to work.

(a): Direct misuse of credit card data is not always the result. Fraudsters may prefer to instead obtain separate credit through identity theft, ie. using other personal identifying data.

(b): Visa debit cards have no credit limit -- your bank account can be cleared out in its entirety, and refunds can take a long time. For instance, http://www.askaboutmoney.com/showthread.php?t=174482 describes several cases, including one customer who waited 21 days for a refund.

All in all it's trivialising a major risk for consumers. As I understand it, a separate statement from IPSO recommended that all customers of Loyaltybuild schemes need to monitor their bank accounts daily to keep an eye out for fraud, which is pretty absurd. Not impressive at all.
loyaltybuild  ipso  money  cards  credit-cards  visa  debit-cards  payment  fraud  identity-theft  ireland 
november 2013 by jm
Experian Sold Consumer Data to ID Theft Service
This is what happens when you don't have strong controls on data protection/data privacy -- the US experience.
While [posing as a US-based private investigator] may have gotten the [Vietnam-based gang operating the massive identity fraud site Superget.info] past Experian and/or CourtVentures’ screening process, according to Martin there were other signs that should have alerted Experian to potential fraud associated with the account. For example, Martin said the Secret Service told him that the alleged proprietor of Superget.info had paid Experian for his monthly data access charges using wire transfers sent from Singapore.

“The issue in my mind was the fact that this went on for almost a year after Experian did their due diligence and purchased” Court Ventures, Martin said. “Why didn’t they question cash wires coming in every month? Experian portrays themselves as the data-breach experts, and they sell identity theft protection services. How this could go on without them detecting it I don’t know. Our agreement with them was that our information was to be used for fraud prevention and ID verification, and was only to be sold to licensed and credentialed U.S. businesses, not to someone overseas.”


via Simon McGarr
via:tupp_ed  privacy  security  crime  data-protection  data-privacy  experian  data-breaches  courtventures  superget  scams  fraud  identity  identity-theft 
october 2013 by jm
Interpol filter scope creep: ASIC ordering unilateral website blocks
Bloody hell. This is stupidity of the highest order, and a canonical example of "filter creep" by a government -- secret state censorship of 1200 websites due to a single investment scam site.

The Federal Government has confirmed its financial regulator has started requiring Australian Internet service providers to block websites suspected of providing fraudulent financial opportunities, in a move which appears to also open the door for other government agencies to unilaterally block sites they deem questionable in their own portfolios.

The instrument through which the ISPs are blocking the Interpol list of sites is Section 313 of the Telecommunications Act. Under the Act, the Australian Federal Police is allowed to issue notices to telcos asking for reasonable assistance in upholding the law. [...] Tonight Senator Conroy’s office revealed that the incident that resulted in Melbourne Free University and more than a thousand other sites being blocked originated from a different source — financial regulator the Australian Securities and Investment Commission.

On 22 March this year, ASIC issued a media release warning consumers about the activities of a cold-calling investment scam using the name ‘Global Capital Wealth’, which ASIC said was operating several fraudulent websites — www.globalcapitalwealth.com and www.globalcapitalaustralia.com. In its release on that date, ASIC stated: “ASIC has already blocked access to these websites.”
scams  australia  filtering  filter-creep  false-positives  isps  asic  fraud  secrecy 
may 2013 by jm
Sift Science says it can sniff out cyber fraud — before it gets expensive
Great idea for a startup. This stuff is complex, right in the heart of every company's ordering pipeline, and I can see a lot of customers for this
sift-science  anti-fraud  fraud  b2b  b2c  ecommerce  startups  aws 
march 2013 by jm
Massive identity-theft breach in South Korea results in calls for national ID system to be abandoned
In South Korea, web users are required to provide their national ID number for "virtually every type of Internet activity, not only for encrypted communications like e-commerce, online banking and e-government services but also casual tasks like e-mail and blogging", apparently in an attempt to "curb cyber-bullying". The result is obvious -- those ID numbers being collected in giant databases at companies like "SK Communications, which runs top social networking service Cyworld and search site Nate", and those giant databases being tasty targets for black-hats. Now:

"In Korea’s biggest-ever case of data theft the recent hacking attack at SK Communications, which runs top social networking service Cyworld and search site Nate, breached 35 million accounts, a mind-boggling total for a country that has about 50 million people and an economically-active population of 25 million. The compromised information includes names, passwords, phone numbers, e-mail addresses, and most alarmingly, resident registration numbers, the country’s equivalent to social security numbers."

This is an identity-fraudster's dream: "In the hands of criminals, resident registration numbers could become master keys that open every door, allowing them to construct an entire identity based on the quality and breadth of data involved."
south-korea  identity  fraud  identity-theft  web  bullying  authentication  hacking 
june 2012 by jm
Copyfraud - Wikipedia, the free encyclopedia
'a term coined by Jason Mazzone (Associate Professor of Law at Brooklyn Law School) to describe situations where individuals and institutions illegally claim copyright ownership of the public domain and other breaches of copyright law with little or no oversight by authorities or legal consequence for their actions.' Good term (via Nelson)
copyright  rights  ip  fraud  copyfraud  wikipedia  words  terminology  neologisms  dmca  infringement 
may 2012 by jm
Dutch grepping Facebook for welfare fraud
'The [Dutch] councils are working with a specialist Amsterdam research firm, using the type of computer software previously deployed only in counterterrorism, monitoring [LinkedIn, Facebook and Twitter] traffic for keywords and cross-referencing any suspicious information with digital lists of social welfare recipients.

Among the giveaway terms, apparently, are “holiday” and “new car”. If the automated software finds a match between one of these terms and a person claiming social welfare payments, the information is passed on to investigators to gather real-life evidence.' With a 30% false positive rate, apparently -- let's hope those investigations aren't too intrusive!
grep  dutch  holland  via:tjmcintyre  privacy  facebook  twitter  linkedin  welfare  dole  fraud  false-positives  searching 
september 2011 by jm
Comodo's incident report on the March 15 incident
pointing the finger at the Iranian state; various login URLs for GMail, Yahoo! Mail, Hotmail, and something called "global trustee" (wtf)
security  fraud  comodo  fail  ssl  tls  ocsp  revocation  from delicious
march 2011 by jm
All About Skimmers — Krebs on Security
photos of the current state-of-the-art in ATM skimmers via Brian Krebs
brian-krebs  atm  skimmers  security  photos  banking  fraud  from delicious
october 2010 by jm
Malicious App In Android Market
phisher creates a banking app for Android phones which relays the authorization details to another site, possible because of insufficient app vetting (via Mulley)
apps  iphone  android  smartphones  phones  mobile  phishing  security  banking  fraud  from delicious
january 2010 by jm
bank-trojan fraudsters use Twitter to control botnet
next in a long line of one-to-many communication systems used by bad guys
twitter  botnet  security  upd4t3  banking  fraud 
august 2009 by jm
background on Yahoozee
bit of controversy about Colin Powell dancing (!) to a song that promotes the "Yahoo boys", 419 scammers -- but it doesn't sound like that's the case, going by this post
419  scams  fraud  spam  nigeria  colin-powell  yahoo  yahoozee 
august 2009 by jm
Security Fix - Clampi Trojan: The Rise of Matryoshka Malware
'[Joe] Stewart said the sophistication and stealth of this malware strain has become so bad that it's time for Windows users to start thinking of doing their banking and other sensitive transactions on a dedicated system that is not used for everyday Web surfing.' it's that bad
joe-stewart  secureworks  malware  reverse-engineering  clampi  trojans  banking  security  danger  risks  windows  microsoft  fraud 
august 2009 by jm
UK company selling "have you been phished" check using stolen data
according to this, a retired cop has set up a company called Lucid Intelligence with 'the records of four million Britons, and 40 million people worldwide, mostly Americans', and plans to 'charge members of the public for access to his database to check whether their data security has been breached.' How is this legal under Data Protection law? wtf
privacy  uk  law  hacking  phishing  fraud  crime  police  database  identity-theft  lucid-intelligence  data-protection  security  colin-holder 
july 2009 by jm

related tags

2fa  aff  air-quality  android  anonymity  anti-fraud  apple  apple-pay  apps  arson  arthur-budovsky  asic  atm  atms  attacks  australia  authentication  automation  aws  b2b  b2c  banking  bgp  bitcoin  botnet  brian-krebs  broken  bullying  buttcoin  carb  carding  cards  cash  catalytic-converters  censorship  clampi  colin-holder  colin-powell  comodo  computer-says-no  contractors  copyfraud  copyright  costa-rica  courtventures  credit-cards  crime  cryptocurrency  currency  cybercrime  danger  data  data-breaches  data-privacy  data-protection  database  debit-cards  detroit  diesel  discrimination  dmca  dole  dutch  ecommerce  emissions  epa  experian  facebook  fail  false-positives  fca  fiat-currency  filter-creep  filtering  fraud  fraud-detection  funny  gardai  google  grep  hacking  hacks  health  heart  history  holland  hvac  identity  identity-theft  imsi-catchers  infringement  insurance  internet  ip  iphone  ipso  ireland  isps  japan  joe-stewart  law  liberty-reserve  linkedin  loyaltybuild  lucid-intelligence  malware  medicine  michigan  microsoft  mining  mobile  money  money-laundering  mtgox  mumsnet  neologisms  networking  nigeria  nigerian-scam  nz  ocsp  pacemakers  payment  pci  phishing  phones  photos  pii  police  policing  ponzi-schemes  printers  privacy  racism  ransomware  remote-login  reverse-engineering  revocation  rights  risks  routing  scams  searching  secrecy  secureworks  security  sift-science  skimmers  skimming  smartphones  social-welfare  south-korea  spam  ssl  startups  stingrays  superget  surveillance  takedowns  terminology  tesco  testing  the-atlantic  theft  tls  trojans  twitter  uk  upd4t3  us-politics  via:joe-feise  via:rsynnott  via:tjmcintyre  via:tupp_ed  viruses  visa  volkswagen  vw  wana  web  weird  welfare  wikipedia  windows  wire-wire  words  yahoo  yahoozee 

Copy this bookmark:



description:


tags: