Thieves target guests at metro water park hotel

Thieves snuck into hotel rooms at a Twin Cities water park on two different weekends and stole guests' electronics, according to Brooklyn Park police.

Police said the thieves hit three rooms at the Grand Rios Hotel on March 27 and three more rooms on April 3.

The Altman family from Brook Park said the crooks stole two lap tops, a cell phone, power cords and a wireless mouse from their room.

The family said hotel management is working to replace their electronics, but the family is still upset.

Tina Altman said, "That still doesn't replace all the pictures of my boys, all their information everything on them laptops."

Police said there was no forced entry in any of the thefts, so they have not ruled out the possibility the crimes were an inside job.

Kevin Altman said, "I'm pretty mad, especially when we found out there are multiple other ones, and it's still happening. It's just not right."

Police said there were several room breakins last summer, with no arrest.

Police say management made security changes after those thefts.

5 EYEWITNESS NEWS was not able to reach hotel management for comment Tuesday. kstp.com

Stillwater man's web post links at least 60 ID theft victims

After a Stillwater man's bank alerted him to fraudulent charges, he posted a warning to a Facebook page and within minutes dozens of others reported they were dealing with the same thing.


Ted Koslowski started the Stillwater fan page, which now has more than 8,000 fans.

Tuesday he posted a notice saying, "Just got a call from Lake Elmo bank. Apparently a popular local business had its customers credit card info stolen and its effect has been widespread."

He went on to say his personal checking account had been hit with fraudulent charges from California and Russia.

He told 5 EYEWITNESS NEWS more than $1,000 was siphoned from his account in a matter of hours. There were charges from electronics dealers, pet stores and gas stations.

After his Facebook post, at least 60 other people responded that they too were being hit with fraudulent charges.

There does not seem to be a common denominator indicating that all of the victims frequented the same store or made similar purchases. But authorities are in the very early stages of their investigation.

The case is developing so quickly that Washington County deputies had not yet filed their initial police report when 5 EYEWITNESS NEWS reported the story at 10 p.m Tuesday. kstp.com

Violation Of Sensitive Data Storage Policy Led To Exposure Of Info On 3.3 Million Student Loan Recipients

Removable media device stolen from Educational Credit Management Corp.'s (ECMC) headquarters contained Social Security numbers, names, addresses, dates of birth of people who had received federal student loans

A removable media device containing personal data on 3.3 million people was stolen from the Minnesota headquarters of federal student loan guarantor Educational Credit Management Corp. (ECMC) last week -- and the data should never have been copied onto the device in the first place.


ECMC, which handles and insures more than $11 billion worth of student loans for the U.S. Department of Education, discovered on March 23 that the device had been stolen. The firm is currently in the process of sending letters to all of the affected loan recipients, some of whom date back to as long as 15 years ago. Their names, addresses, Social Security numbers, and dates of birth were on the stolen device, but no bank account or financial data, according to ECMC.

David Hawn, chief business development officer for ECMC, said in an interview that storing such sensitive data on a removable device was a "very clear violation of our company policies and protocols." He would not specify whether the device was a USB stick, hard drive, or other type of device due to the sensitive nature of the ongoing investigation by law enforcement. Hawn also was not able to reveal whether the data was encrypted, either.

"This situation was unfortunate in that it had a human element to it...It really was a disappointment to all of us that this had occurred," Hawn says, and the company is in the process of doing a full-blown review of its internal security policies and plans to "make changes."

"We unfortunately learned about this the hard way, and we are working diligently to shore that up," he says. "Our systems security infrastructure is very robust, and in fact since this incident occurred, by way of precaution we have hired an external agency to perform various penetration tests on our firewalls -- all the testing has been negative."

Hawn says it doesn't appear the thief or thieves were targeting specific information in the crime. "There's nothing to suggest that they were aware of what they were taking," Hawn says.

And thus far, ECMC says there's been no evidence of any abuse of the data. The company is offering the affected victims free credit monitoring and reporting with Experian.

ECMC's problem isn't unique: Ipswitch File Transfer will release a study tomorrow that shows that 90 percent of IT and security professionals use thumb drives or external devices to move data. Few companies bother encrypting data on those devices, either, says Frank Kenney, vice president of global strategy at Ipswitch. "Encryption generally doesn't happen. It's rare," Kenney says.

"We were shocked by how many people are using [these devices] to share or move large files," Kenney says.

The data potentially exposed includes existing, ongoing, and older, inactive federal student loans as well, ECMC's Hawn says. "It did include, for archival purposes, a number of records" that date back to 15 years ago, he says.

ECMC serves as the guarantor for loans in Oregon, Virginia, and Connecticut, but borrowers in all states could be affected by the breach, according to one published report.

Potential victims of the breach can go to this page set up by ECMC to get more information on whether they are affected, and if so, what to do. darkreading.com

Beware of April Fool's Day - Spyware Infections Increase

With April Fool's on the horizon, along with it comes an increase in spyware and malware infections, causing havoc for computer users, not to mention time in lost productivity, additional expenses, and worst of all the inconvenience and frustration it causes.

Be super careful and vigilant during this time. Simple tips to follow:

• Don't open emails from people you don't know, especially if they have files or attachments.
• Awareness of what software you're using. Be familiar with its delivery of its warnings and alerts. "Scareware" tactics try to fool you into something that could be malware, wreaking havoc with your computer or worse yet, hijacking your computer.. Don't be "fooled" by them.
• Give social networking sites like Facebook, ,Twitter, My Space, etc a break for a week or so. If it's important or they miss you, tell them to call instead.
• Think before you click!!! Use extra caution before visiting new websites you haven't been to before. Even seemingly "innocent" websites could be booby-trapped with malicious software.
• Run multiple layers of security software. A single solution may not be enough.

Syware and malware authors have become more creative, more sophisticated. Every day, thousands of new infections are being created, greatly reducing the effectiveness of free or even off the shelf antivirus protection, rendering existing anti-spyware and anti-virus solutions in effective.

Small Businesses Need a Disaster Plan

Disaster preparedness often gets pushed down the priority list for small businesses -- often until disaster strikes and it's too late. To protect your employees and data in the event of a catastrophe, experts advise that business owners think of everything that can go wrong, and prepare for it. Protecting valuable data is of particular concern.

Small business owners in the Upper Midwest have just gone through a disaster preparation drill as the Red River rose and threatened to repeat last year's catastrophic flooding. The region dodged a bullet this time, but more floods may well come, and other parts of the country could see tornadoes and hurricanes.


Disaster preparation is one of those tasks that many small business owners say they'll get around to, soon. But it often gets pushed down the priority list, especially when a company is focused on bringing in new business or improving cash flow.

Many owners also believe disaster won't strike them. They might believe their companies are safe because they're far enough away from a river.

John Stern's clothing store in Fargo, N.D., is on high ground, and it escaped the 2009 floods. But he's learned that a disaster doesn't have to be a big event like an overflowing river. About 10 years ago, the problem was also a flood, when the rain-soaked ground sent water lapping near the entrance to his store. He had to close Straus Clothing for three days.

Now, "we're prepared if it happens," Stern said of a disaster. He has his company's data backed up and "we take the discs home every night." The store has back-up batteries in case the power fails. And it has sandbags.

What follows is a guide to disaster preparation for small businesses:

Figure Out What Your Needs Are

How complex your disaster plan is will depend on the time and resources you have to dedicate to it. People whose work is to help companies prepare for disasters often advise owners that they need to first plan for their most important assets: their employees and their data, including e-mail, financial books and customer lists.

After that, each owner must decide what they need to do to get the business up and running after a disaster. That might seem overwhelming, so it's a good idea to get help. If you have employees, ask them to brainstorm with you. They know how the business operates and can give you advice. Or ask a friend who owns a similar business.

Stern said he's learned to "think of everything that can go wrong and prepare for it."

Owners who need help figuring out what they need to do for disaster planning can also get help online. The Institute for Business & Home Safety's site, http://www.disastersafety.org, and the federal government's guide at http://www.ready.gov/business go into some detail. The Small Business Administration also has information at http://www.sba.gov/beawareandprepare/business.html.

Protecting Your Data


With the widespread availability of data backup, no company should have to lose its information. And many companies routinely back up their information to guard against the most likely high-tech disaster: a crashed hard drive.

At the least, companies should back up their data on discs, as Stern's store does, or an external hard drive. It's wise to have multiple copies of the data, to be really safe. Most important is to take whatever storage medium you use off the premises each night.

Similarly, companies that use laptops can easily protect their data -- employees just take them home.

Many companies now back up data remotely, using Web-based services. Dean Rangone, owner of allRisk, a Somerdale, N.J., firm that does post-disaster cleanup, noted that with this method, "you're going to be able to access your information from anywhere in the world."

If you choose remote backup, don't use a service that's just across town. That company could also be shut down by the same disaster. You might want to think in terms of thousands of miles away. Remember the Northeast blackout of 2003? Eight states lost power.

Staying in Touch with Employees and Customers

Employers need to be sure that staffers and their families are safe. And that they can get in touch with them.

First, there should be a list of phone numbers, home addresses and e-mail addresses for everyone in the company that all managers and staffers have access to. And, since that information tends to change frequently, that list needs to be current at all times.

There is advance warning for some disasters, including hurricanes. A whole new set of contact information will be needed for staffers who are evacuating. If they're not sure where they'll be staying, then they should supply names, phone numbers and e-mail addresses of friends or relatives.

You also need to be sure your customers can reach you. Rangone suggests having your business phone lines routed to cell phones. That way, your customers won't be left wondering what happened.

Coming Up with a Plan -- And Then Plans B and C

As businesses learned in the aftermath of Hurricane Katrina, even the best of disaster plans can go awry. So, owners need to think about the "what ifs." What if there is a widespread power outage? What if cell phone service goes down? What if the disruption to your business is going to last weeks or months?

So you can come up with a plan for getting your company running again, but be ready to change it, depending on the type of disaster, how serious it is, and where your employees are. After Katrina, many businesses whose premises were intact weren't able to get their staffers back for some time, because so many homes were damaged or destroyed. It's likely that few expected to be shut down for a long time.


Once you know how bad the situation is and where your staffers are, you can start recovering.

Leslie Luke, group program manager with the San Diego County Office of Emergency Services, noted that "it doesn't have to be a catastrophic event to have to evacuate out of their buildings." A fire or building collapse could shut down your business too. newsfactor.com

JC Penney tried to block publication of data breach

IDG News Service - Retailer JC Penney fought to keep its name secret during court proceedings related to the largest breach of credit card data on record, according to documents unsealed on Monday.


JC Penney was among the retailers targeted by Albert Gonzalez's ring of hackers, which managed to steal more than 130 million credit card numbers from payment processor Heartland Payment Systems and others. Gonzalez was sentenced to 20 years in prison on Friday in U.S. District Court for the District of Massachusetts.

In December, JC Penney -- referred to as "Company A" in court documents -- argued in a filing that the attacks occurred more than two years ago, and that disclosure would cause "confusion and alarm."

However, it was already suspected JC Penney was one of the retailers after the Web site StorefrontBacktalk was the first outlet to accurately report in August 2009 that JC Penney was among the retailers targeted by Gonzalez's group.

New Jersey, where the Gonzalez case started, agreed to keep JC Penney's identity secret but the case was moved to Massachusetts where authorities decided otherwise, prompting JC Penney's motion.

Disclosing Company A's identity "may discourage other victims of cybercrimes to report the criminal activity or cooperate with enforcement officials for fear of the retribution and reputational damage that may arise from a policy of disclosure as espoused by the government in this case," wrote JC Penney attorney Michael D. Ricciuti.

In a Jan. 12 filing, U.S. prosecutors argued for disclosure. "Most people want to know when their credit or debit card numbers have been put at risk, not simply if, and after, they have clearly been stolen," the government wrote. "The presumption of disclosure has an additional significant benefit, though, besides the right of the card holder to know when he has been exposed to risk."

The U.S. Secret Service had told JC Penney that its computer system had been broken into. The retailer's system had "unquestionably failed," but the government said the Secret Service did not have evident that payment card numbers were stolen, U.S. prosecutors wrote.

Another retailer, The Wet Seal, said in a statement issued Monday that it had also been targeted by Gonzalez's gang around May 2008. The Wet Seal has been referred to as "Company B" in court documents.

"We found no evidence to indicate that any customer credit or debit card data or other personally identifiable information was taken," the company said.

Other retailers affected by the breach included TJX, 7-Eleven, Hannaford Brothers, Dave & Busters, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW. computerworld.com

The 10 Riskiest Cities for Cybercrime

The threat of falling victim to cyber-crime is so ubiquitous today, and some of America's biggest cities are even more prone than elsewhere in the country, according to a well known producer of cyber-security software.

Norton from Symantec, a popular antivirus provider, teamed up with the research organization Sperling BestPlaces to discern which cities were the riskiest hot spots for cyber-security, publishing the results March 22 in The Norton Top 10 Riskiest Online Cities report. The 50 cities identified in the report make up a laundry list of the most famous places in the country.

The top 10 listed are:

•Seattle

•Boston

•Washington, D.C.

•San Francisco

•Raleigh, N.C.

•Atlanta

•Minneapolis

•Denver

•Austin, Texas

•Portland, Ore.

Other notable cities in the remaining 40 include Honolulu (11), Las Vegas (13), San Diego (14), New York (24), Los Angeles (30), Houston (32), Phoenix (34) and Chicago (35). Rankings were determined from Symantec data on cyber-crime, third-party data on online behavior and demographic data from Sperling.

These cities have been ranked based on the numbers of malicious attacks received; potential malware infections; spam zombies; bot-infected machines; and places that offer free Wi-Fi, per capita. They were also ranked based on the prevalence of Internet use; computer use, based on consumer expenditures for hardware and software; and risky online activity, like purchasing via the Internet, e-mail and accessing financial information.

Seattle ranked in the top 10 of all categories, which is how it wound up as No.1 riskiest city in the survey.

"When you look at the data, they are way ahead on all these measures, so you've got a concentration of heavy usage of technology engaging in the kinds of activities that we know increase your risk of being a victim of cyber-crime," said Marian Merritt, Norton Internet Safety Advocate.

But Merritt said people who don't live in one of the riskiest cities shouldn't ignore basic Internet safety procedures.

"Even if your city's not on the list, you as a citizen could be the kind of person who still engages in all the things that would have made your city rank higher," she said. "Even if you live in a rural environment but you're somebody who's constantly on the Internet and you have high-speed connections when you do online banking, you'll be encountering more risk than other people."

A city's concentration of busy Internet users had a lot to do with where it wound up on the list. Detroit came in at No. 50 because people there apparently don't have the Web-centric capabilities and usage patterns in the same high numbers compared to a city like San Francisco, which came in at No. 4.

"[Detroit is] the 50th -- the lowest ranking for cyber-crime. They're also low with access to the Internet. They're not spending as much on computer equipment. There's a whole bunch of factors that made them fall to the bottom," Merritt said.

She added that a city's digital safety environment might be something the municipal government would want to consider in projects to expand wireless capabilities to underserved communities.

"There's a responsibility to make sure that people who get new access to technology or services like broadband understand that there are risks and how to mitigate them," she said. govtech.com

Identity Theft

Criminals use many methods to steal personal information from taxpayers. They can use your information to steal your identity and file a tax return in order to receive a refund. Here are things the IRS wants you to know about identity theft so you can avoid becoming the victim of a scam artist.


• Identity thieves get your personal information by many different means, including stealing a wallet or purse or accessing information you provide to an unsecured Internet site. They even look for personal information in your trash. They also pose as someone who needs information through a phone call or e-mail.

• The IRS does not initiate contact with a taxpayer by e-mail.

• If you receive an e-mail scam, forward it to the IRS at phishing@irs.gov.

• If you receive a letter from the IRS leading you to believe your identity has been stolen, respond immediately to the name, address or phone number on the IRS notice.

• Your identity may be stolen if a letter from the IRS indicates more than one tax return was filed for you or the letter states you received wages from an employer you don’t know.

• If your Social Security number is stolen, it may be used by another individual to get a job. That person’s employer would report income earned to the IRS using your Social Security number, making it appear that you did not report all of your income on your tax return.

• If your tax records are not currently affected by identity theft, but you believe you may be at risk due to a lost wallet, questionable credit card activity, or credit report, you need to provide the IRS with proof of your identity. You should submit a copy of your valid government-issued identification along with a copy of a police report and/or a completed Form 14039, IRS Identity Theft Affidavit. highlandnews.net

TJX Hacker Sentencing Signals the Need for Customer e-Banking Security Vigilance says Trusteer CEO

London, United Kingdom - 29th March, 2010 - The severity of the 20 years prison sentence handed down to convicted TJX hacker Albert Gonzalez for running his own multi-million-dollar card hacking scam sends a very positive message that crime - and cybercrime in particularly - really does not pay in the long run, says Trusteer.


And, says Mickey Boodaei, the firm's CEO, the case rams home the message that bank card and account owners need to protect their cards and online assets if they are to avoid waking up to the horror of finding no money in their bank accounts

"As the truth slowly emerges, however, it should now be apparent to the man and woman on the street that banking cybercrime - which is actually just another type of money fraud - is a very real threat to you, me and almost any bank or payment card user," said Boodaei, whose firm Trusteer, provide browser security and fraud prevention services that protect the customers of many UK banks.


But, the Trusteer CEO went on to say, threats can be mitigated by effective IT security technology and this is exactly what banks and allied financial institutions the world over are doing behind the scenes, to protect their customers' money.

But the widespread nature of electronic crime - with criminals being lured by the big money they can generate from their frauds - is such that implementing the security is now a team effort between the banks and their customers.

Banks require the right tools and processes to investigate incidents and provide law enforcement official with accurate information which could lead to arrests and Trusteer recently launched “Flashlight” a remote fraud investigation and mitigation service identifies the attack source on a customer’s machine, gathers samples, and can reverse engineer the mechanism used by the malware to commit fraud. Findings enable banks and other organizations to prevent future losses, block subsequent attacks, and takedown command/control servers and provide forensic evidence required for arrest and prosecution.

You wouldn't, he explained, walk into a coffee bar or pub, order a drink and leave your wallet on the table, and it's exactly the same with electronic assets in the shape of online banking credentials.

Trusteer, Boodaei says, is doing its bit by supplying banks such as HSBC, RBS/Natwest and the Santander Group, with its Rapport browser plug-in security software, which helps to stop sophisticated e-banking frauds such as man-in-the-middle and password-sniffing attacks.

"The TJX/Gonzalez case shows that organisations such as the FBI are doing their bit as well, but criminals would always look for the weakest link in the chain to steal customers’ money. Right now the weakest link is the customer’s computer which can be targeted by sophisticated malware and phishing attacks. To protect against this customers should install the best possible IT security software and systems on their computers, before going online to their e-banking services," he said.

"Internet users need to sit up and take notice of cases like this one. There are much smaller frauds going on all the time, each of which can result in your bank account being hit for six. E-banking customers need to use all the security technology they can muster to avoid their own accounts being drained," he added. contactcenterworld.com

Area woman arrested in connection to ID theft ring

CHICAGO — A Mt. Vernon woman already incarcerated for burglary in Cook County, has been arrested again in connection with a year-long identity theft ring.


Talonda Hampton, 35, was arrested Oct. 30 on a charge of residential burglary, and was identified as one of seven women arrested Thursday in an identity theft ring in which hundreds of people throughout the country were victimized, according to the Cook County Sheriff’s office.

The alleged instigators in the scam, including Hampton, charged more than $300,000 in more than 500 transactions to purchase jewelry, furniture, household goods, appliances and electronics and then allegedly sold the items to friends and relatives for a cash profit, stated Cook County Sheriff Tom Dart.

The identity theft ring was allegedly headed by three sisters — Shikila Blount, Laqueshia Holmes and Tijuana Leonard — and male friends, information states. Blount was arrested at her home, while her sisters are wanted fugitives. According to information, investigators learned Leonard got a job with a janitorial service which provided cleaning services for a medical office. While Leonard was cleaning, she allegedly stole personal information from patient files and distribute the information to others. Her conspirators would allegedly go online and either apply for credit cards or request that person’s credit report mailed to the conspirators’ mailing address.

Once granted access to the credit line, they would allegedly run up bills, information states.

Those involved in the scheme allegedly got credit 285 times at Sears, 72 times at Victoria’s Secret, 46 times at The Room Place and 27 times at Express, among others, the Cook County Sheriff’s office stated. They were able to use personal information on victims from Los Angeles to New Jersey, Wisconsin to Florida and from Chicago and dozens of suburbs in Illinois and Indiana.

Hampton is being held at the Cook County Jail on $40,000 and is scheduled to appear in court on April 30. register-news.com

Michigan identity theft suspects targeting Meijer customers are linked to Russian crime ring

KENT COUNTY -- It started as a traffic stop, a Kent County sheriff's deputy pulling over a car with a burned-out headlight, and occupants -- reeking of burned marijuana -- providing fake names and addresses.


On the back seat was a stash of Meijer bags.

Police were suspicious and asked the car owner for consent to search.

Inside the car? Multiple credit and debit cards, along with nearly $13,000 in stored-value Meijer cards, more commonly known as gift cards.

The extent of the criminal enterprise wasn't known at the time of the Oct. 2 traffic stop. But after sheriff's detectives and federal authorities got involved, investigators soon determined the three suspects in the car were allegedly linked to an Internet crime ring in St. Petersburg, Russia.

Investigators say the suspects used the information to put thousands of dollars onto fraudulent credit cards and store cards -- and obtain $200,000 in fraudulent student loans.

The cases fuel concern that technology, particularly the Internet, gives criminals an avenue to steal and share information from virtually anywhere. Law enforcement officials at the local, state and federal level in West Michigan are working toward an eventual task force on identity theft.

"There is no single silver bullet to solve it," said Hagen Frank, an assistant in the Grand Rapids U.S. Attorney's office. "It is a priority of the Justice Department to get a handle on identify theft. It really is a growing problem on a national level. Everyone is at risk for it."

Frank urged residents to closely guard personal information, including correspondence put in the mailbox. Police and prosecutors have to hit identity-theft suspects hard, he said.

He is prosecuting a case that originated in Oakland, Calif., and wound up here when four suspects, using information from a Bank of America worker, racked up $17,000 in charges early last year in Grand Rapids and Holland. As the investigation unfolded, another dozen people were arrested, with losses of at least $750,000. Alonzo Holloway was sentenced to 11 years in prison, while those convicted so far received lesser prison terms.

In the most-recent case, the scam essentially works like this: Cyber criminals, often originating in Eastern European countries, sell stolen credit-card numbers in the United States over the Internet. In return, they receive payment via Western Union.

Once a thief has stolen credit-card numbers, he can use a machine to re-encode the magnetic strip of a credit card or gift card with that account information.

"(T)he technique allows the perpetrator to use a card for payment which appears to belong to them or appears to be a stored-value card; however, the account number of another person is actually charged for the transaction," David Dobb, a U.S. Secret Service special agent, wrote in court papers.

Such thieves often target stores like Meijer, which have self-checkout lanes. In this case, the suspects, all Detroit-area residents, hit Meijer stores in Michigan, Illinois, Indiana and Ohio over the course of months, records filed in U.S. District Court said.

In just two days ending with the Oct. 2 traffic stop, they allegedly bought $12,900 in gift cards at Meijer stores in Grand Rapids, Charlotte, Lansing and other areas using cards that had been fraudulently re-encoded with account numbers and expiration dates, records showed.

Jeff Frost, the Secret Service's resident agent in charge in Grand Rapids, said such cases require resources at all levels, from the street cop -- responsible for arrests in both of these local cases -- to federal investigators with few boundary limitations.

The cases are part of a troubling trend because the process is so simple: "People are able to go out on the Internet and purchase people's identification."

After sheriff's deputies stopped three suspects in the car, detectives contacted a Meijer investigative analyst who provided a list of purchases using the stolen information. Security surveillance showed that Derrick Phillip Ingram, Leon Clifford Stevens-Moman and Earnest Raymond Lewis Jr. had used re-encoded cards to buy pre-paid gift cards, wrote Dobb, the Secret Service agent.

He said that while the suspects were held at the Kent County Jail, Stevens-Moman and a man later identified as Gerrod Marquis Johnson talked on the telephone about a "sewing machine," and that Johnson "put it away but can still get at it" to "make new outfits."

Several days after the arrest, Stevens-Moman allegedly told a bondsman about the scheme and put him in contact with Johnson.

"Johnson told the bondsman that he was the person who could supply him with the fraudulent credit cards, and that the bondsman could realize a $15,000 return for every $2,000 that he 'invested' in the scheme," Dobb wrote.

Dobb, in a request for a search warrant, said encoders can be bought over the Internet, and that "I have learned that it is very easy to conduct this type of access device fraud."

During the investigation, he said, investigators determined that the suspects also applied for students loans. Ingram received $162,000 from Sallie Mae, although his request for $40,000 was denied by the College Loan Corp. Another man, Ameer Spinks, obtained a fraudulent Sallie Mae loan for $40,000 but was denied by the other company, records said.

Based on information obtained from Western Union, Lewis had sent $12,107 to someone in Russia over three months, while Johnson sent four wires to Russia, the last a $990 payment in early November. Spinks also sent money to the same person the same day.

"The Secret Service has learned that a large amount of this fraudulently obtained information is obtained from sources in Eastern Europe, including Russia," Dobb wrote. "In these transactions, individuals in the United States pay for the information obtained using a few different methods. One of the common methods is a Western Union money transfer."

In all, five young men await trial, but attorneys have requested a delay to consider plea options.

James McQuaid, a Lansing resident whose Web site, securehomenetwork.blogspot.com, warns of security threats from around the world, said credit-card numbers and other personal information are easily stolen, whether business accounts are compromised or viruses attack computers, logging key strokes and isolating credit-card numbers.

It can take weeks for the virus to be detected, if at all.

People are not running into trouble by going onto "bad sites," rather, criminal groups buy banner ads on legitimate sites that bounce visitors to such sites. Criminals also hack into legitimate sites.

"The whole thing is automated," McQuaid said. "One of the things we're finding is there is such a glut of stolen credit cards that they can't monetize -- they just don't have the ability to use them and are selling them for a penny a piece in some of the forums.

"In this particular scheme, where they're getting the stolen cards, eventually, they had to figure out how to get something out of them. What probably happens is, they try to use the cards in Russia, but the credit card companies will not allow that transaction."

He said that using credit cards that have been re-encoded with stolen numbers is simple. To a store clerk, the card appears to belong to the person named on the front.

The victim has no idea.

"The person who owns (the account) actually has the card in their wallet," McQuaid said. "They would never get the sense that the transfer was made until after the fact. Yeah, it's that easy. It's kind of concerning if you think about the people in Russia breaking into local connections here." mlive.com

Inside a global cybercrime ring

Hundreds of computer geeks, most of them students putting themselves through college, crammed into three floors of an office building in an industrial section of Ukraine's capital Kiev, churning out code at a frenzied pace. They were creating some of the world's most pernicious, and profitable, computer viruses.

According to court documents, former employees and investigators, a receptionist greeted visitors at the door of the company, known as Innovative Marketing Ukraine. Communications cables lay jumbled on the floor and a small coffee maker sat on the desk of one worker.

As business boomed, the firm added a human resources department, hired an internal IT staff and built a call center to dissuade its victims from seeking credit card refunds. Employees were treated to catered holiday parties and picnics with paintball competitions.

Top performers got bonuses as young workers turned a blind eye to the harm the software was doing. "When you are just 20, you don't think a lot about ethics," said Maxim, a former Innovative Marketing programer who now works for a Kiev bank and asked that only his first name be used for this story. "I had a good salary and I know that most employees also had pretty good salaries."

In a rare victory in the battle against cybercrime, the company closed down last year after the U.S. Federal Trade Commission filed a lawsuit seeking its disbandment in U.S. federal court.

An examination of the FTC's complaint and documents from a legal dispute among Innovative executives offer a rare glimpse into a dark, expanding -- and highly profitable -- corner of the internet.

Innovative Marketing Ukraine, or IMU, was at the center of a complex underground corporate empire with operations stretching from Eastern Europe to Bahrain; from India and Singapore to the United States. A researcher with anti-virus software maker McAfee Inc who spent months studying the company's operations estimates that the business generated revenue of about $180 million in 2008, selling programs in at least two dozen countries. "They turned compromised machines into cash," said the researcher, Dirk Kollberg.

The company built its wealth pioneering scareware -- programs that pretend to scan a computer for viruses, and then tell the user that their machine is infected. The goal is to persuade the victim to voluntarily hand over their credit card information, paying $50 to $80 to "clean" their PC.

Scareware, also known as rogueware or fake antivirus software, has become one of the fastest-growing, and most prevalent, types of internet fraud. Software maker Panda Security estimates that each month some 35 million PCs worldwide, or 3.5 percent of all computers, are infected with these malicious programs, putting more than $400 million a year in the hands of cybercriminals. "When you include cost incurred by consumers replacing computers or repairing, the total damages figure is much, much larger than the out of pocket figure," said Ethan Arenson, an attorney with the Federal Trade Commission who helps direct the agency's efforts to fight cybercrime.

Groups like Innovative Marketing build the viruses and collect the money but leave the work of distributing their merchandise to outside hackers. Once infected, the machines become virtually impossible to operate. The scareware also removes legitimate anti-virus software from vendors including Symantec Corp, McAfee and Trend Micro Inc, leaving PCs vulnerable to other attacks.

When victims pay the fee, the virus appears to vanish, but in some cases the machine is then infiltrated by other malicious programs. Hackers often sell the victim's credit card credentials to the highest bidder.

Removing scareware is a top revenue generator for Geek Choice, a PC repair company with about two dozen outlets in the United States. The outfit charges $100 to $150 to clean infected machines, a service that accounts for about 30 percent of all calls. Geek Choice CEO Lucas Brunelle said that scareware attacks have picked up over the past few months as the software has become increasingly sophisticated. "There are more advanced strains that are resistant to a lot of anti-virus software," Brunelle said.

Anti-virus software makers have also gotten into the lucrative business of cleaning PCs, charging for those services even when their products fall down on the job.

Charlotte Vlastelica, a homemaker in State College, Pennsylvania, was running a version of Symantec's Norton anti-virus software when her PC was attacked by Antispyware 2010. "These pop-ups were constant," she said. "They were layered one on top of the other. You couldn't do anything."

So she called Norton for help and was referred to the company's technical support division. The fee for removing Antispyware 2010 was $100. A frustrated Vlastelica vented: "You totally missed the virus and now you're going to charge us $100 to fix it?"

AN INDUSTRY PIONEER

"It's sort of a plague," said Kent Woerner, a network administrator for a public school district in Beloit, Kansas, some 5,500 miles away from Innovative Marketing's offices in Kiev. He ran into one of its products, Advanced Cleaner, when a teacher called to report that pornographic photos were popping up on a student's screen. A message falsely claimed the images were stored on the school's computer.

"When I have a sixth-grader seeing that kind of garbage, that's offensive," said Woerner. He fixed the machine by deleting all data from the hard drive and installing a fresh copy of Windows. All stored data was lost.

Stephen Layton, who knows his way around technology, ended up junking his PC, losing a week's worth of data that he had yet to back up from his hard drive, after an attack from an Innovative Marketing program dubbed Windows XP Antivirus. The president of a home-based software company in Stevensville, Maryland, Layton says he is unsure how he contracted the malware.

But he was certain of its deleterious effect. "I work eight-to-12 hours a day," he said. "You lose a week of that and you're ready to jump off the roof."

Layton and Woerner are among more than 1,000 people who complained to the U.S. Federal Trade Commission about Innovative Marketing's software, prompting an investigation that lasted more than a year and the federal lawsuit that sought to shut them down. To date the government has only succeeded in retrieving $117,000 by settling its charges against one of the defendants in the suit, James Reno, of Amelia, Ohio, who ran a customer support center in Cincinnati. He could not be reached for comment.

"These guys were the innovators and the biggest players (in scareware) for a long time," said Arenson, who headed up the FTC's investigation of Innovative Marketing.

Innovative's roots date back to 2002, according to an account by one of its top executives, Marc D'Souza, a Canadian, who described the company's operations in-depth in a 2008 legal dispute in Toronto with its founders over claims that he embezzled millions of dollars from the firm. The other key executives were a British man and a naturalized U.S. citizen of Indian origin.

According to D'Souza's account, Innovative Marketing was set up as an internet company whose early products included pirated music and pornography downloads and illicit sales of the impotence drug Viagra. It also sold gray market versions of anti-virus software from Symantec and McAfee, but got out of the business in 2003 under pressure from those companies.

It tried building its own anti-virus software, dubbed Computershield, but the product didn't work. That didn't dissuade the firm from peddling the software amid the hysteria over MyDoom, a parasitic "worm" that attacked millions of PCs in what was then the biggest email virus attack to date. Innovative Marketing aggressively promoted the product over the internet, bringing in monthly profits of more than $1 million, according to D'Souza.

The company next started developing a type of malicious software known as adware that hackers install on PCs, where they served up pop-up ads for travel services, pornography, discounted drugs and other products, including its flawed antivirus software. They spread that adware by recruiting hackers whom they called "affiliates" to install it on PCs.

"Most affiliates installed the adware product on end-users' computers illegally through the use of browser hijacking and other nefarious methods," according to D'Souza. He said that Innovative Marketing paid its affiliates 10 cents per hijacked PC, but generated average returns of $2 to $5 for each of those machines through the sale of software and products promoted through the adware. reuters.com

As Google, Go Daddy reconsider China, will other businesses think again?

On the same day that Google Inc. and the GoDaddy Group Inc. complained about China to a congressional committee, U.S. Navy Admiral Robert Willard appeared before the U.S. House Armed Services Committee with an even stronger warning about cyber-threats posed by China.

Willard's comments about China received little press attention but were stronger than anything said by either company.

"U.S. military and government networks and computer systems continue to be the target of intrusions that appear to have originated from within the PRC (People's Republic of China)," said Willard.

He said that most of the intrusions are focused on acquiring data "but the skills being demonstrated would also apply to network attacks."

Willard testified on the military's operations in its Pacific command, which he said "faces increasingly active and sophisticated threats to our information and computer infrastructure."

"These threats challenge our ability to operate freely in the cyber commons, which in turn challenges our ability to conduct operations during peacetime and in times of crisis," Willard said in prepared remarks (PDF document). He said the military was responding in near real-time to threats.

It's not just the military saying that the cyber-threats coming from China are on the rise. Appearing before the Congressional-Executive Commission on China Thursday, Christine Jones, an executive vice president and general counsel at domain registration giant GoDaddy, said that "in the first three months of this year, we have repelled dozens of extremely serious DDoS attacks that appear to have orginated in China."

Although GoDaddy and Google cited China as a source of cyber-attacks, they didn't blame the government. But these firms are taking action to limit their dealings with China because of other government policies concerning privacy and censorship.

But will the experiences of GoDaddy, Google and for that matter, the U.S. military, prompt other companies to act similarly and take steps to limit their business in China?

Robert Vambery, a professor of international business at Pace University's Lubin School of Business in New York, said this kind of behavior has been going on for a while and it's naive not to expect it. While he sees the possibility of action by Google and other firms having some short-to immediate-term impacts on other businesses in their dealings with China, they won't be major, he said.

"Unless there is some serious military encounter between China and the United States, then this is not likely to change significantly in the near future," Vamberry said.

University of Notre Dame professor John D'Arcy, who conducts research on information security and computer ethics, says Google decisions puts a little pressure on China, and said if U.S. firms feel any pause at all in dealing with that country, it is because more and more cyber attacks are being linked back to China.


"Companies would be a little bit suspicious because in general the Chinese government has not done anything to curb this activity," he said.

But China's importance to U.S. firms is huge, and Dell Inc. is only the most recent company to illustrate why.

There was a brief eye-opening moment this week when it appeared as if the Google's exodus from China was about to escalate in a big way.

India's Prime Minister, Manmohan Singh, was reported to have said in speech that Dell was planning to shift some production out of China because it wanted safer environment. CEO Michael Dell had recently met with Singh.


The statement came from account distributed by the India Press Information Bureau, according to various press reports. But David Frink, a Dell spokesman said in an interview, that was a "misinterpretation of his remarks."

Dell has 5,000 employees in China and two manufacturing facilities. In a statement released by Dell, the company said in that in its meeting with Singh, they discussed "ways of building India's hardware manufacturing eco-system."

In this context, Mr. Dell said that the company spends about $25 billion annually on sourcing components from its suppliers in China. With the right kind of progress, Mr. Dell said that he believes India also has an "opportunity to become a hardware manufacturing hub, generating employment and adding to that country's impressive growth." computerworld.com

Cyber Crime Is A Real Threat Says FBI

Cybercrime is growing says FBI and it is a great threat for the nation. FBI warns the security in the United States as it is eating at data and cash.


Robert Mueller, chief of Federal Bureau of Investigation addressed to RSA Conference of computer security professionals on Thursday in San Francisco, "The risks are right at our doorsteps and in some cases they are in the house."


He also added, "Working together we can find the people taking shots at us and stop those attacks."

Robert Mueller said that cyber-attack will have the similar impact as a well-placed bomb in the country.


"In the past 10 years, Al-Qaeda's online presence has become as potent as its in-world presence," he said.

He also continued that the cyber-terrosism threat is very real for the states and it is also rapidly expanding.


Mueller said, "Terrorists have shown a clear interest in hacking skills and combining real attacks with cyber attacks." dailynews365.com

Tags: Cybercrime, FBI