New Tactics
The Red Flags rules that will take effect this year are already making it harder for scammers to take over accounts by changing an address — but other methods have become more popular.
Adding an extra user to an account has become the preferred method of account takeover, noted as the cause of 31% of all takeovers in 2009, compared with 13% in 2008, according to a report Javelin Strategy and Research plans to publish today (see related graphic).
Changing the address has dropped to 24% of incidents in 2009, versus 42% in 2008, the report said. Though compliance with the Red Flags rules, a requirement under the Fair and Accurate Credit Transactions Act, is not mandated until June 1, early adherents are already benefiting from its effects, the report said. It cited the drop in address-change takeovers as "a sign that impeding Red Flags rules are working."
The alerts that banks offer their customers may have driven some of this behavior as well. More than half of the financial companies surveyed offer alerts for when physical and e-mail addresses are changed, but just 20% offer alerts when someone is added to or removed from an account.
The lack of alerts for such activity "may be why fraudsters have switched to this method, as they tend to be drawn to the areas of least resistance," the report said.
The report also entertained the question of whether the amount of data people post online at social networking sites increases their exposure to financial fraud. Though Javelin did not find a reliable link between the two, it noted that people age 18 to 24, the heaviest users of social networking, report nearly twice the incidents of fraud and data exposure as consumers in general. The 18-to-24 group, which Javelin dubbed the Core Millennials, also take nearly twice as long to discover incidents of fraud, the report said.
Carbon Copy
Hackers have found
Instead of stealing cash, some scammers are grabbing companies' carbon credits, which businesses buy and sell based on the amount of greenhouse gas they emit, Wired.com reported in its "Threat Level" blog Feb. 3.
Scammers stole $4 million in carbon credits from six compromised companies, according to a BBC report cited by Wired.com.
Other than the scammers' preference for carbon credits over cash, the scheme worked like a normal phishing attack: Companies in Europe, New Zealand and Japan received bogus e-mails asking that they verify their credentials with the German Emissions Trading Authority. The linked Web page was actually a spoof site, and anyone who entered their credentials at the site handed over access to their carbon credits.
The scammers moved the credits to other accounts and sold them to firms that assumed they were buying from legitimate seller.
Not Rocket Science
Poughkeepsie, N.Y.,
Thieves accessed the town's account with TD Bank NA, the U.S. arm of Toronto-Dominion Bank, last month, transferring the money to Ukraine in four transactions made over a two-day period, Computerworld reported Monday. TD Bank has recovered just $95,000 of the stolen funds, though it continues to pursue the remaining cash.
A bank spokeswoman told Computerworld that it could not speculate on how the fraud occurred or discuss the situation in detail — but the town itself has been far more vocal.
"We find it unacceptable that movement, or attempted movement, of money from a town account to an account in Eastern Europe did not immediately raise a 'red flag' with the bank," Patricia Meyers, Poughkeepsie's town supervisor, said in a press release last week.
Avivah Litan, a vice president and distinguished analyst at Gartner Inc., said the town's expectations are reasonable.
"It's not rocket science to do a review of a transaction to a foreign account," she said.
Data Is Forever
A computer glitch might have
According to one of the 27,000 individuals whose data was compromised in a hack of the Minneapolis payroll processor Ceridian Corp., a glitch prevented decade-old payroll data from being deleted, the Star Tribune in Minneapolis reported Feb. 5. Todd Ashton, who ten years ago worked for an employer that used Ceridian for its payroll, told the paper that a Ceridian employee explained that a glitch caused the system to retain the old payroll data.
Another individual, who asked the paper not to publish his name, also said the data was compromised in the Ceridian breach even though he has not worked for the Ceridian client for nine years.
Ceridian would not confirm to the paper the existence of the glitch, the Star Tribune story said.
Ceridian said last week that a December hack compromised the payroll data of some clients' employees. The compromised data includes Social Security numbers and, in some cases, birth dates and bank account numbers.
Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
Please e-mail us any
