Fugitive Keeps Busy
The alleged leader of a ring of card scammers that is accused of making $100 million in bogus credit card charges
Shaileshkumar Jain, an American believed to be living in Ukraine, was one of three people indicted last week on wire fraud and computer fraud charges in connection with an alleged scheme to get credit card numbers by tricking people into buying bogus antivirus software, according to an article Computerworld ran May 28. Jain was arrested in 2008 on charges of selling counterfeit antivirus software, and has been a fugitive since failing to appear in court in January of last year.
Jain also has a $3.1 million judgment against him from a 2005 lawsuit brought by Symantec Corp., whose software he was accused of counterfeiting.
Jain is one of three people indicted last week on wire fraud and computer fraud charges; the others are James Reno of Amelia, Ohio, and Bjorn Daniel Sundin, a Swedish citizen believed to be living in Sweden. None of the three are in custody.
The trio are accused of creating malicious online ads that launch pop-up windows that tell computer users that their machines have been infected. The pop-ups are designed to look like Windows error messages, the article said; to get rid of the pop-ups, victims are asked to provide credit card info to pay for bogus antivirus software.
The money obtained from charging those credit cards was held in foreign bank accounts, according to prosecutors. Last week the Department of Justice also filed money-laundering charges against Jain for allegedly hiding profits from the earlier sales of counterfeit Symantec software.
Credit Union Caper
Thieves might have made off with over $100,000 drained from a Salt Lake City credit union's accounts, but some accomplices the thieves recruited may have refunded some of the money.
The scheme began when a computer used by an employee of Treasury Credit Union, which serves Utah residents who work for the U.S. Treasury Department and their families,
On May 20, the scammers began draining the credit union's accounts, and made at least 70 transfers before they were cut off.
Transfers of under $5,000 went to individuals recruited online as "money mules," whereas larger amounts went to compromised business accounts. Some of the transfers were reversed or rejected, so the credit union was unable to determine the net loss, but its president, Steve Melgar, said it was likely in the low six figures.
Scammers often recruit mules online by posting fake job ads seeking people to receive transfers into their own bank accounts, and then wire the funds to another account, after deducting a commission. Melgar said a few mules have come forward after completing the transfers, presumably because they realized after the fact that they had been part of a scam.
"I guess something must have clicked in their head at that point," Melgar told Krebs. Since these individuals went to their own banks, and not to Treasury Credit Union, to report their actions, Melgar said he is uncertain whether these people returned the share of the money the scammers let them keep as commission.
iPhone Exposed
The encryption used to protect data on recent versions of Apple Inc.'s iPhone operating system can be ignored if users connect the device to a computer with the Ubuntu operating system.
Under normal circumstances, a user running the third version or later of the iPhone's operating system with PIN protection switched on would not be able to access sensitive data without entering the proper PIN code, the news site Ars Technica reported May 28. When a PIN-protected iPhone is connected to most computers, those machines will show only images and video. However,
Apple has promised improved security in the fourth version of its iPhone's operating system, the article noted; developers would be able to allow individual applications to encrypt data separately from the rest of the phone's contents, though Marienfeldt said it would be better to enforce that a PIN code be required before any phone contents be made visible to any connected computer.
Bad Friends
The bad guys exploit Facebook's ability to run third-party applications — as well as exploiting users' willingness to click on links that promise sex videos — to infect users' computers with malicious programs, Computerworld reported May 27.
Over the past two weekends, applications prompted people to click links to sex videos, then suggested people download an update to their video software to show the video. That update was, instead, a malicious program, the article said.
Facebook may be falling behind in this arms race, Patrik Runald, a researcher for Websense Inc.'s Security Labs, told Computerworld.
"There are limitations to what Facebook can do to stop this," Runald said. "I wouldn't be surprised to see another attack this weekend. Clearly, they work."
One way fraudsters slip past Facebook's security mechanisms is by controlling the speed at which their schemes infect new victims. For example, Facebook flags any application that spreads too quickly, so the schemers limited its application to reaching out to just 10 friends of a user that has been infected.
Bank Goes Boom
Would-be bank robbers in Germany learned through explosive trial and error that automated teller machines
Police in Malliss said that robbers apparently used some kind of explosive device to blast open or dislodge an ATM at a bank branch.
The machine remained intact; the branch was "largely destroyed," and nearby structures and cars also sustained damage, the article said. No injuries were reported, and the robbers are thought to have not obtained any cash.
Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
Please e-mail us any
