Mail Mishap

A judge has ordered that Google Inc. shut down the Gmail Web mail account of someone, identity unknown, who was mistakenly sent the Social Security numbers of 1,300 people by a Wyoming bank.

After Rocky Mountain Bank in Wilson, Wyo., accidentally e-mailed the sensitive data to the unknown Gmail user, it asked that Google identify the recipient, MediaPost reported online Sept. 24. Google, adhering to its privacy policy, insisted that it could only do so if the bank obtained a court order.

A judge issued the order last week, insisting that Google both identify the user and shut down the account. The bank also tried to e-mail the person, who has not been accused of any wrongdoing, but got no response.

John Morris, the general counsel at the Center for Democracy and Technology, a nonprofit group that promotes open communication on the Internet, said the ruling is too heavy-handed.

"At the end of the day, the bank obviously screwed up," Morris said in the MediaPost article. "But it should not be bringing a lawsuit against two completely innocent parties and disrupting one … innocent party's e-mail contact to the world."

A follow-up article Monday said that the bank and Google have since asked the court to allow the e-mail account's restoration, but the judge had adjourned the case until Oct. 5, so the user's access to the account will probably remain blocked at least until then.

In addition to Social Security numbers, the bank's e-mail included names, addresses and loan information.

Bad Opportunity

When overseas criminals need to move stolen funds out of U.S. bank accounts, they often go to elaborate lengths to trick people into aiding their scheme — one group of scammers even claimed to be working with the Federal Bureau of Investigation to ensure that their unwitting accomplices would follow instructions to the letter.

These people, sometimes called "money mules," are often recruited through legitimate-sounding online job ads. But the question remains: Once they learn that their job responsibilities involve wiring large sums of money overseas, why do they go through with it? One anonymous mule told her story to The Washington Post's Brian Krebs for his "Security Fix" column of Sept. 24.

This mule, who withheld her name because she feared retaliation both from the scammers and from the company she helped scam, said the bogus job's description, "financial manager," fit her own work history as a payroll manager. She had been out of work since March and did not want to be picky about potential job leads.

The scammers posed as The Scope Group Inc. and claimed to be a 20-year-old investment group in New York, Krebs wrote, but its Web site and domain name were based in China and had only been registered this June.

(Krebs noted that a real Scope Group Inc., a Houston company, has no relation to the scammers but says it has been receiving upset phone calls and e-mails in recent weeks from people who thought the company was involving them in the scam.)

In her employment application, the mule gave the scammers personal information including her Social Security number and bank account details. The scammers asked her to log in to their Web site to receive instructions, so they were also able to record her computer's Internet Protocol address.

In their communications with the mule, the scammers threatened seemingly realistic — and serious — consequences should anyone fail to pass along any of the stolen funds that were sent into the mule's personal bank accounts.

"In the past we registered attempts of fraud, and as the amounts of transactions handled by our financial managers are quite considerable, we cooperate closely with the police, FBI, Criminal Police Organization in all the countries of the world," one letter said.

The mule Krebs interviewed obeyed these instructions and only became wise to the scam after her bank froze her account. "I had to prove to my bank that I was a victim of fraud," she told Krebs. This meant she had to send her bank the receipts she kept for the wire transfers she made to the scammers that hired her.

Hack Techniques

Hackers are going to school — not to further their education but to fatten their wallets.

Several school districts in Illinois have reported being targeted by malicious software that succeeded in stealing hundreds of thousands of dollars from them, according to an article Computerworld ran Monday.

The FBI said that the Clampi virus, known for its ability to drain bank accounts, may have been involved in a theft reported by the Crystal Lake School District, the article said. As much as $350,000 may have been stolen in that incident, the article said, and at least two other Illinois school districts may have been hit in the same scam.

In a separate incident in August, the Sand Springs, Okla., School District reportedly lost more than $150,000 to scammers using the Clampi virus.

Search engines are becoming more attractive hosts of online scams than e-mail, according to the computer security firm Websense Inc.

Search engines generally determine a Web site's relevance to a search term based on how many other sites link to it. Scammers in control of massive "botnets" of compromised computers can use them to host Web pages that trick the search engines into pointing to a Web site that hosts a virus or some other malicious software.

"The botnets give them much more power this way than if, say, they were just using them for spam," Stephan Chenette, the manager of security research at Websense, told Computerworld for an article that ran Monday.

"They have millions of bots at their fingertips," he said, "and with that control, they can sway the results of any search engine."

Most recently, this tactic was used to infect the computers of people who wanted to learn how to use the Apple Inc. iPhone's new photo message feature. The feature went live Friday, and the Web sites hosting the malicious content were registered around that time.

Anyone who clicked on the search results risked being infected by a "scareware" program that takes over a computer and offers to cure it with bogus antivirus software in exchange for the user's credit card details.