Bookmark Jamaica-Gleaner.com
Go-Jamaica Gleaner Classifieds Discover Jamaica Youth Link Jamaica
Business Directory Go Shopping inns of jamaica Local Communities

Home
Lead Stories
News
Business
Sport
Commentary
Letters
Entertainment
Arts &Leisure
Outlook
In Focus
Social
International
Auto
The Star
E-Financial Gleaner
Overseas News
The Voice
Communities
Hospitality Jamaica
Google
Web
Jamaica- gleaner.com

Archives
1998 - Now (HTML)
1834 - Now (PDF)
Services
Find a Jamaican
Library
Live Radio
Weather
Subscriptions
News by E-mail
Newsletter
Print Subscriptions
Interactive
Chat
Dating & Love
Free Email
Guestbook
ScreenSavers
Submit a Letter
WebCam
Weekly Poll
About Us
Advertising
Gleaner Company
Contact Us
Other News
Stabroek News

Cyber criminals and identity thieves getting bolder, more sophisticated
published: Sunday | March 25, 2007

Robert Hoyler thought hackers who broke into his computer stole only his bank account information.

But it turned out that the thieves also left something behind: a hidden software virus that recorded his every keystroke.

So when Hoyler's bank issued him new account numbers and passwords, the hackers got all that information, too. His health insurance, online shopping and Social Security data went into a file in a master database at a website controlled by the attackers, stashed among personal information on more than 3,220 American residents.

Technical manipulation

"These guys got everything, but all I knew was that my financial accounts were compromised," said the 66-year-old Fairfax engineer, who learned of the virus from a reporter who used forensic tools from computer-security firm Sunbelt Software in February to locate the web server hosting Hoyler's private information.

Such attacks are evidence of the sophistication and depth of technical manipulation by hackers, and the challenges facing consumers and law enforcement agencies in fighting them.

Online crime is easier, in part because tools for carrying out attacks are readily available and harder to purge from computers. Moreover, for consumers like Hoyler, there is often no surefire way to know how or what information has been stolen.

Notifying individual victims is time-intensive and expensive, and law enforcement agencies and credit bureaus say it's not their job.

Many viruses that send junk email also include password-stealing components, and some combine such technology with fake websites mimicking trusted online brands, which can be particularly deceptive.

More than 1,000 fraudulent sites known as 'phishing' sites are erected each day, according to the Anti-Phishing Working Group, an industry organisation.

Scammers can net 20 to 100 victims per case, according to CastleCops, a volunteer group of security experts that analyses malicious software and phishing sites and provides information to police, Internet service providers and affected companies.

Contributing to the proliferation of web-based crime is the broad availability of online tools.

"Basically, we're at the point where the scammer can go into the virtual tackle store and buy all the equipment he needs to get a phishing scam working," said Lance James, founder of security-software developer Secure Science.

Virus writers

"There's the guy who writes the (virus) who says, 'Here's your phishing rod, here's some of our best bait, here are the best sites to attack, and if you pay me an extra $200, I'll tell you some of the best sites you can hack into'."

The virus that stole Hoyler's information came from websites based in Eastern Europe, according to the information tracked by Sunbelt Software.

It infiltrated the new-accounts department of a major United States bank, a medical patient database in Georgia and an Alabama district attorney's office containing a database used by police departments to trace people, according to information obtained with the Sunbelt software.

Hoyler's bank told him in January that someone had tried to wire money out of his account. Days later, Fidelity Investments notified him that someone tried to use his log-in information to purchase thousands of shares of an adult-entertainment company.

The government has acknow-ledged a need to do more foridentity-theft victims. Last year, the Bush administration created an identity-theft task force that has proposed creating a centre that would help victims.

- LA Times-Washington Post

More Business



Print this Page

Letters to the Editor

Most Popular Stories




© Copyright 1997-2007 Gleaner Company Ltd.
Contact Us | Privacy Policy | Disclaimer | Letters to the Editor | Suggestions | Add our RSS feed
Home - Jamaica Gleaner