Feeds

Identity Thefts from the Rich and Famous

How can you be a trainee dish washer?

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

A trainee dish washer has been arrested in New York after allegedly using the Internet to defraud millions from US celebrities and millionaires.

According to the New York Post, which broke the story, Abraham Abdallah allegedly used Internet access at a local library and copies of Forbes magazine to steal the identities of 200 celebrities so that he could run up bills in their names online.

The 32 year-old is suspected of stealing millions of dollars from celebrities including Steven Spielberg, George Soros, former presidential candidate Ross Perot and Oracle boss Larry Ellison.

During the six months of the fraud he allegedly set up an elaborate network of post office boxes, Web-enabled cell phones and online voice mail services so that he could fool banks and avoid detection. He also used couriers to pick up goods and throw police off the scent.

The fraud was reportedly only discovered when an email request to transfer $10 million from the bank account of the founder of CRM magnate Thomas Siebel raised eyebrows at his bank, Merrill Lynch.

This tip-off allowed investigators to trace the electronic trail of fraudulent activities, which was far wider than anyone first suspected, and eventually enabled them to set up a trap at a drop off point for goods, where Abdallah was arrested.

The New York Post quotes unnamed sources who said that after Abdallah's arrest, police recovered a dog-eared copy of Forbes' "Richest People in America" list on which home addresses, cell phone and Social Security numbers, account numbers and balances - and even mothers' maiden names, were neatly jotted down.

Police are also said to have recovered notebooks and ledgers, counterfeit corporate papers, and rubber stamps.

It is believed Abdallah used the Forbes' article to draw up a list of victims about whom he subsequently obtained confidential financial information, by writing to credit reference agencies on forged corporate letterheads, bearing the names of brokerage houses.

This confidential data was allegedly enough for him to impersonate celebrities and gain access to their credit cards and other accounts at brokerage houses and investment banks.

"He's the best I ever faced," Detective Michael Fabozzi of the NYPD's Computer Investigation and Technology Unit, told the New York Post

Abdallah is charged with criminal possession of forged devices, stolen property and criminal impersonation, in a case has been taken over by federal investigators. He denies the charges.

The case is one examples so far of identity theft, which as explained in an earlier article we published about the subject (by Kevin Mitnick), is set to become a much more serious problem.

Victims pay to ensure against risk

So far the response of those in charge of managing debt risk to identity theft has being to encourage consumers to buy products that allow people to monitor what is happening to their finances more immediately.

For example, credit reference agency Equifax has introduced products like Credit Watch and Credit Profile which are allow consumers to monitor their credit standing online.

Dave Mooney, a spokesman for Equifax, said through Credit Watch US consumers (though not those in the UK) would be able to get email notification when there are changes to their credit file, rather than hearing about problems from debt collection agencies trying to recover unpaid bills. It is also rolling out products that give consumers their credit scores.

Insurance firm PromiseMark estimates identity theft affects 700,000 people annually and costs $4bn, in response to which it has introduced what it bills as a Hacker and Identity Theft Protection Plan.

This service provides fraud resolution services to hacker and identity theft victims to assist in the recovery of credit and financial losses from their online and offline accounts.

Placing the onus on consumers to protect themselves from identity theft can only be part of the solution, and merchants need to take more responsibility about tackling the issue. After all it is financial institutions, and credit reference agencies, to are responsible for extending fraudulent lines of credit in the first place. Is it too much to ask that they invest to improve their systems? ®

External links

New York Post article
PromiseMark
Equifax

Related stories

Stomp the identity thieves
Hacking credit cards is preposterously easy

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?