Feeds

Carbon trade phish scam disrupts exchanges

Complex fraud lies behind emissions permissions attack

Security for virtualized datacentres

Phishing fraudsters have extended their net beyond harvesting e-banking credentials via a scam that resulted in the theft of 250,000 carbon permits worth over €3m.

The outbreak of fraud resulted in the suspension of trading in several EU registries on 2 February. The crooks are thought to have created fake emission registries, promoted via spam emails, before using identity details submitted on these sites to trade rights to blow-off greenhouse gases on the legitimate sites.

Six unnamed German firms were among the victims of the scam, a new form of corporate identity theft. Illegal transactions have also happened in the Czech Republic. German police have begun investigating the fraud. The EU Commission may also become involved, the BBC reports.

Meanwhile the United Nations' Framework on Climate Change (UNFCCC) is working with national registries to boost the security of registries and to help develop policies to frustrate similar attacks in future. Short term measures reportedly include warning users and resetting passwords.

Emissions trading continued via the European Emissions Exchange but exchanges in Belgium, Denmark, Hungary, Italy, Greece, Romania, Bulgaria, Spain and Germany were badly affected. Registries in Austria, the Netherlands and Norway were temporarily suspended but began trading again after minimal disruption.

"We have to be careful not to blow this out of proportion," EU environment spokeswoman Barbara Helfferich told EUobserver. "This happens to banks, Visa, Mastercard about once or twice a month. And this is the same sort of thing.

"It's not something intrinsic to the ETS (Emissions Trading Scheme). This could happen to anyone," she added.

Net security firm McAfee adds that a phishing attack targeting the Danish quota-market occurred in 12 January, leading to its temporary suspension, prior to a much wider attack two weeks later around the turn of the month.

McAfee analyst Francois Paget suggested that "[the] people behind these attacks cannot be simple hackers", but are instead "likely [to be] in the pay of rogue states that reject rules-based international trade".

Crikey.

A graphic from McAfee suggests that cordon permits were raided via a network of corrupt brokers and intermediaries via a scheme akin to VAT carousel fraud, where crooks collect the tax on easy to trade goods such as mobile phones before disappearing before a tax bill becomes due.

McAfee's explanation is the best stab we've seen at explaining how fraudsters laundered stolen carbon permits which, unlike credit card details or even webmail accounts, are not the sort of thing you are likely to be able to sell in underground hacking forums. Use of carbon permit "money mules" and cash transfers via Western Union also seems a bit unlikely. ®

Beginner's guide to SSL certificates

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.