Feeds

Carbon trade phish scam disrupts exchanges

Complex fraud lies behind emissions permissions attack

Beginner's guide to SSL certificates

Phishing fraudsters have extended their net beyond harvesting e-banking credentials via a scam that resulted in the theft of 250,000 carbon permits worth over €3m.

The outbreak of fraud resulted in the suspension of trading in several EU registries on 2 February. The crooks are thought to have created fake emission registries, promoted via spam emails, before using identity details submitted on these sites to trade rights to blow-off greenhouse gases on the legitimate sites.

Six unnamed German firms were among the victims of the scam, a new form of corporate identity theft. Illegal transactions have also happened in the Czech Republic. German police have begun investigating the fraud. The EU Commission may also become involved, the BBC reports.

Meanwhile the United Nations' Framework on Climate Change (UNFCCC) is working with national registries to boost the security of registries and to help develop policies to frustrate similar attacks in future. Short term measures reportedly include warning users and resetting passwords.

Emissions trading continued via the European Emissions Exchange but exchanges in Belgium, Denmark, Hungary, Italy, Greece, Romania, Bulgaria, Spain and Germany were badly affected. Registries in Austria, the Netherlands and Norway were temporarily suspended but began trading again after minimal disruption.

"We have to be careful not to blow this out of proportion," EU environment spokeswoman Barbara Helfferich told EUobserver. "This happens to banks, Visa, Mastercard about once or twice a month. And this is the same sort of thing.

"It's not something intrinsic to the ETS (Emissions Trading Scheme). This could happen to anyone," she added.

Net security firm McAfee adds that a phishing attack targeting the Danish quota-market occurred in 12 January, leading to its temporary suspension, prior to a much wider attack two weeks later around the turn of the month.

McAfee analyst Francois Paget suggested that "[the] people behind these attacks cannot be simple hackers", but are instead "likely [to be] in the pay of rogue states that reject rules-based international trade".

Crikey.

A graphic from McAfee suggests that cordon permits were raided via a network of corrupt brokers and intermediaries via a scheme akin to VAT carousel fraud, where crooks collect the tax on easy to trade goods such as mobile phones before disappearing before a tax bill becomes due.

McAfee's explanation is the best stab we've seen at explaining how fraudsters laundered stolen carbon permits which, unlike credit card details or even webmail accounts, are not the sort of thing you are likely to be able to sell in underground hacking forums. Use of carbon permit "money mules" and cash transfers via Western Union also seems a bit unlikely. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.