Articles about Fraud

Cybercrooks turn away from banks. Your health records are far juicier

Cybercrooks are switching up targets moving away from retail and financial services onto healthcare and government last year, according to figures from IBM’s security business. Retail drops out of top five most attacked sector while financial targets dropped from #1 to #3 in IBM X-Force’s 2016 Cyber Security Intelligence Index …
John Leyden, 20 Apr 2016

Tech support becomes Australia's number one scam

New data from the Australian Bureau of Statistics (ABS) asserts that tech support scams have become the most prevalent way to defraud the nation's residents, 113,000 of whom responded to such scams over a year. The Bureau's data is derived from interviews conducted for its 2014-15 Multipurpose Household Survey, so the figure …
Simon Sharwood, 20 Apr 2016
Ultron

MIT boffins build AI bot that spots '85 per cent' of hacker invasions

Eggheads at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) claim they have trained a machine-learning system to detect 85 per cent of network attacks. To reach that level, the software, dubbed AI2 [PDF], parsed billions of lines of log files, looking for behaviors that indicate either a malware infection …
Iain Thomson, 18 Apr 2016

Halfbreed trojan targets US banks

A new piece of malware has been linked to thefts of $4m from more than 24 American and Canadian banks in just a few days. Researchers at IBM reckon that hackers combined code from two malware types, known as Nymaim and Gozi, to create GozNym, a persistent and powerful trojan. Customers of numerous credit unions and popular e- …
John Leyden, 15 Apr 2016

Russia sends exploit kit author to the GULAG for seven years

The author of the infamous "Blackhole" exploit kit has been sentenced to seven years in a Russian penal colony, local media report. Dmitry Fedotov, 29, also known as Paunch, was sentenced 12 April along with six other hackers who received between five-and-a-half and eight years for fraud offences, TASS news reported. Fedotov …
Team Register, 15 Apr 2016
Bank vault

Aussie banks stage secret secret intel sharing meetings

ACSC2016 Carders targeting Australian banks may have a tough time re-using attacks thanks to a regular invite-only gathering of anti-fraud boffins. Adam Cartwright. Image: Darren Pauli, The Register. The information-sharing meetups known as "Interbank" have taken place for about six years. The meetings first included representatives …
Darren Pauli, 14 Apr 2016

R+SQL tutorials released

Microsoft's GitHubbed tutorials to teach R to SQL Server 2016 Services users. Posted in Redmond's GitHub channel here, the training docs are designed to help devs build analytics based on the language Microsoft bought last year. There's docs and examples for building models in the R IDE, but getting SQL Server to do the …
Abstract newspaper letters

Hack hack jailed 2 years

A journalist has been sentenced to 24 months in prison in the US for knowingly handing his work login details to hackers. Matthew Keys was sentenced Wednesday for violating the Computer Fraud and Abuse Act (CFAA) by giving his username and password to his news organization's content management system out in an IRC channel of …
Shaun Nichols, 13 Apr 2016
hacker

What exactly is it that infosec miscreants get up to? A quick overview

If corporate IT infrastructures are a battlefield, then the cybercriminals are putting up a good fight. Last year saw some nasty breaches. Anthem Insurance, which lost nearly 80 million records, and the US Office of Personnel Management, which lost 21 million records after failing to encrypt its records. Cybercriminals are …
Danny Bradbury, 13 Apr 2016
Iain Duncan Smith. Pic: Foreign & Commonwealth Office

Universal Credit at high risk of cyber-attack, fraud from the outset

Documents released after a four-year legal battle reveal the extent of the UK government's blithe disregard for the risks faced by Universal Credit. This week, internal reviews of the enormous project in 2011 and 2012 were published by the Department of Work and Pensions under Freedom of Information laws. The dossiers reveal …
Kat Hall, 13 Apr 2016
Selection of Australian banknotes

Retirement funds breached as crims target brokers' un-patched Windows machines

ACSC 2016 Australians are having their retirement savings accounts drained as hackers move to breach broker platforms rather than the tougher target that is banking infrastructure. The Australian Federal Police AFP are investigating a spike in breaches against devices used by brokers who administer boutique, "self-managed" …
Darren Pauli, 13 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016

Texas Attorney General charged in 32-bit 'eco-friendly server scam'

The US Securities and Exchange Commission (SEC) has charged the CEO of Texas server manufacturer Servergy, one of its board members, and the state's Attorney General with fraud over claims of revolutionary low-powered computer hardware. The SEC alleges that between 2009 and 2013 Servergy's then-CEO William Mapp misled …
Iain Thomson, 11 Apr 2016
money_currencies_648

Baddies' brilliant plan to get mobile malware whitelisted: Bribery

Criminals have resorted to bribes in order to smuggle malware into the source code of mobile gaming apps. The scam, in which malware authors bribed the employees of a legitimate mobile games company in China to embed malware into mobile apps, was uncovered by security researchers from Check Point. The bribe ensured that …
John Leyden, 11 Apr 2016
Large leaver switch on a board of push button switches

Lotto 'jackpot fix' code

The Multi-State Lottery's former IT security boss Eddie Tipton smuggled code onto lotto machines that allowed him to predict the numbers drawn on certain days of the month. That's according to investigators in Iowa this week. In July, Tipton was found guilty of fraud in the US state, and was sent down for ten years, for …
Chris Williams, 08 Apr 2016

Fake CEOs pilfer $2.3bn from US biz pockets in three years – Feds

Scammers have bilked American companies out of $2.3bn from 17,642 victims since 2013, the FBI has warned, and the problem is going to get worse before it gets better. Basically, the hustle works like this: miscreants pretending to be top bosses send emails to employees, particularly those handling sensitive financial …
Iain Thomson, 07 Apr 2016
Katipunan, Quezon City, Philippines. Photo by Chris Villarin, CC 3.0

Megabreach: 55 MILLION voters' details leaked in Philippines

A massive data breach appears to have left 55 million Philippine voters at much greater risk of identity fraud and more. Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history. The …
John Leyden, 07 Apr 2016
glow in the dark cat could cure aids

Illegal drugs and dodgy pics? Nah. Half the dark web is perfectly legal

Despite its reputation, less than half of the sites on the dark web are illegal, according to a new study by security intelligence outfit Intelliagg. On the 48 per cent of the dark web which crosses the line, the unlawful content is mostly related to financial crime rather than drugs or sexual perversion, contrary to tabloid …
John Leyden, 07 Apr 2016

Apple faces €48.5m fine from furious French

Apple is reportedly facing a €48.5m (US$55.3m) suit claiming it violated anti-trust rules in France. A report from the local BFM Business [in French] claims that the Cupertino electronics giant leveraged French mobile phone carriers into deals that were unfairly weighted in Apple's favor. The report claims the nation's …
Shaun Nichols, 06 Apr 2016
Steam screenshot

Congressman called out for $1,300 video game binge

A member of US Congress is facing scrutiny after he logged more than $1,300 worth of video game purchases as campaign expenses. The Federal Election Commission (FEC) has sent a letter [PDF] to House Representative Duncan Hunter (R-CA) asking the lawmaker and vaping enthusiast to explain why more than four dozen charges from …
Shaun Nichols, 06 Apr 2016
barbie

Barbie-brained Mattel exec phell for phishing, sent $3m to China

Toy maker Mattel has recovered some US$3 million it shipped off to Chinese hackers who sent a well-crafted phishing email to a finance executive. The recovery was mostly down to luck: the cash was wired on a Chinese bank holiday which meant the funds were held up and returned by fast-acting authorities. Sources told …
Darren Pauli, 06 Apr 2016
Bitcoin is the future of money CC 2.0 by Jonathan Waller https://www.flickr.com/photos/whitez/

Not Bitcoin, but close: Red Hat and Microsoft bite into blockchain tech

Red Hat is offering upstart financial types the opportunity to play with blockchain tech on its OpenShift platform. The news comes a day after Microsoft struck a deal to investigate blockchain tech in partnership with major financial institutions. In a blog post, Redmond exec veep of business development, Peggy Johnson, wrote …
Joe Fay, 05 Apr 2016

Trump carded again: Hotel security aced

Prez hopeful Donald Trump is probably on the phone right now asking Bill Gates how to close down the Internet, following another breach of security in his hotel chain's credit card systems. If the latest KrebsOnSecurity report is accurate, it would be the second breach of the presidential candidate's hotel chain systems in …
Paintings by George W Bush

George Bush naked selfie hacker Guccifer gets his day in US court

Marcel Lehel Lazăr, 44, who as the hacker Guccifer published the email account contents of senior US political figures, has appeared for the first time in a US court. The indictment claims that between December 2012 and January 2014, Lazăr used publicly available information and guesswork to get into email accounts via …
Iain Thomson, 05 Apr 2016

SEC chair blasts Silicon Valley for its hokey valuations

The chair of the US Securities and Exchange Commission (SEC) has given Silicon Valley a poke in the eye concerning its over-valuation of tech stocks. Speaking at Stanford University in the heart of Silicon Valley, Mary Jo White warned that the federal regulator did not look kindly on the wild – and wildly inaccurate – self- …
Kieren McCarthy, 01 Apr 2016
Elastic bands multi-coloured. Photo by Shutterstock

Confused about relationships? Elasticsearch gets graphic

Graph-database-style relationship mapping has been added to an offspring of the Elasticsearch open-source search engine. Elasticsearch startup Elastic has added Graph capabilities to both the search engine and to the data visualisation plug-in Kibana. Founded in 2012 to make a business from Elasticsearch, Elastic reckoned …
Gavin Clarke, 30 Mar 2016
Suitcase full of money

Learn how to prepare for the multichannel retailing future

PROMO Need to keep abreast of the latest developments in ecommerce and multichannel retailing? Then check-in at Internet Retailing Expo 2016 (IRX) for two days of conferences, clinics, workshops and exhibitions at the NEC in Birmingham (27-28 April 2016). And it’s all free. You can get more info and registration details at IRX. In …
David Gordon, 30 Mar 2016
SAP Match Insights

Some old SAP systems have default kernel user accounts. Guess what happened next?

Security researchers were able to access default SAP accounts on enterprise systems worldwide by using default passwords. The security snafu meant that SAP systems worldwide were potentially vulnerable to data theft, business process disruption and fraud, specialist security outfit ERP-SEC warned. Joris van de Vis, researcher …
John Leyden, 29 Mar 2016
Godzila

Apeiron reckons it's the Godzilla of upstart flash arrays

Storage upstart Apeiron's array is a Godzilla of all-flash arrays, delivering up to 3PB of capacity, 120-plus million IOPS and less than three microseconds' latency from a rackful of its ADS1000 array built from separate, scale-out, compute and storage nodes. Apeiron Data Systems has boldly stepped out from behind the stealth …
Chris Mellor, 29 Mar 2016
Water Treatment Centre pipe sluices off water. Photo by Joe Jungmann, released into the public domain

Water treatment plant hacked, chemical mix changed for tap supplies

Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water, we're told. The cyber-attack is documented in this month’s IT security breach report (available here, registration required) from Verizon Security Solutions. The utility in question is referred to using a …
John Leyden, 24 Mar 2016
Riot police in London. Pic: Steve Jackson

Met plod commissioner: Fraud victims should not be refunded by banks

A senior police commissioner has complained that it would be wrong to interpret his comments about preventing online fraud victims from claiming compensation as a proposal for online fraud victims being unable to claim compensation. Sir Bernard Hogan-Howe asserted that the problem was systemic, telling The Times: “The system …

US State Department sextortionist gets 57 months in cooler

A former US State Department official has been handed 57 months prison for hacking the email accounts of women and forcing them into sending him sexual photographs. Michael Ford, 36, of Atlanta, was sentenced by US District Judge Eleanor Ross after he pled guilty to nine counts of cyberstalking, seven of hacking to extort, and …
Darren Pauli, 24 Mar 2016
stock_ticker_board_648

London's $40m 'flash crash' trader is to face extradition to the US

Navinder Singh Sarao, the man accused of causing the stock market “flash crash” in 2010 has lost his court battle against extradition to the US. In 2010 Sarao, 36, was alleged to have knocked $40m (£28m) off the financial markets. He traded on the Chicago Mercantile Exchange from his parents' home near Heathrow. He is …
Kat Hall, 23 Mar 2016

Police create mega crime database to rule them all. Is your numberplate in it? Could be

The police are to consolidate a number of their large databases into a single "platform" in order to "protect victims and spot potential links to other crimes." The plans for a "National Law Enforcement Data Programme" were announced by the Home Office today and will bring together data from the Police National Computer, …
Kat Hall, 23 Mar 2016

New UK cyber security centre to work with Bank of England

The UK's new national cyber centre will collaborate with the Bank of England on new cyber security guidance for financial firms when it opens later this year, the government has said. The Cabinet Office announced that the National Cyber Security Centre (NCSC) will be based in London and start operating in October. It said one …
OUT-LAW.COM, 23 Mar 2016
shutterstock_238128856_phone_theft

Your money or your life! Another hospital goes down to ransomware

Another US hospital has had its records scrambled by ransomware trying to extort money from the sawbones. This time: it's the Methodist Hospital in Kentucky that's been infected. "We've notified the FBI, we're dealing with federal authorities on how to deal with it," the hospital's chief operating officer David Park told local …
Iain Thomson, 23 Mar 2016
Syrian Electronic Army

FBI's Most Wanted: Syrian Electronic Army hacktivists

The FBI has placed suspected self-styled Syrian Electronic Army (SEA) hacktivists on its most wanted list, publicly naming members of the notorious group for the first time. Ahmad Umar Agha (AKA The Pro), 22, and Firas Dardar (AKA The Shadow), 27, were each charged with multiple conspiracies related to computer hacking. Peter …
John Leyden, 22 Mar 2016
Fujitsu Arrows NX F-04G

Biometrics not a magic infosec bullet for web banking, warns GCHQ bloke

Around the world, banks are implementing biometric authentication systems for their customers as fraud cases increase – but experts warn biometrics should not be treated like a silver bullet for ID woes. Earlier this year, HSBC announced the launch of Voice ID for its customers in the UK, alongside fingerprint authentication, …

Quadsys Five enter 'not guilty' pleas to Crown court charges

The fraud case against five men from security reseller Quadsys will go to trial in September after they pleaded not guilty to allegations of hacking into a rival’s database to plunder customer and pricing data. The individuals charged include MD Paul Cox, owner Paul Streeter, director Alistair Barnard, account manager Steve …
Paul Kunert, 18 Mar 2016
NBN CEO Bill Morrow

nbn tries to shift the conversation to future copper upgrades

Reg roadtrip In the best possible world, all terrestrial internet connections would use fibre-to-the-premises (FTTP). Everything I've learned over years writing about broadband suggests that a fibre optic network has a longer working life and will scale to greater bandwidth than technologies that rely on existing or new twisted pair copper …
Simon Sharwood, 17 Mar 2016
George Osborne, photo: HM Treasury

Osbo slaps down Amazon and eBay – who'll be liable for traders evading VAT

Budget UK Chancellor George Osborne has said today the government will make online marketplaces such as Amazon and eBay liable for traders evading VAT in the UK - in his 2016 budget which outlined a swathe of tax cuts. The growing number of sellers based outside Europe and sell goods online without having a registered VAT number …
Kat Hall, 16 Mar 2016

Go ahead, build better security: it just makes crims try harder

Nullcon The chief security officer of payroll giant ADP says his executive peers will need to become technical if they want to have a future in the industry. Roland Cloutier, who has a stint as EMC's chief security officer on his CV, told the Nullcon security event in Goa, India, that executives must be a lot more technical than they …
Darren Pauli, 13 Mar 2016

UK fella is a multimillion-dollar cyber-hustle mastermind – US DoJ

A UK bloke living in America has been indicted by the US Department of Justice (DOJ) for allegedly running a multi-million-dollar online fraud operation. The DOJ claims 37-year-old Gareth David Long operated a series of schemes that allowed him to illegally withdraw money from the bank accounts of thousands of unsuspecting …
Shaun Nichols, 12 Mar 2016

HPE unleashes Machine Learning-as-a-service on Microsoft Azure

Hewlett Packard Enterprise is now flogging more than 60 machine learning APIs and services on a new cloud-based big data platform. Intended to extend big data tools to developers, the Haven OnDemand platform was beta released in 2014. HPE has today opened it up for general commercial use, offering data-wealthy wannabes the …
shutterstock_196823585-wafer

Heartless hackers break into Florida cancer clinic network – 2.2 million records exposed

US cancer clinic 21st Century Oncology has admitted that a breach on its systems may have exposed private information on 2.2 million patients and employees. Unidentified hackers were able to access sensitive patient and employee data, including names, SSNs, diagnosis and treatment details and insurance information after …
John Leyden, 10 Mar 2016

Oracle gives apps a ticket to ride on Sparc M7's SQL warp drives

Oracle will today release, in its words, "a free and open API and developer kit" for the hardware-accelerated SQL-crunching engines in its Sparc M7 processors. You can register to grab the goodies, here. "We're opening up the interfaces to enable programmers using C/C++, Java and Python to effectively use these accelerators," …
Chris Williams, 08 Mar 2016
Mobile banking, image via Shutterstock

NatWest tightens online banking security after hacks' 'hack' exposé

NatWest is tightening up its internet banking systems after security shortcomings were exposed by journalists. BBC hacks were able to hijack a colleague's NatWest online bank account and transfer money without knowing her password. The UK bank's parent, Royal Bank of Scotland (RBS) Group, is also shoring up its security. …
John Leyden, 08 Mar 2016
phishing_648

Bungling Seagate staffer leaked coworkers' social security numbers, other info to email fraudsters

Storage drive biz Seagate is lousy at keeping its own data safe: it accidentally handed over the crown jewels of its employees' private information to persons unknown. A Seagate employee was fooled by an email that masqueraded as an internal memo from the CEO: the message requested people's W-2 forms, and the worker duly …
Iain Thomson, 08 Mar 2016
Stacks of bitcoin CC2.0 attribution by FD Comite https://www.flickr.com/photos/fdecomite/

Beleaguered bank boss brought-up in Bitcoin bribery brouhaha

The head of a New Jersey credit union has been accused of turning control of his bank over to the operators of an alleged illegal Bitcoin exchange. On Thursday, the US Department of Justice (DOJ) charged Trevon Gross, the once-chairman of the HOPE Credit Union, with taking a $150,000 bribe from the operators of the coin.mx …
Shaun Nichols, 04 Mar 2016
Viewmaster Old Advert

We’re not holding biz to ransom, says pay to play ad-blocking outfit

Far from killing the advertising industry, ad blockers are saving it from itself, says the company behind AdBlock Plus. Eyeo was responding to headline-grabbing remarks by Culture Minister John Whittingdale earlier this week. Whittingdale didn’t name names, but compared ad blocking software companies who whitelist advertisers …
Andrew Orlowski, 04 Mar 2016