Friday, March 19, 2010

A Little Dogma

"It's a fair cop", I said, standing in front of some 600 delegates and assembled police officers from as far away as New Zealand, Vietnam, Panama and Pakistan. "The blogger, Lord Matt of the 'Thanet Star' revealed last year that I'm involved in 'shady internet activities', gambling and casual sex websites and so I'm turning myself in to anyone who cares to arrest me."

Other than a few laughs from the audience, nobody stepped forward to put the cuffs on me but they know where I live and I expect the knock on my front door any moment now!

Back to business then and I wanted to share the attached screenshot for readers' attention.

It's the home page of a real website although you need a special invitation from a reputable serious and organised crime contact to be able to access it. Think of it as eBay with a powerful underground economy slant.

This is one of many such operations running-out of the old Soviet Union and with global links to a criminal harvesting exercise across the internet economies. The scale of such operations is now so large, and so sophisticated that I struggle to picture it. What I can say is that it's now reportedly larger than the cocaine industry.

To cut a long story short, these guys will, among other scams, pay a commission - see screen-shot of their business terms & conditions - on any information stealing package that is planted on your own computer, normally a percentage of what they can steal in terms of financial information or identity. The tools are now so advanced that even an online transaction can be intercepted as it happens and in Germany, worryingly, even the account statements on the bank's website have been altered, so as not to reveal what's happening. Normally, this involves business accounts though with larger credit limits. Just imagine something that looks like a bank's trading floor but instead of screens showing stock exchange transactions, instead it's screens alerting he operators to a whole range of different criminal opportunities on millions of PC's, such as personal bank transactions in progress.

As an example of such crimes, yesterday I received an email from one of my own suppliers:

"In late February 2010 we discovered that hackers had accessed our system containing our customer's credit card numbers and that as a result of this unlawful intrusion, certain customers received a nominal fake charge to their credit card by a company not associated with us. Immediately upon learning of this incident, we took steps to diligently investigate this matter and insure that the integrity of our system was restored. We have recently completed our investigation, and as a result of this investigation we believe only a small number of customers were impacted by this breach. However, out of an abundance of caution we are notifying everyone so that you can keep an eye on your credit card statements. You can be assured that we are taking this problem very seriously. A number of necessary steps have been taken to not only fix the source of this problem but also to prevent it from occurring again. We are committed to continue providing you the level of service you have known and trusted."

So my advice to anyone reading this is to make certain your antivirus software is right up-to-date. Preferably, run an update every day because I'm prepared to bet that a high percentage of readers, will have compromised systems and while their own information may not have been stolen they could find that they are in fact one part of a huge army of 'botnet' PC's that can be invisibly deployed against targets anywhere in the world, at a single keystroke

No comments: