RealTime IT News

Fraudsters Update Pump-And-Dump

A new breed of hacker is targeting your net worth more than your network.

Sure, the "script kiddies" still abound online, unleashing high-profile annoyances designed to gain bragging rights. But security experts say more hackers are joining forces with fraudsters intent on profit, not publicity.

Working from Eastern Europe or Asia, cyber criminals target specific high-value targets rather than scattershot attacks, according to the Securities and Exchange Commission's (SEC) Internet enforcement unit.

Last week's civil lawsuit by the SEC against a Florida man is the latest example. The SEC said the suspects made off with $82,920 after allegedly hijacking two-dozen online brokerage accounts.

The money, according to the regulators' lawsuit, wound up in a bank in Riga, Latvia. The suspect, Aleksey Kamardin, may have fled to Russia, the lawsuit said.

Last month, a New York federal court ordered the assets of a Russian citizen frozen after the SEC claimed the man made $353,609 manipulating stocks in a nearly identical manner as Kamardin.

And earlier this month, Swedish bank Nordea lost $1 million after Russian hackers allegedly logged the keystrokes of customers.

"We have a lot of these cases coming up," John Stark, head of the SEC's Internet bureau, told internetnews.com.

How much can criminals make looting online finances? Last year, E*Trade reimbursed customers $18 million lost to online fraud, as internetnews.com reported.

In the U.K., online bank customers lost $44 million in 2005 compared to $29 million in 2004, according to anti-spyware vendor PC Tools.

A Worrisome Nexus

A worrisome nexus of trends is also materializing, driven by the increasing use of online financial services and departure from the usual hacker targets.

Financial researcher Javelin Strategy said there are more than 10 million online brokerage accounts in the U.S. At the same time, last year 86 percent of phishing attempts targeted financial services, according to security vendor Symantec.

Stark said some of the recent complaints filed by government regulators are about using phishing or viruses to harvest passwords and then transferring the ill-gotten gains beyond the U.S. border, often to Russia.

Phishing for Financial Information

According to Stark, 21-year-old Tampa resident Kamardin allegedly gained control of 24 online brokerage accounts enabling him to liquidate their holdings and purchase stock he owned.

Then between July 13 and Aug. 25, 2006, he profited by selling from his own account the manipulated stocks, said the SEC, which added that the money from the supposed online stock scam was wired to Russia then sent to a bank in Riga, Latvia.

In December, Russian citizen Evgeny Gashichev "used electronically stolen usernames and passwords to gain Internet access to one or more online brokerage accounts, according to the civil lawsuit. From there, the suit continued, an e-mail was sent to Swedish and U.S. online banking customers included a "rogue anti-spam program."

The anti-spam software was actually a Trojan that launched a keylogger whenever a customer typed a bank's online address into a Web browser. The data collected was then sent to a server in Russia. The suit said about 250 customers were victimized.

Joining Forces

Often online financial crimes are hard to trace. Brokerage companies, leery of headlines that might scare already skeptical consumers, often will quickly reimburse customers when they can prove they were defrauded.

Last year E*Trade Financial Corp., unveiled its Complete Protection Guarantee, pledging it will match any losses resulting from fraud.

However, the SEC said the financial industry is joining forces with regulators to discover the new financial phishing schemes.

E*Trade spokeswoman Pam Erickson told internetnews.com the online financial firm has been "working with authorities for some time."

Additionally, Stark said the brokerage industry group NASD helped the SEC track individual trades by the pump and dump suspects.