A new breed of hacker is targeting your net worth more than your network.
Sure, the “script kiddies” still abound online, unleashing high-profile
annoyances designed to gain bragging rights. But security experts say more
hackers are joining forces with fraudsters intent on profit, not publicity.
Working from Eastern Europe or Asia, cyber criminals target specific
high-value targets rather than scattershot attacks, according to the
Securities and Exchange Commission’s (SEC) Internet enforcement unit.
Last week’s civil lawsuit by the SEC against a Florida man is the latest
example. The SEC said the suspects made off with $82,920 after allegedly
hijacking two-dozen online brokerage accounts.
The money, according to the regulators’ lawsuit, wound up in a bank in Riga,
Latvia. The suspect, Aleksey Kamardin, may have fled to Russia, the lawsuit
said.
Last month, a New York federal court ordered the assets of a Russian citizen
frozen after the SEC claimed the man made $353,609 manipulating stocks in a
nearly identical manner as Kamardin.
And earlier this month, Swedish bank Nordea lost $1 million after Russian
hackers allegedly logged the keystrokes of customers.
“We have a lot of these cases coming up,” John Stark, head of the SEC’s
Internet bureau, told internetnews.com.
How much can criminals make looting online finances? Last year, E*Trade reimbursed customers $18 million lost to online fraud, as
internetnews.com reported.
In the U.K., online bank customers lost $44 million in 2005 compared to
$29 million in 2004, according to anti-spyware vendor PC Tools.
A Worrisome Nexus
A worrisome nexus of trends is also materializing, driven by the increasing
use of online financial services and departure from the usual hacker
targets.
Financial researcher Javelin Strategy said there are more than 10
million online brokerage accounts in the U.S. At the same time, last year 86
percent of phishing attempts targeted financial services, according to security vendor Symantec.
Stark said some of the recent complaints filed by government regulators are about using phishing or viruses to harvest passwords and then transferring the
ill-gotten gains beyond the U.S. border, often to Russia.
Phishing for Financial Information
According to Stark, 21-year-old Tampa resident Kamardin allegedly
gained control of 24 online brokerage accounts enabling him to liquidate
their holdings and purchase stock he owned.
Then between July 13 and Aug. 25,
2006, he profited by selling from his own account the manipulated stocks, said the SEC, which added that the money from the supposed online stock scam was wired to Russia then sent to a bank in Riga, Latvia.
In December, Russian citizen Evgeny Gashichev “used electronically stolen
usernames and passwords to gain Internet access to one or more online
brokerage accounts, according to the civil lawsuit. From there, the suit
continued, an e-mail was sent to Swedish and U.S. online banking customers
included a “rogue anti-spam program.”
The anti-spam software was actually a
Trojan that launched a keylogger whenever a customer typed a bank’s online
address into a Web browser. The data collected was then sent to a server in
Russia. The suit said about 250 customers were victimized.
Joining Forces
Often online financial crimes are hard to trace. Brokerage companies, leery
of headlines that might scare already skeptical consumers, often will
quickly reimburse customers when they can prove they were defrauded.
Last year E*Trade Financial Corp., unveiled its Complete Protection
Guarantee, pledging it will match any losses resulting from fraud.
However, the SEC said the financial industry is joining forces with
regulators to discover the new financial phishing schemes.
E*Trade spokeswoman Pam Erickson told internetnews.com the online
financial firm has been “working with authorities for some time.”
Additionally, Stark said the brokerage industry group NASD helped the SEC
track individual trades by the pump and dump suspects.