More Than 80 Arrested In Alleged Zeus Banking Scam

ID Theft Scam
I received an email that mentions this MO - sounds like it would work on some.

You get a call from someone claiming to be with the county courthouse. They want to know why you did not report for Jury Duty. When you state you did not get a notice, they ask for your DOB and SSAN to verify. Give them that data, and your ass is history...


Me - If I don't know you it goes to voicemale. People like this NEVER leave a message.

A follow-up email

There is another they are running in New York.

You give a merchant your credit card ... they run it and give a credit card back to you . problem is it is not yours! They then have a day or so before you notice it is missing and ...

ME - When I let the waitress know I won't let my card out of my hand, she says "You're kidding"?

NO!!

Just this week my niece and a friend in their town near OKC got their debit cards hit hard after eating at a popular chain pancake house. Got one for $400 and another for $1000. They'd have to catch my account at just the right time because mine goes out about as fast as it comes in!

GumbyCT wrote:A follow-up email

There is another they are running in New York.

You give a merchant your credit card ... they run it and give a credit card back to you . problem is it is not yours! They then have a day or so before you notice it is missing and ...

ME - When I let the waitress know I won't let my card out of my hand, she says "You're kidding"?

NO!!

Years ago before credit cards had all the info on the strip on the back we would get people trying to use shaved credit cards. The bad guys would take a razorblade and shave/cut the numbers off and it would look like they were there but they weren't. Then when you ran the card through the machine to make an impression of the cards numbers nothing came up. If you were reall busy you would grab the card and put it on the little clip board for the person to sign without noticing it. The bad guy walks out with the goods and all you have is a worthless piece of paper with a badly scribbled name. Sneaky bastards! And yes, I did get got once.

Phone scam targeting social security beneficiaries - Maybe you know someone who could fall for this?

There is warning being put out by the Social Security Administration targeting beneficiaries living right here in the Rio Grande Valley.

The Administration doesn’t want you to fall for the scam.

It starts with a simple phone call.

"The person on the other end of the phone is identifying themselves as an employee of Social Security" said Linda Young with the Social Security Administration.

So what is the caller saying?

The person on the other end of the line is saying they're due for an increase in benefits, but in order to get more money they need to give the caller their personal information over the phone.

They are asking for “their bank information and their Social Security number" said Young. "It's a scam, it's an old scam, it's been recycled."

THe caller will sound convincing even offering up a name and call back number, but the number doesn’t actually work.

Young says if it sounds to good to be true it usually is, and when it doubt always remember this about the Social Security Administration.

"We do not conduct business in that way we will never ask you for your information we have your information" said Young.

If you do receive a phone call, the Social Security Administration says take down the callers information and call back number and report it to the agency.

If you have any questions you can all the Social Security Administration at 1-800-772-1213

Read the comments at - http://www.valleycentral.com/news/story.aspx?id=515523

Simple solution...if you don't know who is calling don't answer, if it is important they will leave a message. Phone scammers never leave a message.
N

I don't know, but I have a hard time wrapping my mind around people that continue to fall for these scams.

Years ago, a woman called here claiming to be from my mortgage company. She started asking me all kinds of questions that I refused to answer. She got really indignant and said that I could call back and gave me a number. Yeah, right. I'm not stupid enough to fall for that. I looked up the number myself and called (wasn't the same number she gave me).

It turned out, she WAS legitimate. But her calling here, asking me all kinds of questions, I REFUSED to answer any of her questions and double checked it myself by looking up the number myself.

I just don't understand how people can still fall for this stuff.

nanwilson wrote:Simple solution...if you don't know who is calling don't answer, if it is important they will leave a message. Phone scammers never leave a message.
N

I agree

GumbyCT wrote:Me - If I don't know you it goes to voicemale. People like this NEVER leave a message.

Just like I can't believe that people still fall for online scams either, but they do. Prob cuz there are "new people" getting online everyday who think someone has money to give them?

The phone scams I think are elderly folks who think people are honest and are hoping to get just a little more money in their check so they give out the info. It does sound innocent enuff.

IF you have grandparents you prob know they don't get online and are the very people who get targeted by these phone scammers.

That is Exactly why I have Caller ID and if the SSA calls it will show up as SSA on the Caller ID. Therefore no Information is given out to scammers and Previously, when the SSA called me it was from the Local Office with a Local Telephone Number.

This is for those who haven't heard about this very successful online scam.
I found this by doing a Google - http://www.darkreading.com/security/att ... =227501125

----------------------------
More Than 80 Arrested In Alleged Zeus Banking Scam
Eastern European cybercriminals teamed with foreign students who opened accounts in the U.S., authorities say

Sep 30, 2010 | 06:25 PM
By Tim Wilson
DarkReading

Law enforcement authorities have leveled charges against more than 80 people in connection with a banking scam that was built on Zeus malware.

According to FBI press releases and wire service reports, hackers in Eastern Europe used the increasingly popular Zeus malware to steal usernames and passwords by teaming with foreign students who opened bank accounts in the United States.

The scam resulted in the theft of at least $3 million from American bank accounts, authorities said today.

Thirty-seven people were charged in court papers unsealed in U.S. District Court in Manhattan with conspiracy to commit bank fraud, money laundering, false identification use, and passport fraud for their roles in the invasion of dozens of victims' accounts, U.S. Attorney Preet Bharara said. Fifty-five have been charged in state court in Manhattan.

He said the victims included five banks and dozens of individuals with accounts throughout the country.

Nine New York-area people and one person in the Pittsburgh area were arrested early Thursday, said FBI Assistant Director Janice K. Fedarcyk, head of the New York office. Others had already been arrested and at least 17 are fugitives, she added.

In a series of criminal complaints filed in the case, the FBI said the scheme originated with information gleaned from computers through the use of a Zeus Trojan that was able to access the bank accounts of small and midsize businesses and municipal entities in the U.S.

The Zeus banking Trojan enabled hackers to secretly monitor the victims' computer activity, enabling them to obtain bank account numbers, passwords, and authentication information as the victim typed them into the infected computer, the FBI said.

The scheme relied on individuals known as "money mules" in the United States to actually steal money, the FBI said. Bharara said those arrested consisted almost entirely of mules and four people who managed them.

New York District Attorney Cyrus Vance Jr., a state prosecutor, said people from the Russian Federation, Ukraine, Kazakhstan, and Belarus who had obtained student visas to come to the United States were recruited through social networking sites and newspaper advertisements to open hundreds of U.S. bank accounts for fraudulent purposes.

He said the money stolen from the victims would be deposited into the bank accounts and then transferred in smaller amounts elsewhere. Authorities said those who set up the bank accounts would keep 8 to 10 percent for themselves before sending the rest to others involved in the scheme.

"This advanced cybercrime ring is a disturbing example of organized crime in the 21st century -- high tech and widespread," Vance said.

Gregory Antenson, commanding officer of the city police department's Financial Crimes Task Force, said the police department's detectives literally walked into the international probe that was already under way when they showed up at a Bronx bank in February to investigate a suspicious $44,000 withdrawal.

Noa Bar-Yosef, senior security strategist at Imperva, offered some insight on how the scam probably operated.

"These criminals operated Zeus one of two ways: either the bots used were under their own control, or, and more likely the case, they rented a bot from a bot 'farmer," Bar-Yosef says. "The bot farmer grows and manages the bot, and the criminals then rented and used it.

"The hacking rings we see today take on a more organized approach, similar to a drug cartel or a cyber-mafia," Bar Yosef says. "There is a hierarchy with employees that have a distinct role in the scheme -- the researcher looking for different ways to infect machines, the botnet farmer operating the bots, the botnet dealer renting the bots, and the actual 'consumer' who monetizes on the virtual goods received by the bot.

"In this scheme, these bots did more than just harvest user credentials -- they injected code into the user's browser so that the user thinks they have a legitimate connection with their bank. In fact, the user was actually engaging with the Trojan.

"Banks need to step up their security measures -- instead of being reactionary after the fact, try to be proactive by guessing the next steps of the hackers," Bar-Yosef advises. "The banks can [use] the uncovering of this Zeus [exploit] to learn more about how these gangs work. They can see how the attack code was adapted over time and analyze the modification of methods, which can help them anticipate the next move hackers are likely going to make."

Alex Cox, principal analyst with NetWitness, says the arrests probably will not discourage similar types of attacks in the future.

"The belief is that this group was one of the premier Zeus operators in the underground -- few have been as successful operating at this level," Cox says. "Operators at this level tend to work under a high level of suspicion already, so I would expect this bust to make existing groups take notice and watch their tracks even more especially in the short term. But it's not likely to have any significant sustained effect -- the risk vs. rewards are still too great.

"The popularity and power of Zeus is that it offers a very low barrier to entry, with a high possibility of return. As such, the use of Zeus is prolific to the point that we see it in the vast majority of organizations who call us in to assess them -- either via infected hosts inside the corporate network, or being used to commit fraud via the business online portals.

"Infection mechanisms in this case were likely a combination of exploits -- phishing and second stage malware payload," Cox suggests. "This works, so there is no need to change it or do anything different."

"These arrests show that some of the criminal groups behind Zeus are doing a poor job in covering their tracks," says Mickey Boodaei, CEO of secure browsing service provider Trusteer. "The police did a great job in tracing down this group and gathering information that can facilitate their arrest. This is not a simple task.

"In a recent initiative by Trusteer and a few other organizations, we were able to actually penetrate the criminals' servers and gather a lot of evidence from them," Boodaei says. "This shows that criminals are vulnerable.

"By running more operations like this -- and by the banks and other organizations investing effort in tracing fraudsters and not just blocking their activities -- there is a good chance we can lower the volumes of attacks," Boodaei says. "Customers can take their banks' advice and implement fraud prevention tools that provide valuable capabilities to banks in detecting and blocking these threats."