A typical Eastern European fraudster, this morning

Eastern European fraudsters have a God working for them and they’re getting him to steal money from us. Sorta.

See, a new version the Zeus virus has stolen £675,000 from about 3,000 online customers of a British bank thanks to the small matter that most firewalls can’t detect it. Experts at M86 Security, which specialises in online fraud, said the virus checks to see how much money the accounts contain, steals it, and covers its tracks by showing the customer fake bank balances. Clever.

The online security firm rumbled the fraud when it penetrated the criminals’ command server, which is based in Eastern Europe, and found a list of all the cash transfers. The police have been informed a fortnight ago, however, the attacks don’t appear to have stopped.

Bradley Anstis, vice president of technical strategy at M86 says in the Telegraph: “This is an extremely sophisticated version of the virus and it cannot be detected by traditional security software”.

The Trojan, which kicks in as soon as you log-in to your bank account, hijacks your banking session and checks your balance. If you have more than £800 it begins transferring the funds into mule accounts invisibly.

The real oddity of the story, however, is how two thirds of a million pounds has been stolen from 3,000 customers, and yet nobody knows the name of the high street bank involved. Somehow the bank in question has gagged every single customer without a leak to the media. Thank goodness there was a security firm around to investigate and issue a press release on their behalf, eh?

Stay vigilant freaks.

Booking a bargain holiday online can seem like a result, but it appears that many of us get carried away with the excitement and set ourselves up to be ripped off.

A new survey has shown that as many as 30% of online bookers don’t bother to confirm the authenticity of their holiday provider, something that could culminate in two weeks spent sleeping in a Turkish ditch, eating nothing but worms and drinking nothing but radiator fluid when all you wanted was a romantic weekend in Paris.

The survey was commissioned by Abta and GetSafeOnline.org and also unearthed the stat that 22% of those polled don’t bother to check if the web page is secure before booking a holiday, with 36% not bothering to check the payments in their bank or credit card statements.

They’re clearly too busy thinking about getting burnt to a crisp on their first day or suffering from dehydration thanks to a diet of too much booze and not enough common sense.

Security Minister Dame Pauline Neville-Jones dressed herself up as a Harlequin and said: “Many people will be looking for last-minute holidays at this time of year and the internet can provide a great way of shopping around for bargains. However, in your rush to book a holiday you should make sure you are not falling victim to online crime by taking some basic steps to protect yourself.”

That bit about the Harlequin might not to completely true mind you…

Some idiot at an idiot music festival with loads of other idiots

Music festivals are full of puke, sewage, idiots and rubbish bands. So the news that one in every twelve ticket sold for music festivals is a fake should fill me with glee. I mean, irritating shite-hawks getting ripped off? HAHA!

Of course though, with this being a serious and good-hearted consumer something website, I have to point out that I’m not being entirely serious with my opening paragraph. Basically, that means I have to point out that some festivals aren’t pukey at all.

If you’re one of those moo-brained dipshits thinking of going to a musical event this summer, then be on your guard. The Office of Fair Trading (OFT) has sent out a warning that there’s a lot of fraud going on around the UK music festival scene.

The figures – from a study of ticket frauds at all of last year’s music festivals, published in the Guardian – also shows that, on average, if you’re getting ripped off, it’ll be to the tune of (roughly) £80 per person.

“We estimate that one in 12 of the fans are caught out by fake websites,” says Kate Hobson, performance manager for Consumer Direct, the OFT’s consumer protection body for anyone booking tickets online. “And we now know that the average loss to each fan is £80.”

So how do they do it? Send out the scalpers with duff tickets when people go to pay on the door? Well, these days, things are a bit more sophisticated. These highly organised gangs use websites that mimic those used by bands and festivals to pocket your pennies.

“It is known to be linked to organised crime,” says John Probyn, chief operating officer of Download, Britain’s second-biggest music festival, which packed 110,000 fans into Castle Donington this year. “We have known about fake-ticketing websites for some time, but in the past three years it has developed into a big business.”

“Every time we have tickets go on sale for a festival or a big show, you only have to do a quick search of the internet and can bet that half the sites that look official are, in fact, fakes.”

Simply Red have been targeted by one team of scamsters who have set up a website called SimplyRedTour. Ian Grenfell, the band’s manager, said: “When we first heard about the site, our lawyer managed to get it offline via their hosting company.”

Alas, it reappeared on a different server which saw Grenfell enlisting the BPI in the fight.

The OFT has set up a website on www.consumerdirect.gov.uk/ticketscams to warn buyers how to avoid bogus tickets. Essentially, the news is this: Buy your tickets over the counter of a reputable store or go through the variety of rip-off gits that are well known and trusted outlets. Failing that, set up a crap blog and see if you can wangle freebies.

Did you hear about those spies? Spies are ace aren’t they? Poison-tipped umbrellas and secret code-words muttered from behind newspapers in train stations. Sadly, we’re not in the business of writing about cool spies on this website so you’ll have to settle for some fraudsters who are hauling legal arse and being ordered to wank up pennies.

The first bunch are a threesome who have been accused of running what the BBC allege to be the UK’s largest Ponzi scheme.

The Financial Services Authority (FSA) have also ordered the baddies to cough up £115m as well. Quite where the money goes to is unclear though as the FSA have noted that those who lost money are unlikely to be repaid.

John Anderson, Kautilya Nandan Pruthi and Kenneth Peacock were arrested last year on suspicion of conspiracy to defraud and money laundering. The High Court heard that the three men were found to have taken deposits from investors without authorisation from the FSA.

City of London police are still investigating the swindle which hundreds of investors (hilariously, this includes sports stars and celebrities) collectively invested £84m in Knightsbridge-based Business Consulting International.

As yet, none of the three men has been charged with any criminal offences.

They’re not the only ones in bother either. A former Toys R Us manager is being asked to repay more than £3m which he took from the company to pay for a life not unlike the most dodgy of rappers. It’s that or 10 years in the clink.

Paul Hopes, who worked in accounts at the company’s Maidenhead head office, has already admitted to 14 counts of theft and four of transferring criminal property.

Over several years, the dirty bugger siphoned off £300,000 at regular intervals to the account of a fictitious toy manufacturer called Dunbar Associations, named after one of his female escorts. He used the money to buy cars (including a Bentley Continental Flying Spur and a BMW 3 convertible), property, jewellery and designer clothes. Oh, and prozzers. Mustn’t forget the prozzers.

Consumer watchdogs over in the USA have rumbled and killed a four-year scam that was brilliant in its simplicity.

Basically, the con involved loads of low-value payments from compromised credit cards made to a number f dummy firms set up by the crooks, say the Federal Trade Commission.

Instead of going for big-buck transactions, which would invariably get them noticed by the authorities, the fraudsters charge small amounts ranging from $0.25 to $9 to escape being found out.

In addition to this, because of the small size of the payments, customers can’t be bothered to go through the hassle of chasing them up to find out what they are. There’s not many who will want to dispute a payment of $0.25 is there?

So successful was this scam that the crooks made off with a total of $9.5m.

The Reg reports that the FTC obtained court orders freezing the US assets of suspect firms and went after 14 suspected “money mules” – US residents duped into channelling money between the bogus firms – and the crooks masterminding the con, who used banks in Bulgaria, Cyprus, and Estonia.

Fake businesses were set up which had near-identical names to legit firms, which was backed by the use of real federal tax ID numbers, allowing the scammers to trick credit card processors into giving them merchant accounts.

“It was a very patient scam,” Steve Wernikoff, a lawyer at the FTC prosecuting the case. “The people who are behind this are very meticulous.”

You’ll be pleased to know that, as yet, there’s been no reports of any activity in the UK.

There’s balls and then there’s balls. And then there’s brass balls. And then there’s bomb-proof platinum balls filled with truffles and caviar. They’re the balls that are hanging between the legs of Blu-ray player makers Lexicon.

They recently launched a snazzy $3500 Blu-ray player called the BD-30 – and for that amount of money, you’d expect oodles of snazz inside it. So the good folks at Audioholics opened it up in a hunt for the aforementioned snazz. Guess what – no snazz.

Their review explains….

“When we received the player the first thing we did was open it up to get a look at the inside. Imagine my surprise when I found that not only did the Lexicon share the same boards and transport as the Oppo – it was in fact AN OPPO BDP-83 PLAYER, CHASSIS AND ALL, SHOVED INSIDE AN ALUMINUM LEXICON WRAPPER. As far as we could determine, Lexicon didn’t change a single thing in terms of the hardware. Heck, they didn’t even lift the boards out of the chassis, opting instead to cut out the bottom of their own chassis to accommodate the venting locations, and putting a darker blue filter over the Oppo’s VFD display to give it a slightly deeper hue.”

Just so you know, the Oppo BDP-83 retails for around $500. Look at the balls on Lexicon!

[Gizmodo]

So ID theft in the UK is increasing by nearly 500% a year and unfortunately we’re all so  well-versed in it that we probably know many of the ways to remain vigilant in a country full of thieving gits. But here’s a refresher list of points to follow – it can’t hurt to brush up!

1. Thieves don’t need your card numbers to steal your identity.
It’s common for people to take all manner of measures to conceal their card number and protect their cards – and this is good. But thieves can use less sensitive pieces of information – a birth-date or NI number – to build up an identity solid enough to steal and run amok. It’s a good idea to keep any such information, including birth certificates, passports, bank statements even phone bills, either securely or (if possible) shredded.

2. Information you reveal online is sometimes enough to commit ID theft.
If you want a good excuse not to exhibit your birth-year on Facebook, this is it. Revealing an exact DOB, phone number or home address on any website is usable by thieves. Refrain from doing so, even on more ‘official’ websites such as job-search engines.

3. Don’t use dodgy cashpoints!
We all know what cash-points look and feel like. We’ve used hundreds of them and they’re all about the same. If any seem a little strange – extra plastic around the card slot for instance – this is probably a card skimmer designed to harvest your card details. If you notice after using your card in the machine, report the fact to your bank so they can monitor the account for fraudulent activity.

4. Be wary with shopkeepers…
If the cashier (or indeed anybody) has your card and is turned away for any period of time, make sure they’re not solemnly scanning your card into a handheld skimming device of some sort, copying its details. Such a device is not even necessary – most relevant information can be captured simply by taking a photo of the front and back of the card. Also make sure what’s handed back is actually your card and not simply something that looks like it.

5. Pay attention to your snail mail.
If you start missing bank statements or other regular financial documents, this could be a sign that someone has intercepted and changed your address for that account.

6. Review your statements!
Carefully – don’t skimp. If there are strange transactions – even small ones – with unfamiliar organisations this could be a sign for the worse. Thieves sometimes ‘trial’ blocks of account details they’ve been given by withdrawing (or even crediting) tiny pence amounts from random accounts to make sure the accounts are indeed active. Most fraud detection algorithms aren’t triggered by such small amounts – so you’ll need to detect them yourself, before they rinse the accounts properly.

7. Paperless is the way forward.
We touched on this in a post not long ago about carrying too much stuff in your bags – heed this advice! Many people find that they’re carrying around personal documents they don’t need to including passports, bank statements, bills and the like. Take these out of your bag before leaving he house! Also reducing the amount of paper documentation you receive to your household overall can help. If possible put a cease to any snail mail; for instance your bank may let you review statements online as opposed to on paper. As for any paper information that you do receive – if it’s to be thrown away, do so using a shredder.

And there you have it – seven ways in which you can secure yourself against the menace of ID theft. But of course there are many other ways to counteract this growing crime – do our dear readers have any other sound advice to throw out there? Or perhaps some cautionary tales of ID hardship?

People in the UK spend more money on eBay than they do going to the movies (Screen International).  And with 203 million registered users worldwide and 1.3 million people who rely on the auction website as a primary or secondary source of income, eBay considers their statistic of only one auction in 40,000 ending up as a reported case of confirmed fraud a small figure.

But for 5 million+ items currently for sale at any given time, that still translates to 250 cases. It may not be as pressing as the 15,520 days until the end of oil, but according to the U.S. Federal Trade Commission, nearly half (48%) of all online fraud cases are of auction fraud, amounting to some 500 cases per week. So here are 5 scams that sellers and buyers should know about that may directly or indirectly affect you:

1. Negative Feedback from Fraudulent Buyers. In May 2008, changes in eBay’s feedback policy took place, in response to eBay’s data shows that sellers are eight times more likely to retaliate against negative feedback which can hurt honest and accurate buyers. The new policy preventing sellers from receiving negative feedback. This has led to an increase in negative feedback from fraudulent buyers. One eBay music store reported that a suspected scammer left over 50 negative feedback ratings for other sellers.

2. Chargebacks/Partial Refunds. In 2002, online credit card fraud jumped by 15 percent to £110.1 million.  Sellers do not just lose the price of dispatched goods, but also have to pay administrative charges to the bank if they are not careful. And in view of point 1 with negative feedback changes, sellers who want to make their customer happy will refund part of their money. A better approach is to request the buyer to return the item for a full refund.  Other buyers will falsely claim that the item was never received but request a full refund.  This can be avoided if sellers ship via tracked services under Paypal Seller Protection.

3. Lack of negative seller ratings. Beware of the lack of negative ratings for sellers. Read the neutral reviews, because on e-Bay bad reviews are not normally given prior to 2008, due to the phenomenon of retaliation ratings. You might want to consider the neutral review as negative to be on the safe side.

4. Account hijacking and one day sales. In this scam the perpetrator either steals an existing seller’s account or quickly signs up to do a one-day auction.  One-day auctions can be legit, but be careful and make sure you read a seller’s last few reviews to make sure they are consistent.

5. Strange circumstances. Many a fraudulent ad claims unusual circumstances, such as “The strangest thing happened. I just bought a car at a government auction for a dollar and I need to sell it quick…” Don’t rise to the bait.

Bottom line is, sometimes it’s good to go with a gut feeling, and if you think there’s something shady about a buyer or a seller, the safest thing is not to engage in a purchase with them.

[Image courtesy of Geekstir.com]

When people are desperate enough for money, they will sometimes turn to insurance fraud as a way to get money because to them, insurance fraud seems victimless. After all, what’s a £5,000 claim for a giant insurance company, right? Nope. It affects everyone who buys insurance due to increased premiums.

How much has insurance fraud gone up?
In 2008, 4% of all insurance claims were found to be fraudulent, up from 3% in 2007 . The number is expected to rise in 2009 as the recession deepens.

How much does insurance fraud cost the industry, and, more importantly, me?
In 2007, fraudulent insurance claims totaled £730 million a year . Other sources estimate that the figure is more like £1.6 billion a year. Insurance fraud adds around £40 to everyone’s premium.

How does organized insurance fraud work?
Organised insurance fraudsters will sometimes deliberately cause car accidents where an innocent driver is forced to crash into the back of the fraud criminal’s car. The organized fraud group makes claims against the innocent driver, often for made-up injuries on people who weren’t even at the scene of the crash. Some of these insurance fraud rings have claims with many insurers at the same time.

What kind of individual fraud cases show up more during recessions?
Sometimes people will torch their car and claim it was stolen in order to collect insurance money. Others will “lose” expensive jewellery that is covered in a homeowners policy, or claim that an injury suffered during recreation (playing rugby for instance) was caused by a hole in the pavement. Insurance fraud having to do with automobiles is the most costly, accounting for £360 million a year.

Why should I report suspected insurance fraud?
Well, for one thing, insurance fraud is a felony. For another, it costs you, me, and everyone else in terms of higher premiums. You can report suspected insurance fraud anonymously to the Insurance Fraud Cheatline of the Insurance Fraud Bureau.

Recently retired TV presenter Des O’Connor of Channel 4’s Countdown was the victim of credit card fraud resulting in £1,000 worth of unapproved charges.

O’Connor was one of many victims of Olanrewaju Apalara, a former John Lewis sales associate perpetrating a huge credit card scam.

Apalara, 26, stole dozens of customers’ credit card information by recording it in his cell phone while working at the company’s Oxford Street store in London in 2005. He later used the stolen information to order electronics and other merchandise online and then resold them.  According to Prosecutor Ben Douglas-Jones:

“He used his position of trust to obtain the details of bankcards and pin numbers from customers who he served cards obtained from other sources were also used.  Apalara used two internet shopping sites where he knew the ‘integrity of the card verification system was flawed.”

Apalara was able to run his scam for nine months, but his operation came crashing to a halt when John Lewis brought in police. He was sentenced over the weekend to 18 months in jail after admitting to obtaining property by deception as well as converting the proceeds of criminal property.

[thisismoney]