Category Archives: Fraud

Fake banking App For Android

Posted by on 13 January, 2010 No comments

Android is a system used by some smartphones (similar to iPhone or Windows Mobile, but made by Google). Like other smartphones you can install apps on Android.

One Android app that showed up recently is a free banking app. It looks like it supports US banks. But instead of logging into your bank it sends your online banking details to a scammer. Then it won’t be long until someone steals money from your bank account.

Google has been notified of this malicious app and they have removed it. But for some people it may be too late.

There’s a lesson to be learnt here. Smartphones are cool, installing apps on them is cool. But we shouldn’t let our guard down and trust everything to them. Know what you’re installing, know who wrote the software, and how it stores and sends your login details.

As more people buy smartphone scams are only going to become more common.

A Sophisticated Way To Steal Money

Posted by on 12 October, 2009 No comments

Here’s an example of a very sophisticated piece of malware designed to steal money. It was discovered recently in Germany and was used to steal €300,000 in 3 weeks. Here’s how it works:

  1. You visit a web page that has been hacked. It’s an ordinary web page (such as a news site), nothing looks out of the ordinary.
  2. A trojan is installed on your computer without your knowledge. It sits there on your PC waiting and watching.
  3. You log onto your internet banking site. Everything still looks normal.
  4. The trojan detects that you’ve logged into an internet banking site and it makes a transaction, transferring money from your account to the account of a money mule (more on this later).
  5. When you look at your bank statement online, the trojan captures the network data and changes it to hide the transaction it made. The numbers it shows on the screen have been altered.

Step 5 is the sophisticated part of this attack. Normally you’d notice if money was transferred from your bank account without your approval, but the trojan hides this by showing you a fake statement on your screen. If you can’t see the money being taken from your account the criminals have more time to keep making withdrawals.

The amount of money it steals is different each time so that the bank’s anti-fraud detectors don’t see the pattern of theft.

More details here on this attack works.

So what’s a money mule?

Stealing money from people’s bank accounts is a big business. Criminals not only write sophisticated malware to carry out the transactions, they also recruit money mules to launder the money.

They place ads online offering jobs to desperate people. These jobs require no experience and you work from home (sound familiar?). People who sign up to these jobs receive money in their bank accounts, then they have to transfer it to someone else’s account. They do this willingly and are paid for it, but they usually don’t know that it’s part of a criminal organisation.

This is how the criminals receive their stolen money and cover their tracks. It’s a form of money laundering and is illegal. And to avoid a pattern detection they usually only use these money mules twice.

Here’s an example of a money mule job ad.

Lessons Learnt:

  • Always use an antivirus program that not only scans your PC for malware, but also checks every web page you go to. Good antivirus programs cost money and it’s a good investment to protect your online security.
  • Only use internet banking from a PC you trust.
  • Always update your PC with the latest patches. For example, tomorrow there’ll be a large Windows update, you should install this as soon as possible (after you make a backup).
  • Don’t trust job ads that promise the world for little to no effort.

Inside The Password Stealing Business

Posted by on 27 September, 2009 No comments

McAfee, a large anti-virus company, has published a report called “Inside the Password Stealing Business: the Who and How of Identity Theft”. It goes into the details of password stealing programs and explains the “industry” driving it.

It’s quite detailed and at 17 pages it won’t take too long to read – it’s not very technical.

Password stealing is when a program gets installed on your PC that catches every stroke of your keyboard and sends it back to a criminal. The idea is that it’ll record all your passwords as you type them, no matter how strong they are. It’s a sophisticated piece of technology and a very large problem worldwide. If you’re not constantly upgrading your anti-virus software, web browser and OS then you’re at high risk.

These passwords are then sold off and used to steal money from your bank account or to commit other crimes. Even if you don’t use online banking you still have something to lose – someone can apply for a credit card under your name and use it to make expensive purchases, then you’re left to deal with the credit card company and convince them it wasn’t you (this happens every day).

So click on this link and have a read of the report.

World Business Guide – Scam

Posted by on 5 September, 2009 1 comment

I received the email shown below, Googled it and saw that it’s a scam. Unfortunately I also found that quite a lot of people have fallen for this scam so I’ll explain how it works.

Firstly they send out the email shown, it offers to list your business on a register. Their email mentions the word “free” several times and they never mention a price – but it’s misleading, they’re actually offering a paid service. It’s called deceptive marketing and it’s illegal in most countries.

Then if you sign up to list your business they send an invoice for approx €995 (quite a bit of money).

Now this is when the stress begins for most victims. If you ignore their invoice they start sending a stream of nasty letters threatening legal action. Based on what I’ve read in forums it seems that they’re empty threats (see for yourself here).

So please do a bit of research on any unsolicited marketing offers you might receive. Search on Google, even if you think it’s a free offer.

The email that they sent is:

Ladies and Gentlemen.

In order to have your company inserted in the registry of World Businesses for 2009/2010 edition, please print, complete and submit the enclosed
form (PDF file) to the following address:

WORLD BUSINESS GUIDE
P.O. Box 2021
3500 GA Utrecht
The Netherlands

email: register@wbgtoday.net
FAX: +31 20 524 8107

Updating is free of charge!

If you are not the intended recipient, please submit an email to
unsubscribe@wbgtoday.net
Your request shall be dealt with accordingly.

And the attachment that they sent looks like this:

world business guide

If you see this email just delete it.

Tax Door Knocking Scam

Posted by on 16 August, 2009 No comments

This one has been reported in Australia but could just as easily happen anywhere.

Scammers have been knocking on people’s doors and claiming to be officials from the Australian Tax Office. They ask the resident to sign up to a program in return for reduced taxes. This is the bait part of the scam, offering you a way to pay less tax.

The scammers just need your credit card or bank details in return for their generous offer of reduced taxes. This is confidential information that you shouldn’t be giving out to strangers.

The Australian Tax Office has said that they’ll never initiate unsolicited house calls, if they do ever visit your home they’ll make an appointment first. And they will always show some ID on arrival. If this happens to you and you’re unsure what to do, the ATO’s phone number is 1300 686 636, they’ll be able to verify the situation.

This scam was also happening earlier this year using phone calls – the scammer calls random people and gives them the same story about reducing their tax and claiming to be from the Australian Tax Office.

If you have any comments on how this works in other countries please post below in the comments.

Credit Card Fraud By Cutting Phone Lines

Posted by on 3 August, 2009 1 comment

This particular type of fraud targets shop owners and police say it has been happening in Sydney.

The criminals go to a retail shop dressed as electrical contractors and cut their phone lines. They then go into the shop as customers and buy products using a stolen credit card.

Because the phone lines have been cut the store’s staff can’t verify the card to process the transaction. So they either have to trust that the card is legitimate and process the order on paper, or turn away customers.

If you work for a retail store you should be aware of this fraud tactic. There may also be things you can do to protect access to your store’s phone lines, and it may be possible to organise credit card processing facilities that use a mobile network as a backup.

Govt Grant Scam

Posted by on 29 May, 2009 No comments

The email below suggests you can receive $20k from the US government. cashThey ask you to send an email with your personal details. These type of scams then ask you for more details.

Your details are then used for fraudulent activities, under your name (this is called identity theft). It’s also common for the scammer to start asking you for money – there’s usually an excuse that they need to pay lawyers or some other convoluted story.

Below is the scam email, if you see this just delete it:

Hello

Secure $20k in Govt Grants and you never need to pay it back.

All American residents can apply for Govt Grants.

Allotment of grants doesnt depend on your credit history.

The strength of our firm is grants writing.We’re doing business since 1999 and we have helped around 20,000 people obtain grants.

Our company is taking fees of 10% only after our clients receive funds from Govt.There’s no risk for you at all.You’re paying our fees only when you’ve received grant money in your bank account.

Send us details including first name, last name, address, profession, date of birth, annual income, reason for govt grant.

grantswriting27@mail.com
Reply back to this email.

Regards

Johnathon Hodge

Hacked Version of VLC Player

Posted by on 25 April, 2009 No comments

There is a hacked version of the popular VLC media player. Instead of installing VLC, it starts installing, then asks you to send an SMS to a number. They then send you a code in return to continue installation.

This is wrong. The people that hacked this installer are just trying to make money from your SMS’s. At the moment it’s been detected in the French version of VLC but it could apply to any language.

The real VLC player never asks you to send an SMS. The real VLC player can be downloaded from: http://www.videolan.org/vlc/

If you download it from anywhere else you end up putting your PC at risk. Always download files from the original vendor’s web site. You can search Google to find it.

ATM Skimming

Posted by on 22 April, 2009 No comments

This isn’t internet or PC related but it’s still good knowledge to avoid scams.

ATM skimming usually involves someone attaching 2 devices to an ATM:

  1. A device to read your bank card number
  2. A device to record you typing in your PIN

They attach these devices to the ATM and make it look convincing enough that most people won’t notice they’re there.

In the past the scammers would come back in a few hours and take away the devices so they can retrieve the information. And sometimes the police would be there waiting for them to return. Today crooks have gotten smarter and attach mobile phones to send the information to their own phone. This way they don’t have to return to the scene of the crime.

So the real problem is, how do you know if an ATM has these skimming devices attached? Below is a presentation prepared for a local bank in Australia. No matter which bank you use the information in this report is useful.

It’s easy to read through the presentation and won’t take up much of your time, and it’s full of interesting photos of card skimmers. You can find it here:

PowerPoint presentation: here.