Green-Bressler, who defrauded thousands of US bank customers, has
been jailed for seven years.
IT security and control firm Sophos has welcomed news that US
authorities have sentenced a man to seven years in prison for
buying stolen identities from online forums run by cybercriminals
in other countries. According to reports, 21-year old Jacob Vincent
Green-Bressler was not involved in actually stealing and selling
these identities, but used the information he bought from the
hackers to defraud thousands of US bank customers.
Green-Bressler was convicted of soliciting information including
credit and debit card account numbers, personal identification
numbers (PINs), expiration dates, passwords and social security
numbers. Using this data, he was able to create counterfeit credit
cards which were then used to fraudulently withdraw money from cash
machines in Arizona. Around half of this stolen money would then be
transferred back overseas to the cybercriminals that supplied the
original information.
Sophos experts note that until now law enforcement agencies have
focused on catching the cybercriminals who sell identities online,
rather than those who use the information to defraud innocent
victims.
"While good headway has been made in clamping down on the
hackers that sell stolen identities online, more action needs to be
taken to stop the criminals that buy and use this information,"
said Graham
Cluley, senior technology consultant at Sophos. "Tackling the
identity theft problem is not just about stopping the suppliers -
there are always more cybercriminals lurking out there ready to
step into their shoes. It's just as important that anyone buying
this information doesn't think they can get away scott free."
At the height of the scam, it is estimated that Green-Bressler
held more than 4,500 illegal credit and debit card account numbers
and PINs, and that more than $300,000 was wired overseas.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.