Security news20 December 2007
Bank mules arrested for part in phishing attacks, Sophos reports Account holders lent bank accounts to hackers
16 arrested for lending bank accounts to hackers.
IT security and control firm Sophos has welcomed news that Dutch authorities have arrested 14 suspects who allegedly allowed their ABN Amro bank accounts to be used by cybercriminals to store and transfer illegal funds.
According to reports, the fraudsters, based in Russia and Ukraine, set up bogus ABN Amro websites to lure the bank's customers and harvest their security details - information which was used to access their accounts and steal money. Several of these sites were hosted on the Russian Business Network, an ISP which is notorious for hosting illegal and dubious businesses, including phishing and malware distribution sites. The stolen funds were then allegedly placed in the bank accounts of the 14 ABN Amro customers, and these mules subsequently transferred the money overseas to Russia and other countries.
"The Dutch police have sent a strong message to cybercriminals of all kinds - any participation in this kind of illegal activity won't be tolerated. While these 14 suspects may not have actually carried out the phishing attacks themselves, they played a key role in the crime by allowing the fraudsters to use their bank accounts," said Mark Harris, global director of SophosLabs™. "However, in these situations it can be tricky to prove the deliberate involvement of the account holder as it's quite easy for them to claim they're simply the victim of identity theft. These arrests represent an important step in the right direction and should deter anyone trying to earn a quick buck from engaging in this type of activity."
Sophos experts note that there is a growing trend among cybercriminals to try and recruit ordinary people to help them move their illegal profits around the world. This month, SophosLabs™ detected an unusual 419 email scam which, instead of offering the typical promise of grant, lottery or prize money, purported to come from the American Red Cross and offered the recipient a job as a 'donation collector', accepting and shipping donations to people in need for various EU projects.
"In the case of this email about the American Red Cross, the real victims would be those people who glued their eyes on the compensation salary," continued Harris. "But, as with so many similar scams, you have to question why people continue to fall for it - there are very often obvious tell-tale signs that the email is a fake, and all computer users should learn to exercise a little common sense and caution when it comes to unsolicited emails."
Sophos recommends companies protect themselves with a consolidated solution which can control network access and proactively defend against the threats of spam, hackers, spyware and viruses.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
