Woman charged with using fake credit card

A Chicago woman was charged with three felonies after she allegedly used a fake credit card with another person’s account information on it to buy clothes and other goods in River Forest and Oak Park, police said.

Shirley Cameron, 47, of the 200 block of North Keeler Avenue, shopped at GAP Clothing in Oak Park and Jewel Osco and Walgreens in River Forest on March 4, River Forest Police Department Justin Labriola said. She also possessed a fake Indiana driver’s license, police said.

An investigation showed Cameron regularly bought bundles of re-encoded credit cards on Chicago’s West Side and used the cards until they no longer worked, according to a River Forest Police Department news release. Police suspect Cameron has been using the re-encoded cards since at least 2013, Lavriola said.

Her March purchases included spending about $33 at GAP, about $340 at Jewel Osco and about $312 at Walgreens, including a Hallmark gift card, Labriola said. The Jewel Osco and Walgreens purchases included $300 gift cards, he said.

River Forest police arrested Cameron April 11 after a traffic stop in Chicago, according to the Tuesday release.

The victim, who lives downstate, reported she had not lost or had her credit card stolen. One of Cameron’s re-encoded cards matched the victim’s credit account, police said in the release.

Police are investigating the source of the re-encoded card with help from federal agencies, the release states.

Cameron was charged with two counts of felony use of a forged credit card and felony possession of a fraudulent identification card. River Forest detectives alerted Oak Park police about Cameron’s suspected activities at Oak Park stores, the release states.

View Source

Canadian arrested for hacking revenue agency using Heartbleed security bug

A 19-year-old Canadian man has become the first person arrested in relation to the Heartbleed security vulnerability, which he used to steal taxpayer information.

Royal Canadian Mounted Police (RCMP) is accusing Stephen Arthuro Solis-Reyes of hacking into the Canadian Revenue Agency’s (CRA) website late last week.

Solis-Reyes, of London, Ontario, is suspected of stealing around 900 Social Insurance Numbers.

“It is believed that [Mr] Solis-Reyes was able to extract private information held by CRA by exploiting the vulnerability known as the Heartbleed bug,” the RCMP said in a statement.

“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible,” RCMP assistant commissioner Gilles Michaud said. “Investigators from National Division, along with our counterparts in ‘O’ Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners.”

Solis-Reyes has been charged with “unauthorized use of a computer” and “mischief in relation to data.” He is scheduled to appear in court on July 17.

The 19-year-old is a second-year student at Western University, located in his hometown. In high school, he was on a team that won first place in a programming competition at the London District Catholic School Board. He has also authored a BlackBerry phone app that solves Sukoku puzzles, according to The Globe and Mail.

His father is a Western computer science professor. The family lived in Lafayette, Indiana before moving to Ontario.

Early last week, the open-source OpenSSL project released an emergency security advisory warning of Heartbleed, a bug that pulls in private keys to a server using vulnerable software, allowing operators to suck in data traffic and even impersonate the server. Heartbleed was first noticed by a Google researcher and Codenomicon, a Finnish security firm.

The Canada Revenue Agency (CRA) reported that the private information of about 900 people was stolen thanks to Heartbleed’s impact. CRA became one of the first major organizations to curtail services as a result of the vulnerability.

“Regrettably, the CRA has been notified by the government of Canada’s lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period” last week, CRA said on Monday.

Private firms and governments are working to patch their vulnerabilities to the bug, yet more breaches are expected.

The Canadian government “was really slow on this,” Christopher Parsons from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto told CBC.

Yahoo was one major private entity to immediately address its exposure to Heartbleed, claiming it had successfully updated its servers after hearing of the bug.

“If you look at Yahoo, it had begun updating its security practices prior to the CRA fully taking action,” Parsons said. “The same thing with other larger companies. As soon as they saw what was going on, they immediately reacted and issued public statements.”

View Source

Eight Members Of New York Cybercrime Organization Indicted In $45 Million

New York Cell Withdrew $2.8 Million In Cash From Hacked Accounts In Less Than 24 Hours

A four-count federal indictment was unsealed in Brooklyn charging eight defendants with participating in two worldwide cyberattacks that inflicted $45 million in losses on the global financial system in a matter of hours.1 These defendants allegedly formed the New York-based cell of an international cybercrime organization that used sophisticated intrusion techniques to hack into the systems of global financial institutions, steal prepaid debit card data, and eliminate withdrawal limits. The stolen card data was then disseminated worldwide and used in making fraudulent ATM withdrawals on a massive scale across the globe. The eight indicted defendants and their co-conspirators targeted New York City and withdrew approximately $2.8 million in a matter of hours. The defendants are charged variously with conspiracy to commit access device fraud, money laundering conspiracy, and money laundering.

Seven of the eight defendants have been arrested on the charges in the indictment: the arrested defendants are Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje, and Chung Yu-Holguin, all residents of Yonkers, New York. Rodriguez was arrested on a criminal complaint on March 27, 2013, when he attempted to flee the United States for the Dominican Republic. Peña was arrested on a criminal complaint in Yonkers, New York, on April 3, 2013. Lara, Reyes, and Yeje surrendered to law enforcement authorities on April 15, 2013, and Collado and Yu-Holguin were arrested yesterday afternoon. The indictment also charges an eighth defendant, Alberto Yusi Lajud-Peña, also known as “Prime” and “Albertico,” who is reported to have been murdered on April 27, 2013, in the Dominican Republic. The case has been assigned to United States District Judge Kiyo A. Matsumoto.

The charges were announced by Loretta E. Lynch, United States Attorney for the Eastern District of New York, Steven Hughes, Special Agent in Charge, United States Secret Service, New York Field Office, and James T. Hayes, Jr., Special Agent in Charge, U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI), New York.

“As charged in the indictment, the defendants and their co-conspirators participated in a massive 21st century bank heist that reached across the Internet and stretched around the globe. In the place of guns and masks, this cybercrime organization used laptops and the Internet. Moving as swiftly as data over the Internet, the organization worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of ATMs in a matter of hours,” stated United States Attorney Lynch. “Law enforcement is committed to moving just as swiftly to solve these cybercrimes and bring their perpetrators to justice.”

“New technologies and the rapid growth of the Internet have eliminated the traditional borders of financial crimes and provided new opportunities for the criminal element to threaten the world’s financial systems. However, as demonstrated by the charges and arrests announced today, the Secret Service and its law enforcement partners have adapted to these technological advancements and utilized cutting edge investigative techniques to thwart this cybercriminal activity,” said Secret Service Special Agent in Charge Hughes. “I want to take this opportunity to commend the dedicated men and women of the Secret Service and HSI for their extraordinary efforts in this investigation. This case is an excellent example of the impact that can be made when the law enforcement community works together.”

“The arrests today reflect the government’s joint efforts to bring a global cybercrime enterprise to justice,” said HSI Special Agent in Charge Hayes. “HSI is proud to be part of a proactive federal law enforcement initiative that uses its collective resources to pull the plug on those who attempt to use the Internet to commit bank robbery.”

The “Unlimited Operation”

As alleged in the indictment and other court filings, the cyberattacks employed by the defendants and their co-conspirators in this case are known in the cyber underworld as “Unlimited Operations” – through its hacking “operation,” the cybercrime organization can access virtually “unlimited” criminal proceeds.

The “Unlimited Operation” begins when the cybercrime organization hacks into the computer systems of a credit card processor, compromises prepaid debit card accounts, and essentially eliminates the withdrawal limits and account balances of those accounts. The elimination of withdrawal limits enables the participants to withdraw literally unlimited amounts of cash until the operation is shut down. “Unlimited Operations” are marked by three key characteristics: (1) the surgical precision of the hackers carrying out the cyberattack, (2) the global nature of the cybercrime organization, and (3) the speed and coordination with which the organization executes its operations on the ground. These attacks rely upon both highly sophisticated hackers and organized criminal cells whose role is to withdraw the cash as quickly as possible.

As alleged in court filings, “Unlimited Operations” are executed in the following manner: First, over the course of months, the hackers plan and execute sophisticated cyber intrusions to gain unauthorized access to the computer networks of credit card processors that are responsible for processing prepaid debit card transactions. They target databases of prepaid debit cards, which are typically loaded with finite funds; such cards are used by many employers in lieu of paychecks and by charitable organizations to distribute disaster assistance. The cybercriminals breach the debit card accounts’ security protocols, then dramatically increase the balances and effectively eliminate the withdrawal limits on the accounts. The elimination of withdrawal limits enables the participants to withdraw unlimited amounts of cash until the operation is shut down. Next, the cybercrime organization cashes in, by distributing the hacked prepaid debit card numbers to trusted associates around the world – the two cyberattacks charged in this case allegedly involved 26 countries. These associates operate cells or teams of “cashers,” who encode magnetic stripe cards, such as gift cards, with the compromised card data. When the cybercrime organization distributes the personal identification numbers (PINs) for the hacked accounts, the casher cells spring into action, immediately withdrawing cash from ATMs across the globe. Meanwhile, the cybercrime organization maintains access to the computer networks of the credit card processors they have hacked in order to monitor the withdrawals. At the end of an operation, when the cards are finally shut down, the casher cells launder the proceeds, often investing the operation’s proceeds in luxury goods, and kick money back up to the cybercrime organization’s leaders.

The Charged “Unlimited Operation” Cyberattacks

According to the government’s filings, between approximately October 2012 and April 2013, the defendants and their co-conspirators conducted two Unlimited Operations. The first operation, on December 22, 2012, targeted a credit card processor that processed transactions for prepaid MasterCard debit cards issued by the National Bank of Ras Al-Khaimah PSC, also known as RAKBANK, in the United Arab Emirates. After the hackers penetrated the credit card processor’s computer network, compromised the RAKBANK prepaid card accounts, and manipulated the balances and withdrawal limits, casher cells across the globe operated a coordinated ATM withdrawal campaign. In total, more than 4,500 ATM transactions were conducted in approximately 20 countries around the world using the compromised RAKBANK account data, resulting in approximately $5 million in losses to the credit card processor and RAKBANK. In the New York City area alone, over the course of just two hours and 25 minutes, the defendants and their co-conspirators conducted approximately 750 fraudulent transactions, totaling nearly $400,000, at over 140 different ATM locations in New York City.

As alleged in the indictment and other court filings, the second of these Unlimited Operations occurred on the afternoon of February 19 and lasted into the early morning of February 20, 2013. This operation again breached the network of a credit card processor that serviced MasterCard prepaid debit cards, this time issued by the Bank of Muscat, located in Oman. Again, after the cybercrime organization’s hackers compromised Bank of Muscat prepaid debit card accounts and distributed the data, the organization’s casher cells engaged in a worldwide ATM withdrawal campaign. This attack was particularly devastating: Over the course of approximately 10 hours, casher cells in 24 countries executed approximately 36,000 transactions worldwide and withdrew about $40 million from ATMs. From 3 p.m. on February 19 through 1:26 a.m. on February 20, the defendants and their co-conspirators withdrew approximately $2.4 million in nearly 3,000 ATM withdrawals in the New York City area.

As charged in the indictment and other filings, defendant Alberto Yusi Lajud-Peña was the leader of the New York cell of this organization, and in the wake of the charged Unlimited Operations, he and defendants Elvis Rafael Rodriguez and Emir Yasser Yeje laundered hundreds of thousands of dollars in illicit cash proceeds. In one transaction alone, nearly $150,000 in the form of 7,491 $20 bills, was deposited at a bank branch in Miami, Florida, into an account controlled by defendant Alberto Yusi Lajud-Peña. Cell members also invested the criminal proceeds in portable luxury goods, such as expensive watches and cars. To date, the United States has seized hundreds of thousands of dollars in cash and bank accounts, two Rolex watches and a Mercedes SUV, and is in the process of forfeiting a Porsche Panamera. The Mercedes and Porsche were purchased with $250,000 in proceeds of this scheme.

In announcing the charges, United States Attorney Lynch praised the extraordinary efforts of the Secret Service in responding so rapidly to these attacks and investigating both the complex network intrusions that occurred overseas and the criminal activity occurring locally. Ms. Lynch also thanked the Department of Homeland Security for its invaluable role in recent arrest and seizure operations, as well as MasterCard, RAKBANK, and the Bank of Muscat for their cooperation with this investigation. Ms. Lynch expressed gratitude for the timely and extensive assistance of law enforcement authorities in Japan, Canada, Germany, and Romania, and also thanked authorities in the United Arab Emirates, Dominican Republic, Mexico, Italy, Spain, Belgium, France, United Kingdom, Latvia, Estonia, Thailand, and Malaysia for their cooperation in this investigation.

If convicted, the defendants face a maximum sentence of 10 years’ imprisonment on each of the money laundering charges and 7.5 years on the conspiracy to commit access device fraud charge, restitution, and up to $250,000 in fines. In addition, all property involved in the money laundering offenses and all proceeds of the conspiracy to commit access device fraud are subject to forfeiture.

The government’s case is being prosecuted by Assistant United States Attorneys Cristina M. Posa, Hilary Jager, Brian Morris, and Kevin Trowel.

The Defendants:

Age: 23

Age: 23

Age: 22

Age: 35

Age: 24

Age: 24

Age: 24

Age: 22

View Source

Feds arrest 25 South Florida suspects charged with ID theft, tax fraud

At the height of the tax season, federal agents on Thursday rounded up about 25 South Florida suspects charged with stealing Social Security numbers and other personal information from unwitting victims to file fraudulent income-tax returns in their names.

The takedown, carried out at the crack of dawn, is the latest in a series of sweeps through South Florida to combat the ever-spreading crimes of ID theft and tax-refund fraud that are costing the U.S. government billions of dollars a year.

U.S. Attorney Wifredo Ferrer, who has launched the only task force in the nation to crack down on the dual crimes, plans to hold a news conference Thursday morning to spotlight the latest arrests before the April 15 tax filing deadline and South Florida’s dubious reputation as the capital of these twin crimes.

Since 2012, his office has prosecuted upwards of 200 defendants who have filed hundreds of millions of dollars in false refund claims with the Internal Revenue Service.

Thursday’s takedown was carried out by dozens of agents with the FBI, IRS, Secret Service and other law enforcement agencies.

Critics say the IRS is partly to blame for the escalating crisis because the agency issues refunds so rapidly in the digital age without checking the accuracy of the information on tax returns, including failing to investigate suspicious claims with stolen names, birthdates and Social Security numbers along with totally fabricated employment and income information.

The IRS has admitted that it rarely checks tax documents such as W-2 income forms in real time to see if employees’ returns match information provided by their employers. That has given tax-fraud offenders ample time early in the tax season to use stolen identities, swiped from hospitals, police stations and other places, to beat legitimate tax filers to the punch.

The problem has spiraled so out of control that some South Florida perpetrators haven’t even bothered with stealing people’s identities to commit tax fraud. They have simply filed phony refund claims for tens of thousands or hundreds of thousands of dollars in their own names and the IRS has issued them the massive refunds in the form of checks or debit cards.

View Source

FTC says telemarketers took $20 million from scared seniors

Washington DC April 2 2014

Take a company called “Landshark,” bogus bank officials and telemarketers who literally will not take “no” for an answer and how can that ever end well?

Five Canadian and American companies worked together to trick American senior citizens into buying about $20 million in bogus services, the Federal Trade Commission said Monday as it announced a lawsuit and a court order shutting the companies down pending trial.

In some cases, the telemarketers didn’t bother getting approval for a sale, the FTC charged: They just took the money from consumers’ accounts without their knowledge.

Callers tricked seniors into revealing bank account and routing numbers during calls in which telemarketers posed as government, bank or insurance officials.

Callers sometimes got consumers to agree to purchase products like fraud protection by scaring them into thinking their accounts were under threat.

But whether they were selling fraud protection or medical discount plans, the FTC said, the prices quoted were often substantially lower than the $187 to $397 payments the companies took from consumers’ accounts between May 2011 and December 2013.

Telemarketing companies are required to keep recordings of calls that show a purchase was authorized, but the FTC says the companies got around that by leading consumers through a series of questions designed to have them answer “yes.” Callers went so far as to instruct consumers they were required to answer with a yes.

Not surprisingly, some consumers only realized they’d made a purchase when they saw the debits on their bank statements.

The suit said the defendants created a “labyrinth” of shell companies to avoid detection by banks and payment processors, which often terminate agreements with companies that have high dispute rates.

Companies named in the FTC suit are First Consumers in Pennsylvania; Standard American Marketing, dba Trust One Services, in Arizona; PowerPlay Industries in Florida; and two Quebec companies, Landshark Holdings and Madicom. A federal court in Pennsylvania issued the preliminary injunction closing the operations.

The suit also names Ari Tietolman, a Quebec man the FTC says played key roles in all the companies.

There are plenty of lessons consumers can draw from this one:

• Never reveal a bank account or routing number to anyone who calls you. Your bank already knows your account number, and no one from the government will call you to ask.

• Check your bank statements carefully every month. It’s easier to get fraudulent payment back – and head off additional payments – if you report the problem right away.

• If you suspect a call isn’t on the level, or spot a fraudulent debit or charge, report the scheme to the FTC right away at ftc.gov or 1-877-382-4357.

View Source

Police: As many as 100 stolen vehicles found at salvage yard

Dozens of stolen vehicles discovered in a Far South Side salvage yard Monday may have been part of a scheme that involved scrapping cars and trucks for parts, a source familiar with the investigation said.

Police in the South Chicago District, where the salvage yard is located, have seen a dramatic jump in the number of vehicle thefts in recent months, according to the source, who requested anonymity because they were not authorized to discuss the investigation.

After one theft that occurred late Sunday or early Monday, a group of relatives scoured the area for the missing vehicle, according to the source. The group spotted the stolen vehicle in the salvage yard, which is located in the 3000 block of East 106th Street, the source said.

Police arrived at the lot about 11 a.m. for a report of a stolen vehicle, Chicago Police Department News Affairs Officer Thomas Sweeney said Monday. When officers arrived, they found the vehicle in a business parking and storage area, and on further investigation, determined there were a number of other vehicles parked at the lot that had been reported stolen, Sweeney said.

Because of the “volume and complexity” of the investigation, “disposition is expected to take some time,” Sweeney said.

Between 70 and 100 stolen vehicles were believed to have been in the salvage yard at the time, according to the source familiar with the investigation. Many of the vehicles were commercial vehicles, from businesses such as plumbing companies, the source said.

Police believe a group of people affiliated with a towing company had been stealing vehicles for six months, the source said.

“It could be scores and scores, dozens and dozens of people” who were involved, the source said.

A man connected with the business at the property is in police custody and has admitted to knowing about an operation involving the stolen vehicles, another official said. Police were preparing a search warrant to more thoroughly search the property and connections to any possible illegal activity.

The News Affairs office has not confirmed an estimate of the number of vehicles involved.

View Source

Even old hands are stunned by Yee allegations

SACRAMENTO — If there has ever been a more nauseating corruption scandal in Sacramento, I’m not aware of it. Certainly not in the past 50 years.

The notion of a legislator masquerading as a gun control crusader while offering to help a mobster traffic in automatic rifles and rocket launchers is beyond hypocrisy. It’s sick.

The obligatory insert here: Everyone is presumed innocent until proved guilty in court.

But no one I’ve talked to presumes any innocence in this sordid case.

Especially not anyone who has read the 137-page FBI affidavit that summarizes an elaborate undercover sting leading to the arrest last week of state Sen. Leland Yee (D-San Francisco) — “aka Uncle Leland” — on charges of conspiring to illegally deal firearms, public corruption and wire fraud.

Yee allegedly was teamed with his political fundraiser, consultant Keith Jackson, who also was charged in murder-for-hire and narcotics schemes. Jackson was aligned with convicted felon Raymond “Shrimp Boy” Chow, a San Francisco tong dragonhead — gang boss — accused of laundering money and trafficking in stolen cigarettes.

Back in the 1950s, there was a big bribery scandal involving the sale of liquor licenses by state Board of Equalization members, who then regulated alcohol. The board was stripped of that power and the Department of Alcohol Beverage Control was created.

Since then, we haven’t come close to anything like international gun running.

A 1980s FBI sting, which sent five legislators of both parties to prison, involved bribes for helping to pass legislation setting up a phony and innocuous shrimp processing plant. It was dubbed Shrimpscam. The FBI tipped off then-Gov. George Deukmejian, and he vetoed the bill.

In the last decade, two state elected officials — Republican Insurance Commissioner Chuck Quackenbush and Democratic Secretary of State Kevin Shelley — resigned amid heated but garden-variety political scandals.

Last month, Sen. Ronald S. Calderon (D-Montebello), following an FBI sting, was indicted on 24 felony counts that included accepting nearly $100,000 in bribes along with gourmet meals and pricey golf junkets. He has pleaded not guilty.

Also in February, a jury found Sen. Roderick D. Wright (D-Inglewood) guilty of lying about where he lives.

Nothing compares to Yee’s alleged chameleon trick of turning from gun control champion to international weapons trafficker.

A hero of gun regulators, Yee pushed unsuccessful legislation that would have closed a loophole in California’s assault weapons ban by making it mechanically impossible to quickly detach one empty magazine and insert a loaded replacement.

After the mass murder of children at a Connecticut elementary school in late 2012, Yee stood before cameras and said, “As a father, I have wept for the parents and families who lost their precious children.”

But at a San Francisco coffee shop in January, according to the FBI affidavit, Yee told an undercover agent pretending to be a mafioso seeking a $2-million arms deal: “Do I think we can make some money? I think we can make some money. Do I think we can get the goods? I think we can get the goods.”

The next month at a San Francisco restaurant, Yee allegedly took an agnostic stance about arms dealing, telling the agent: “People want to get whatever they want to get. Do I care? No, I don’t care. People need certain things.”

Yee allegedly told the agent he could arrange the arms sale from Muslim rebel sources in the Philippines and asked for a list of the desired weapons. “Mobile, light and powerful,” the agent replied.

And why was the veteran politician scumbagging on the dark side and risking prison, according to the FBI? Two reasons: to retire a $70,000 debt from his failed 2011 San Francisco mayoral campaign, and to help fund a bid this year for secretary of state, California’s chief elections officer.

Secretary of state? A second-tier ministerial job? Talk about a guy with warped priorities.

But Yee allegedly kept promising the supposed mobster that he could be of great help to him in the office. How? By fixing elections?

What gets into the twisted minds of such politicians?

Basically, I agree with Senate leader Darrell Steinberg (D-Sacramento), who told me: “I think character and integrity are formed much earlier in life.

People are who they are. They come here pretty well formed. If anything, this atmosphere accentuates the positive character of many and the negative character of others.”

I’ve always thought that legislators pretty much represent the cross-section of society. There are rotten apples in all walks — embezzling accountants, Ponzi-scheming financiers, shady salesmen.

And there are earnest do-gooders. Steinberg is one, although he’s now facing a legacy of having inadvertently presided over a scandal-plagued Senate.

No question, anyone who has crooked tendencies confronts strong temptations in Sacramento.

My favorite explanation comes from the late Assembly Speaker Jesse “Big Daddy” Unruh. He mused about people getting elected, entering the Capitol and believing they had become “invisible.”

Unruh famously observed that “money is the mother’s milk of politics.” But he ultimately concluded that “the milk has soured — turned to clabber.” And he advocated public financing of campaigns.

Longtime lobbyist George Steffes, whose Sacramento career dates to Gov. Ronald Reagan, points to legislators “surrounded by people catering to them, blowing smoke at them. And they believe it.”

There’s an arrogance of power, a sense of entitlement and a protective club atmosphere.

“They don’t police themselves well,” Steffes says. “And of course, very few industries and groups do. They reflect society.”

On Friday, the Senate suspended Yee, Calderon and Wright. By law, they still will get paid.

The Senate should have booted them permanently. Showed the public it won’t tolerate even a hint of corruption.

Fat chance.

View Source

Investigating Tax Refund Fraud

A Georgia woman was recently sentenced to 27 years in prison for stealing the identities of nursing home patients and using their information to apply online for about half a million dollars in fraudulent tax refunds from the Internal Revenue Service (IRS).

Criminals who use stolen personally identifiable information to line their own pockets perpetrate a wide variety of fraudulent financial schemes, like hacking into online accounts, submitting phony insurance claims, and applying for loans and credit cards. Increasingly, though, tax refund fraud using stolThe IRS has reported a significant increase in identity theft-related tax refund fraud over the past several years. This type of crime is perceived by criminals and organized criminal enterprises as relatively easy, seemingly low-risk, and, ultimately, pure profit which can be used to fund other criminal activities…like drug trafficking, money laundering, public corruption, or even terrorism.

Anyone with a Social Security number could become a victim. But criminals who commit tax refund fraud seem to focus more on people who don’t normally file tax returns—the elderly, low-income families, students, patients at long-term health care facilities, and even the homeless. Perpetrators also target public figures like celebrities, athletes, CEOs, and politicians, as well as law enforcement, military, and government personnel…including Attorney General Eric Holder.en identities is fast becoming a favorite money-making endeavor of the criminal element.

How a scheme works. The perpetrator fills out a federal tax return online with stolen identity information and phony wage and tax withholding figures, then informs the IRS how to provide the refund (a check mailed to a certain address, a direct deposit into a bank account he controls, or, more common these days, a deposit onto a debit card in his possession).

In simple tax refund schemes, one person usually handles everything—from obtaining stolen identities to collecting refunds. But in more sophisticated schemes, there are a number of individuals assuming different roles: “ringleaders” who organize entire operations, “sources” who steal identity information, “preparers” who file returns online, and “runners” who actually collect the proceeds.

Law enforcement response. The dedicated work done by IRS-Criminal Investigation professionals is a major component of that agency’s efforts to combat tax-related identity theft. And the IRS continues to make enhancements in fraud prevention, early detection, and victim assistance as well.

But the FBI—working with our partners at the IRS and U.S. Secret Service and through liaison efforts with banks—brings valuable investigative resources to the table: our years of experience investigating financial crimes, our focus on identifying and dismantling large criminal networks, and our use of sophisticated investigative techniques. We also share intelligence and information with other federal law enforcement partners to help link investigations of criminal organizations engaged in tax fraud schemes that may be tied to illegal drugs, weapons, terrorism, or other types of criminal activity.

All of these efforts are paying off—we’ve been part of many successful cases recently (see sidebar).

And the FBI will continue to work cooperatively to investigate stolen identity tax refund fraud—we take our role in identifying and arresting those responsible very seriously. These crimes not only victimize law-abiding individuals but all honest U.S. taxpayers who ultimately foot the bill for this stolen revenue.

View Source

Gun instructors lose certification after students report too-short training

Two downstate firearms instructors have been decertified for failing to provide the required amount of training to students seeking concealed carry firearms permits, Illinois State Police announced today.

Ninety-eight students certified by the instructors did not get the full 16 hours of training required by the state to carry a hidden handgun in public, police stated in a news release.

The instructors’ names were not released, but their cases were referred to the St. Clair County State’s Attorney’s office in Belleville, near St. Louis.

Prosecutors were reviewing a range of options, police said, including cease and desist letters, restitution or criminal prosecution. Police said students reported the short-cut.

“The people of good faith who have come forward believe in law abiding, responsible gun ownership and will ensure that the integrity of concealed carry training is upheld and not twisted into a means to defraud consumers,” State’s Attorney Brendon Kelly stated in the release.

While many concealed carry students may have had prior experience, police said, students are not eligible to get credit for prior training.

State police were in the process of notifying the students that their training is invalid and their applications will be denied.

“Anyone caught abusing the system could potentially face state and federal fraud charges,” state police Director Hiram Grau warned.

Statewide, about 52,000 people have applied for concealed carry licenses, and police have awarded more than 12,000.

View Source

Cyber attacks up 32% in 2013

Crashing websites and overwhelming data centres, a new generation of cyber attacks is costing millions and straining the structure of the Internet.

While some attackers are diehard activists, criminal gangs or nation states looking for a covert way to hit enemies, others are just teenage hackers looking for kicks.

Distributed Denial of Service (DDoS) attacks have always been among the most common on the Internet, using hijacked and virus-infected computers to target websites until they can no longer cope with the scale of data requested, but recent weeks have seen a string of particularly serious attacks.

On Feb. 10, internet security firm Cloudflare says it protected one of its customers from what might be the largest DDoS documented so far.

At its height, the near 400 gigabyte per second (gbps) assault was about 30 percent larger than the largest attack documented in 2013, an attempt to knock down antispam website Spamhaus, which is also protected by Cloudflare.

The following day, a DDoS attack on virtual currency Bitcoin briefly took down its ability to process payments.

On Feb. 20, Internet registration firm Namecheap said it was temporarily overwhelmed by a simultaneous attack on 300 of the websites it registers, and bit.ly, which creates shortened addresses for websites like Twitter, says it was also knocked out briefly in February.

In a dramatic case of extortion, social networking site Meetup.com said on Monday it was fighting a sustained battle against hackers who brought down the site for several days and were demanding $300 to stop. It would not pay, Meetup CEO Scott Heiferman told Reuters.

DDoS attacks were at the heart of attacks blamed on Russian hackers against Estonia in 2007 and Georgia during its brief war with Russia in 2008. It is unclear if they played a role in the current stand-off between Moscow and Ukraine in which communications were disrupted and at least one major government website knocked out for up to 72 hours.

A report this month by security firm Prolexic said attacks were up 32 percent in 2013, and a December study by the cyber-security-focused Ponemon Institute showed them now responsible for 18 percent of outages at U.S.-based data centres From just 2 percent in 2010.

The average cost of a single outage was $630,000, it said.

“It’s really a game of cat and mouse,” said Jag Bains, chief technology officer of Seattle-based DOSarrest, a firm that helps government and private-sector clients protect their sites.

“I’d like to say we are ahead, but I just don’t think it’s true.”

As well as growing in volume, he said attacks were becoming much more sophisticated in targeting the most vulnerable parts of websites, making even a small attack much more effective.

The aims of attackers include extortion, political activism, providing distraction from data theft and, for “hobbyist” hackers, just testing and showcasing their skills, security experts say.

Other victims in recent months have included the Federal Bureau of Investigation, Royal Bank of Scotland and several major U.S. banks, which analysts believe were targeted by Iran in response to sanctions. Iran denies the charge.


Many attacks, however, appear to be homegrown. The most popular point of origin for DDoS attacks in the last three months of 2013, Prolexic said, appeared to be the United States, followed by China, Thailand, Britain and South Korea.

As well as hijacking computers, Prolexic said attackers are increasingly targeting smartphones, particularly those using Google’s Android operating system, which by the third quarter of 2013 accounted for more than 80 percent of new phones.

Even wireless printers, experts say, have sometimes been co-opted into attacks, packed together in botnet groups. That, they warn, can put previously unprecedented cyber firepower in the hands of relatively unskilled hackers, who increasingly include teenagers.

Last year, British police arrested a 16-year-old as part of their investigations into the attack on Spamhaus, while German police arrested an 18-year-old after a DDoS attack paralysed the Saxony government website.

DDoSarrest says some of the most recent attacks it has dealt with were on U.S. universities and largely blamed on students showing off or protesting against high tuition fees.

The sheer volume of attacks means many perpetrators are never traced, and some computer security experts complain law-enforcement authorities remain reluctant to prosecute the youngest offenders.

Until recently, DDoS attacks were seen less of a threat than attempts to steal customer data or intellectual property. That, however, is changing fast.


Last year’s Spamhaus attack was described by some as slowing the entire global Internet, and most experts agree the largest attacks can slow access across entire regions. Cloudflare says there were anecdotal reports of slowness in Europe during the latest attack.

Crashing data centres can wreak havoc with other services based there, including phone systems and vital industrial facilities.

The Ponemon report showed DDoS attacks are now the third largest cause of outages after power system failure and human error, outstripping traditional causes such as weather events.

Even if attacks do not succeed, the cost of mitigating them is rising fast, providing many millions of dollars of business for firms such as Cloudflare and Prolexic, taken over last month by Akamai Technologies for about $370 million.

Namecheap, which aims to offer cut-price hosting for websites, said it had already spread its data centres across five countries and three continents to better handle constant attacks but was still overwhelmed by the roughly 100 Gbps incident.

Attacks on that scale, Prolexic says, now occur several times a month and are now frequently so complex and fast moving that automated systems can no longer tackle them.

Prolexic itself runs a permanently manned operation centre at its headquarters in Florida, allowing it to keep one step ahead and instantly move material between data centres.

“It’s very hard to know what to do,” said Alexander Klimburg, a cyber security expert at the Austrian Institute for International Affairs currently on exchange at Harvard Kennedy School of Government. “The tools to do this can be purchased online incredibly cheaply, while the damage they can do and the cost of mitigating it is exponentially higher.

View Source