Security news
Security news20 December 2007
Bank mules arrested for part in phishing attacks, Sophos reports Account holders lent bank accounts to hackers
16 arrested for lending bank accounts to hackers.
IT security and control firm Sophos has welcomed news that Dutch authorities have arrested 14 suspects who allegedly allowed their ABN Amro bank accounts to be used by cybercriminals to store and transfer illegal funds.
According to reports, the fraudsters, based in Russia and Ukraine, set up bogus ABN Amro websites to lure the bank's customers and harvest their security details - information which was used to access their accounts and steal money. Several of these sites were hosted on the Russian Business Network, an ISP which is notorious for hosting illegal and dubious businesses, including phishing and malware distribution sites. The stolen funds were then allegedly placed in the bank accounts of the 14 ABN Amro customers, and these mules subsequently transferred the money overseas to Russia and other countries.
"The Dutch police have sent a strong message to cybercriminals of all kinds - any participation in this kind of illegal activity won't be tolerated. While these 14 suspects may not have actually carried out the phishing attacks themselves, they played a key role in the crime by allowing the fraudsters to use their bank accounts," said Mark Harris, global director of SophosLabs™. "However, in these situations it can be tricky to prove the deliberate involvement of the account holder as it's quite easy for them to claim they're simply the victim of identity theft. These arrests represent an important step in the right direction and should deter anyone trying to earn a quick buck from engaging in this type of activity."
Sophos experts note that there is a growing trend among cybercriminals to try and recruit ordinary people to help them move their illegal profits around the world. This month, SophosLabs™ detected an unusual 419 email scam which, instead of offering the typical promise of grant, lottery or prize money, purported to come from the American Red Cross and offered the recipient a job as a 'donation collector', accepting and shipping donations to people in need for various EU projects.
"In the case of this email about the American Red Cross, the real victims would be those people who glued their eyes on the compensation salary," continued Harris. "But, as with so many similar scams, you have to question why people continue to fall for it - there are very often obvious tell-tale signs that the email is a fake, and all computer users should learn to exercise a little common sense and caution when it comes to unsolicited emails."
Sophos recommends companies protect themselves with a consolidated solution which can control network access and proactively defend against the threats of spam, hackers, spyware and viruses.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
