Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Track Down Banking Fraud

Posted by jamie on from the white-hatted-detectives dept.

An anonymous reader writes "Noticing some commonalities in the spam flooding their email in-boxes, a small group of hackers set out to track down who was responsible. Along the way they uncovered a trail that led them to an organized gang of criminals halfway around the world, and right back to some of the largest financial institutions in the US, and their customers, that became the gang's prey. See the SecurityFocus story for more details."

3 of 335 comments (clear)

  1. Re:Yet more proof... by Narphorium · · Score: 5, Insightful
    ..that most hackers are just out to do good.
    I don't think you can classify the hacker mentality as generally good or generally bad. It's about a knowledge and problem solving, which can be either good or bad.

    You're much better off using the black|grey|white hacker classes, although even that can be fuzzy at times.

  2. Yikes!!! I'm glad I RTFA by bobdotorg · · Score: 5, Insightful

    If you haven't RTFA, I suggest you do. Here's why:

    After nine years on the net, this is the first scam that I believe I might (though probably not, as I always show the address bar and look for the secure connection icon) have fell for.

    Having your web browser load Citibank's home page, and then swiping the info via a rogue pop-up is the sneakiest tactic I've seen.

    Even the link in the email appears to be from Citibank upon first glance.

    A exceptionally clever and well-crafted scam.

    --
    __ Someday, but not this morning, I'll finally learn to use the preview button.
  3. Even Scarier by retrosteve · · Score: 5, Insightful

    ...Much worse than "Citibank didn't care". Look down lower on the SecurityFocus report and you'll see that Citibank's own fraud reporting webpage appears to be compromised, they know about it, and they hadn't (as of publication date) tried to correct it. The email reply from the fraud page is itself fraudulent, and directs users to a nonexistent toll-free number or a private AOL email address, although it appears to come from Citibank's own servers!

    Also, there's a CNET article about the August 16 version of the scam, reported on August 18, 2003. The article is supposed to be here at http://news.com.com/2011-10173-5065394.html?tag=ma instry (Link)

    But when you check that link, it first comes up, then a second or two later gets redirected to a search page claiming that the article is "expired".

    Strangely, the CNET search page (which searches on terms similar to the title) comes up with 2 flattering articles about Citibank's quality process, one dated 2002, the other dated 2000. Neither of those articles has "expired". Draw your own conclusions here.

    For those who aren't too quick on the mouse, part of the text of the "expired" article is here:

    Citibank, a division of Citigroup, said "numerous" people received the e-mail, which purported to advise them of conditions affecting their accounts.

    It said the e-mail linked to a Web site that looks like Citibank's, and asked customers for their Social Security numbers, a form of identification. Scammers can use such data to obtain credit cards or access to bank and other accounts.

    The bank urged recipients to delete the e-mail and call the customer service number on their automatic teller machine cards. It said that the company is working with law enforcement and that its systems have not been compromised.

    SecurityFocus notes that Citibank should know the exact number of people who came to their website from the fraudulent redirection, although officials there claim not to know. It also seems unlikely that Citibank's systems were not compromised, considering the email replies that came from their "report fraud" webpage.