Slashdot Mirror

← Back to Stories (view on slashdot.org)

Corporate Identity Theft on the Rise

Posted by michael on from the hello,-Mr.-Microsoft? dept.

prostoalex writes "As millions of Americans lose their identities to online and offline thieves, a new kind of crime has been cooked up by the criminals who are not bothering with doing pesky credit card charges. They steal entire companies, opening up merchant accounts for existing businesses and running up charges from aforementioned stolen credit card numbers. What's worse, is that the hole the criminals exploit seems to be built into the system. According to Bob Sullivan from MSNBC, "Many of the processing firms interviewed for this article claimed they caught on to the fraud after the transactions had cleared, but before the suspects had withdrawn the money from various checking accounts around the country. One did concede, however, that the scheme has real potential.""

19 of 193 comments (clear)

  1. Hmmmmm..... by FatherKabral · · Score: 5, Funny

    I wonder if Microsoft accepts credit cards.....

  2. This happened to the TV show punk'd by Fr05t · · Score: 5, Funny

    Ashton was quoted saying, "Dude where's my company."

  3. seems it would be by Prince+Vegeta+SSJ4 · · Score: 4, Insightful
    just as easy, and potentially more profitable.

    All you would need is a legit FEIN, and real or forged Articles of Formation. Maybe an operating agreement. Open a bank account and VOILA!

  4. Fraud != Theft by Theseus192 · · Score: 4, Interesting

    I hate it when the mass media call it "identify theft." If someone impersonates me, he's not taking away my identity, he's committing fraud.

    Repeat after me... intangible and intellectual "property" cannot be "stolen." It can only be used in unauthorized ways.

    --
    If stupidity got us into this mess, then why can't it get us out? - Will Rogers
  5. Good Idea by alarocca · · Score: 5, Insightful

    I love these articles that outline great ways to break the law. Like the one a while back about how to open a kryptonite U-Lock with a pen. It used to be hard to come up with great criminal schemes...now you just have to watch the news.

    1. Re:Good Idea by Rev.+DeFiLEZ · · Score: 5, Insightful

      Security through obscurity never works. The only thing putting on the news does is create outrage until the problem is fixed. "criminals" (and kryptonite) knew about the u-lock bic pen weakness for _years_ (2-3) now that it is on the news, kryptonite is replacing the defective ones.

      now maybe the banks will ask the client for their goverment papers that proves they registered the bussiness.

  6. Re:As long as... by hype7 · · Score: 4, Insightful

    on the subject of questionable ethics, does anyone else wonder about the guy who said "One did concede, however, that the scheme has real potential"? Potential? Potential? Maybe "potential for abuse" would be ok, but the way that's phrased at the moment... I can see the cogs turning over in this guys head for companies to target!

    -- james

  7. MP by Anonymous Coward · · Score: 5, Funny

    And so - the Crimson Permanent Assurance was launched upon the high seas of international finance!

  8. Theft via deception = Theft by squiggleslash · · Score: 4, Insightful
    We're talking about a crime, as I understand it, that involves taking property from others by pretending to be someone you aren't. We don't talk about "Lock theft" (as in you pick a lock, get in, take what you want, and run out), but if it was unique enough for people to want to deal with it in special ways, I'm sure we would.

    I'd say it's legitimate to call Identity Theft "theft" under the circumstances, whatever your opinions are on the "proper" wording for piracy.

    --
    You are not alone. This is not normal. None of this is normal.
  9. Re:As long as... by ArsenneLupin · · Score: 5, Insightful
    They nail the AT&T's and Microsofts, and not the smalltown businesses owned by ma and pa (are there any left?), I don't have a problem with it at all. Go crooks go!

    Problem is, they do target ma and pa businesses. Indeed, apparently their scheme only works if the victim does not yet have a merchant account on his own (or else the fraudulent account would be easily flagged as duplicate...). Thus the perfect victim is a company too small to be accepting credit cards. Sorry, Microsoft will unfortunately never be the target of these gentlemen;-(

  10. Note: IRS has a new address by perdu · · Score: 5, Funny
    Dear Taxpayer, Your local IRS office address has changed. Please mail all taxes in the future to: Internal Revenue Service Box 1776 The Cayman Islands

    --
    You only use 2% of your DNA
    1. Re:Note: IRS has a new address by TykeClone · · Score: 4, Informative
      That's why you should make out your checks to the "United States Treasury" instead of the "IRS".

      This has actually been done before, and anyone can open an account for, as an example, "IsoRectal Spectroscopy" dba "IRS" and cash stolen tax checks.

      --
      A fine is a tax you pay for doing wrong and a tax is a fine you pay for doing all right.
  11. Bring on those people who roll their eyes by Featureless · · Score: 5, Insightful

    ...every time some "paranoid" person starts talking about security. You know who I'm talking about.

    They're everywhere. Nobody thinks worrying about security is cool or fun, it seems like a waste of money, a sign of mental instability, even a kind of obsessive behavior.

    Everyone much prefers to be surprised and wave their hands when things go wrong. "It's out of control. You can't stop hackers/criminals/etc."

    People have a terrible problem understanding scale. Nobody understood at Microsoft that the computer wasn't a little house in the country where you could leave the doors unlocked so occupants wouldn't have to fumble with the keys. When engineers there raised the problems they were scoffed at, disciplined. "Keep your priorities straight. Don't be paranoid." Nobody got it when the first spam was sent and we were all outraged... "What's wrong with a little spam?" How about what's wrong with 300 spam a day? It's just the "logical conclusion" - which is not logical anymore to people who don't like to be bothered thinking deeply about their responsibilities.

    The many systems our financial institutions use for identifying and tracking "consumers" are ridiculously insecure. And although the victims wail and now are allowed a few minutes a month to tell their horrible tails on 60 minutes, we as a whole seem determined to close our eyes and race grinning into the brick wall of scale again. How many hundreds of thousands of people have to have their lives ruined before colleges stop making everyone spout their social security number like it's their first name, and the mother's maiden name loses its appeal? How long before companies stop letting $5 an hour employees handle "meaningless" data (with literally no background checks or security controls) that is worth millions when properly exploited?

    This is a cultural change we need to kick off. We need to take security seriously. It needs to become uncool to roll your eyes and mock the security expert.

    --

    Want to Know How to Cheat the GPL? Read On!
    1. Re:Bring on those people who roll their eyes by infinite9 · · Score: 4, Interesting

      Actually, we tried to have fraud alerts placed in all three credit reporting agencies. The problem is that credit reporting agencies are just as bad (if not worse) than the credit card companies themselves. Since the credit card companies are their customers, and not the people they're gathering information on, they won't actually talk to you. To get a fraud alert, you have to send them a request, in writing. One of the agencies did this immediately. Another did so after a lot of harrassment. The third never did put it on. This was after following all the correct procedures. Once the fraud alerts were on, we ran into them exactly one time while applying for instant credit. In this case, it was a home depot card. The people at the store put me on the phone with their credit department. The woman asked, "Do you know why I'm talking to you?" I mentioned the fraud alert and that was it. Here's your card. No other proof was required. I bought a car without a word from the bank who wrote the loan. Fraud alerts are a joke.

      If someone gets your information, you're hosed. There's only one thing you can do. It was modded +5 funny, but another post hit the nail on the head. Burn your credit rating.

      --
      Disconnect your television. Do your own research. Draw your own conclusions. They're probably lying. Don't be a sheep.
  12. FBI Not Interested? by Anonymous Coward · · Score: 4, Interesting

    Never mistake silence for disinterest (or assent, for that matter).

    The FBI could be very interested in the Pakistan and Russian connections. However they are very unlikely to be discussing details of the case with regular civilians.

    Or they could be disinterested.

  13. Re:Stolen? by Saeed+al-Sahaf · · Score: 4, Insightful
    THIS IS NOT THEFT!!! Theft involves the physical taking of something!!

    Like credit cards with SOMEONE ELSES name on them? Like SOMEONE ELSES money or "physical" merchandise? Theft is when you steal something of value. Websters gives examples of both tangible and intagible theft.

    Besides, what's your point? Just trying to be argumentative, or perhaps justify something darker?

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
  14. Damn right the problem is built-in to the system by wowbagger · · Score: 4, Insightful

    You are damn right the problem is built-in to the system.

    The scum create an account, and charge a bunch of crap to it from stolen cards. They then extract the money and run.

    The people bilked bitch to the credit card companies.

    The card companies attempt to reverse the charges.

    The poor business who was impersonated gets stuck with the bill. At best, the company can establish its innocence, and the CC company writes the cost off its taxes.

    If the *credit card companies* were the ones who had to suffer the costs of fraud, rather than shifting it to the companies or to the taxpayer, then they would be a HELL of a lot more motivated to add stronger authentication to the system.

    As it stands now, if somebody is committing massive credit card fraud in the form of lots of small charges, and you try to bring this to the card company's attention, they blow you off because it just isn't worth their time - it is easier to just charge back to the merchants. A friend of mine who works in the order-processing chain for a large company ran into just that - he detected a fraud ring attempting to rack up a lot of charges, he called the card company and said "I'll give these guys to you with a ribbon tied around them - addresses, names, the works." "Not interested - bu-bye!"

    --
    www.eFax.com are spammers
  15. The only way to stay protected... by SomeoneGotMyNick · · Score: 4, Funny

    ...appears to be by trashing your own credit. This way your credentials will be rejected for new applications.

  16. What is particularly outrageous is ... by Presence1 · · Score: 4, Insightful

    ... that the company whose identity is misused is seen as being responsible for the losses. It is the merchant service providers and banks that should be held fully responsible -- they are the gatekeepers who failed to mind the gate, never checking the imposters' identies or association with the company.

    "For all of us, it's a tough business," Steinberg, of Merchant E Services, said. "It's a large, large problem."

    No Shit, Sherlock. It may be a large, large problem, but it is your responsibility to solve it. If you can't solve it or handle the losses, you shouldn't be in the business. Period.

    Any suggestions on how to keep the losses on the banks and service providers, instead of the businesses?