Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishers Arrested In Eastern Europe and US

Posted by ryuzaki0 on from the round-'em-up dept.

An anonymous reader writes to let us know about the roundup of a phishing gang by the FBI and authorities in Poland and Romania. 18 arrests were made in what the FBI calls "Operation Cardkeeper." The gang has allegedly been selling stolen identities and information on credit cards and bank accounts since at least 2004. To remind us what a drop in the bucket such international operations are, the article says: "The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January."

84 comments

  1. Romania???? by adinu79 · · Score: 2, Informative

    I see nowhere in the article a mention about Romania. I know we've had our share of online scam artists, but mentioning Romania any time something like this comes along is just plain ridiculous.

    1. Re:Romania???? by El+Torico · · Score: 3, Informative
      Other articles noted that the investigation includes Romania - http://www.net-security.org/secworld.php?id=4352.

      This article in the Washingtonn Post appears to be the most comprehensive - http://blog.washingtonpost.com/securityfix/2006/11 /14_arrested_for_credit_card_ph_1.html

      --
      In the land of the blind, the one-eyed man is usually crucified.
    2. Re:Romania???? by radu.stanca · · Score: 0, Troll

      MOD PARENT UP!
      There is no mention of Romania in the article, submiter sux ass!

    3. Re:Romania???? by DittoBox · · Score: 0

      Why is it "ridiculous?" If the phishing operators were located in Romania and Poland, isn't it safe to mention Romania and Poland? RTFA and you'll notice that they didn't just pull "Romania" out of their ass "just for kicks," they did it because Romania is the country in which this occurred.

      --
      Good. Cheap. Fast. Pick Two.
    4. Re:Romania???? by Anonymous Coward · · Score: 0

      As far as I'm concerned the group of phishers arested last week in Poland were from Romania.

  2. The real question is: by Anonymous Coward · · Score: 0

    What the ***** is FBI doing in MY country? Since when we're 51st state? Who do they think they are?

    1. Re:The real question is: by Anonymous Coward · · Score: 0

      Apparently they are assisting the local law enforcement in apprehending criminals.

      Great Britian is the 51st state (in all but name); that happened a bit after WW 2. Too bad we didn't use enough force on state 52 - Iraq; our annexation isn't going as well.

      They think they are a law enforcement agency; which they are.

      Got any more stupid questions?

    2. Re:The real question is: by brian1078 · · Score: 2, Funny

      No, no, no... Everyone knows that Canada is the 51st state.

    3. Re:The real question is: by ajmilton · · Score: 0

      meh, i'll bite.
      What the **** are the folks in YOUR country doing with credit card info from people from MINE? Who do they think they are?

    4. Re:The real question is: by Anonymous Coward · · Score: 0

      They think they are a law enforcement agency; which they are.


      They might be the law enforcement agency where YOU live, but HERE they are just a bunch of stuck-up americans who clearly are overusing our hospitality, and should be arrested and tried, just like anyone trying to play a policeman while not being one.
    5. Re:The real question is: by LindseyJ · · Score: 1

      Maybe if your own law enforcement could handle the problem, they wouldn't need to ask ours for help.

      And stuck-up? Talk about pots and kettles...

    6. Re:The real question is: by Anonymous Coward · · Score: 1, Funny

      Canada is an ice skating rink. It needs more than 12 people to qualify as a state.

    7. Re:The real question is: by LindseyJ · · Score: 1

      Wait, then why is Colorado a state? ;)

    8. Re:The real question is: by Anonymous Coward · · Score: 0

      And stuck-up? Talk about pots and kettles...


      Well excuse bloody me for having had the audacity to think that I was living in a sovereign country, and being pissed when I learn that that it's not exactly the case. Apparently that counts as "stuck-up" these days.
    9. Re:The real question is: by DenDude · · Score: 1
      Well excuse bloody me for having had the audacity to think that I was living in a sovereign country, and being pissed when I learn that that it's not exactly the case. Apparently that counts as "stuck-up" these days.

      You don't even have the balls to respond to *any* of the comment to your ignorant rants, and yet you still whine about the FBI arresting people in your country? I mean, you may not be a native english speaker, do there may be a problem with the translation, but geez dude, answer some of the other comments.

      You being stuck up shows when, even after you have been proven wrong in EVERY single thing you have written, you still go on about the same "FBI is in my country, zomg!!!!" garbage. Really, have you even RTFA? I mean really?

      OMG, I just realized that I have been feeding a freaking troll. My bad, everyone.

      --
      A Haiku: my language choices/assembler pascal lisp c/old school programmer
    10. Re:The real question is: by Anonymous Coward · · Score: 0

      What, do you miss the "good old days" of being part of the Soviet Empire and existing under the rule of the sadist Coucescu? You truly suck.

    11. Re:The real question is: by Anonymous Coward · · Score: 0
      You don't even have the balls to respond to *any* of the comment to your ignorant rants, and yet you still whine about the FBI arresting people in your country? I mean, you may not be a native english speaker, do there may be a problem with the translation, but geez dude, answer some of the other comments.

      Actually it's the Slashdot's "Slow Down Cowboy!
      Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment." that prevents me from answering all the posts that I'd like to answer.

      Look, I'm sorry for sounding trollish, but I think you can understand why I got all jumpy after having learned that police force of country that BOTH has capital punishment, AND maintains Guantanamo prison (with torture, and all associated niceities) suddenly shows up in my contry, and, quoting directly from TFA "assisted in the arrests" (note: not in tracking down, finding, etc but in actual arrests!) of some of ours citizens! What buisness does the FBI have assisting in arrest on foreign soil? So that they can beat them up or scare the suspects into confessing? Perhaps even point guns at them?

      And of course there is another issue - mainly about the validity of "evidence" the FBI has provided - especially with how much does its existence have to do with the suspects having been phishing, and how much does it have to do with their political views, and FBI's eagerness to supress them? For example those concerning war in Iraq? Have they been phishing, or have they just been to vocal in decrying the war? Especially when this news hits slashdot on the same day that our local websites run story about your embassador having demanded (that's right, demanded) that we dismiss our Education Minister (who, I'd like to remind you, holds his post as a result of democratic proces) just because he called for a dispute about the validity of war? And especially considering how easily this evidence (which likely consists of web logs) can be fabricated? And what your government has been willing to do to it's OWN citizens to stop "bad" viewpoints from spreading? Free speech zones anyone? "Friendly" visits from FBI to dissidents? Every day you hear a story about another calamity Bush has commited against opponents of war in Iraq from his own country, yet you trust them enough not to fabricate evidence to silence some FOREIGN citizens? Well, I don't. Especially because my country is one of the major supporters of US mission to Iraq, and, "incidently" just as that support seems to be swaying THIS happens.

      and I'm not just some mindless America-hater - I admit that you did right many things that Europe did wrong. But I will not stand silent when I see your police force in here, doing anything more than a casual visitor would be allowed to - like going and helping with arrests.

      And to answer other posts, because I don't really want to wait another hour before slshdot allows me to do so in the proper place: yes, Poland does have an extradition treaty signed with the US. I never said otherwise (though that may be what you understood). What I mean is that this treaty is not worth the paper it's printed on, as late, and not so late events show, and despite what is printed on paper, it's nigh impossible to have US citizen extradited to Poland for his crimes in Poland. Though you likely wouldn't know, because it probably was not on your news.

      And don't you think that "FBI is in my country, zomg!!!!" is a kind of proper reaction considering what they have been doing in the USA? You might be used to threat of being tortured, held indefinietly without charges, being paid "friendly visits" for having dissenting opinion, sentenced to death, but most of the civilized world isn't used to that and IS going to freak out when they learn that may no longer be the case. Would YOU like it if police force from North Korea showed up in your country and assisted in arrests of people allegedly commiting online crimes against North Korean citizens?
    12. Re:The real question is: by Proz512 · · Score: 1

      And Wyoming is a blank square.

    13. Re:The real question is: by DenDude · · Score: 1
      that police force of country that BOTH has capital punishment, AND maintains Guantanamo prison (with torture, and all associated niceities)

      Here is one of the problems. We do have capital punishment, and I can see why some people are against it. HOWEVER, in the extradition treaty, it is specifically stated that if one country has capital punishment, and the other does not, an agreement can be made that the person being extradited will not be executed. That would be up to your government. In fact, we had the same thing with France. Ira Einhorn killed his girlfriend, and then moved to France. France would not extradite them without the assurance that he would not be executed. So the capital punishment thing will not matter in this case or any other.

      As far as Guantamo, again, that has NOTHING to do with this argument. Do you think that the phishers are going to be put there? If not, it's not an issue, if you think they will, then you have the issue.

      quoting directly from TFA "assisted in the arrests" (note: not in tracking down, finding, etc but in actual arrests!)

      "Assisting in arrests" can be anything from giving the addresses to actually going in with handcuffs. However, I really, really doubt that your government would allow our FBI to arrest anyone in your country. Besides, the FBI has no jurisdiction there, so it can't anyway.

      And what your government has been willing to do to it's OWN citizens to stop "bad" viewpoints from spreading? Free speech zones anyone?

      You know, I hate hearing this kind of stuff, I really do. If you had *any* idea of the different viewpoints in this country, and how vociferously they are argued, you would never doubt that this is one of the most open places or political debate on earth. We have a professor at a college that wished for "A million Mogodishus". Still works at the college. Another that said "All the little Eichmans in the Twin Towers deserved it". He also still works at the college. We can say whatever we want with *very* little trouble. You are not allowed to say certain things, like yell "fire" in a crowded theater, due to public safety, but other than those kinds of examples, you are free to say whatever you want. Want proof? Look up "Loose Change". That guy is still alive, and not being tortured in some off-shore Gulag, and he's pretty vehement about Bush being behind 9/11.

      ...demanded (that's right, demanded) that we dismiss our Education Minister

      A demand is not saying he expects to be obeyed, it's merely a strong show of displeasure. Like how Russia, France and Germany demanded that we not invade Iraq. Now, the invasion itself notwithstanding, we did not at all get pissed that they "demanded" something of us; we merely laughed and ignored it. Just like your country should when we demand something.

      it's nigh impossible to have US citizen extradited to Poland for his crimes in Poland

      Please give me some examples, as I was not aware of this at all.

      And don't you think that "FBI is in my country, zomg!!!!" is a kind of proper reaction considering what they have been doing in the USA? You might be used to threat of being tortured, held indefinietly without charges, being paid "friendly visits" for having dissenting opinion, sentenced to death, but most of the civilized world isn't used to that and IS going to freak out when they learn that may no longer be the case. Would YOU like it if police force from North Korea showed up in your country and assisted in arrests of people allegedly commiting online crimes against North Korean citizens?

      Absolutely not. Remember, North Korea is not an Ally of the US. However, if the British, French, Polish Russian or Canadian unit of international crime were allowed into my country to assist our officers, I would not have a problem with it. You are making it seem like the FBI came in and just flat out TOLD everyone there that they were going to do this. I mean, you do

      --
      A Haiku: my language choices/assembler pascal lisp c/old school programmer
    14. Re:The real question is: by rkcallaghan · · Score: 1
      DenDude wrote:
      Not sure if you know this, but the major media wants the republicans out of office in a BIG way. I mean more than anything, they want them out.

      I don't know this, and I would like to. Could you provide a link to any information on this?

      ~Rebecca
    15. Re:The real question is: by Majik+Sheff · · Score: 1

      It's MUCH easier to name the major media organizations that aren't overtly hostile to Rebublicans (real conservative Republicans, not RINOs).

      You want examples of a leftward bias in the American media? Watch CNN for an hour and listen not only to what is reported, but how it is reported. Read a New York Times from front to back and see if you can differentiate between the political news and the editorials.

      --
      Women are like electronics: you don't know how damaged they are until you try to turn them on.
    16. Re:The real question is: by Anonymous Coward · · Score: 0

      I don't want to cause a flame war here, but I can give an example of US refusing extradition when a US citizen commits a crime (negligent homicide, car accident) in a foreign country (even more, they decide to clear him out of any charges). And no, Romania doesn't have a capital sentence anymore.

      http://english.people.com.cn/200602/02/eng20060202 _239783.html

      As for my view towards the article, I agree to the fact that local authorities should support foreign ones in arresting and sentencing criminals, especially when it's about acts like this that ruin a country's reputation outside.

    17. Re:The real question is: by rkcallaghan · · Score: 1

      It's pretty easy to be to the left of the Bush administration; but that's not evidence that they "want them out of office in a BIG way". Show me where they're promoting the election fraud information, show me the cries for impeachment, something that qualifies as actually trying to get them out of office.

      I haven't seen it yet. The simple fact is, the Bush administration is FAR right, much farther to the right than the democrats have ever been to the left. Compared to the rest of the world the democrats are the right. Your reply just sounds like the same old "Clinton News Network" vs "Faux News" party spew.

      ~Rebecca (yea, I got trolled)

  3. Convictions? by j00r0m4nc3r · · Score: 2, Insightful

    We read about these busts quite frequently, but I wonder what percentage of these guys are actually convicted and jailed.

    1. Re:Convictions? by ReidMaynard · · Score: 2, Funny

      They are sentenced to eating Filet-O-Phish for eternity.

      --
      -- www.globaltics.net

      Political discussion for a new world

    2. Re:Convictions? by Neon+Spiral+Injector · · Score: 1

      In Romania it would be the Sheriff making them eat Mister Phish.

    3. Re:Convictions? by vally_manea · · Score: 0

      Huh?
      What does that mean?

    4. Re:Convictions? by Technician · · Score: 1

      We read about these busts quite frequently, but I wonder what percentage of these guys are actually convicted and jailed.

      I hope it is enough to reduce the number of e-mail messages I get telling me of problems with my non-existant e-bay account.

      --
      The truth shall set you free!
  4. Moo by Chacham · · Score: 1

    An anonymous reader writes to let us know about the roundup of a phishing gang by the FBI and authorities in Poland and Romania.

    Poland and Romania have an FBI?

    --
    Have you read my journal today?
    1. Re:Moo by Anonymous Coward · · Score: 0

      No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

      And after doing things like that you still wonder WHY OH WHY you're not very liked in Europe?!

    2. Re:Moo by DenDude · · Score: 3, Informative

      No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

      I guess you missed the part of the article that stated:

      Working with international authorities, the FBI also assisted in the arrests of 11 people in Poland believed to be connected to a network of online fraud forums. The FBI said it had traced a series of phishing attacks from late 2004 back to members of the Polish ring. (emphasis is obviously mine)

      And after doing things like that you still wonder WHY OH WHY you're not very liked in Europe?!

      I already know the answer to that. You people (and by you people, I don't mean all Europeans, just you asshole haters) are simply hateful, jealous, mean spirited, and look for *any* opportunity to bash America. You didn't even Read The Fine Article, you just read FBI - Poland - Arrest, and assumed that the FBI was there trouncing on you like the Wermacht after the Reichstag fire.

      FWIW: I lived in West Germany from 82-85, when the Baader-Meinhoff gang was kidnapping and killing Americans. Oh yeah, and car bombs that blew up the American Air Force Base and the Civilian Airport near it in 1985. Remember, that was 20 years ago. The attitude there has not changed much; we were hated then, and we are hated now. I will say, however, that as bad (IMO) as the reasoning for the Red Army Faction and the Baader-Meinhoff gang was (communist), at least they had an ideology behind them, not just a compete hate of everything based on feeling.

      Like I've said in the past, if an American scientist discovered something that cured all illnesses, and no one *ever* died prematurely, you asshats would whine about overpopulation.
      Typical of the America hating group that loves to tout "tolerance".

      --
      A Haiku: my language choices/assembler pascal lisp c/old school programmer
    3. Re:Moo by LindseyJ · · Score: 1

      When people in YOUR country steal credit card information from people in MINE, I sure as hell hope someone over here is doing something about it.

      Idiotic finger-pointing aside, this is perfectly standard international policing pracitce. If you live in a country where your government won't protect its citizenry from international criminals, then I frankly feel sorry for you.

      *Waits for the anti-americanites to come out of the woodwork to jump all over that set-up*

    4. Re:Moo by Anonymous Coward · · Score: 1, Informative

      The FBI didn't arrest anybody in Poland. They arrested some people in Ohio, and provided information to the Polish authorities. And as far as I can tell, the only ones being charged under US law are the US citizens - those arrested in Poland will face trial there according to local law.

    5. Re:Moo by Anonymous Coward · · Score: 0

      But is' okay only when it's Amercans arresting other people isn't it? When american citizen comes to Poland, murders someone, and manages to escape to the USA he will not be extradited, but the other way - sure, any day. Never mind that unlike CERTAIN countries we don't have offshore torture camps, we don't have capital punishment, and dare we say a "fair trial" is more likely to happen here than in the USA.

    6. Re:Moo by DenDude · · Score: 1
      But is' okay only when it's Amercans arresting other people isn't it? When american citizen comes to Poland, murders someone, and manages to escape to the USA he will not be extradited, but the other way - sure, any day.

      Recalling the Extradition Treaty and accompanying Protocol between the United States of America and the [*16] Republic of Poland signed at Warsaw November 22, 1927 and the Supplementary Extradition Treaty signed at Warsaw April 5, 1935

      Look at the dates, surely that can't be right... oh yeah, here's the update:

      Important part of the letter from Bill Clinton to Congress:

      With a view to receiving the advice and consent of the Senate to ratification, I transmit herewith the Extradition Treaty between the United States of America and the Republic of Poland, signed at Washington on July 10, 1997.

      The Treaty marks a significant step in bilateral cooperation between the United States and Poland. Upon entry into force, it will replace the Extradition Treaty and [*3] Accompanying Protocol between the United States and Poland that was signed at Warsaw on November 22, 1927, and entered into force on July 6, 1929, and the Supplementary Extradition Treaty signed at Warsaw on April 5, 1935, and entered into force on June 5, 1936. Those treaties have become outmoded, and the new Treaty will provide significant improvements. The Treaty does not require implementing legislation.

      Article 1 obligates each Contracting State to extradite to the other, pursuant to the provisions of the Treaty, any person whom the Authorities in the Requesting State seek for prosecution or have found guilty of an extraditable offense.

      Do some research before you show how stupid and ignorant you really are. This is like shooting fish in a frickin' barrel already.

      --
      A Haiku: my language choices/assembler pascal lisp c/old school programmer
    7. Re:Moo by Mister+Whirly · · Score: 1

      RTFA moron - the FBI didn't arrest anybody in Poland. Nor could they, they only have jurisdiction to arrest in the US. They can assist other countries law enforcement, by I assume, giving them intelligence and information on the subjects. And the USA would extradite anybody that committed a capital crime in Poland - which you could have found out yourself if you would used the minute it took to write your ignornace filled post to actually learn something. I don't know where you are from, but please post so I can avoid your hate-filled ignorant country.

      --
      "But this one goes to 11!"
    8. Re:Moo by loraksus · · Score: 1

      The FBI and DEA took part in raids and traffic stops up here in Canada a while back. Supposedly in an "advisory" role only, but there were cases where they were pointing guns at Canadians...

      --
      1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcfv gbhnjmk,l.;/
    9. Re:Moo by Mister+Whirly · · Score: 1

      They can point all the guns they like with the Canadian Authorities approval - they just can't actually "arrest" anybody. I'm sure the US authorities were there because the case involved trafficing into the US. I'm guessing the US DEA has a little more experience with that kind of stuff than the Canadian DEA or equivalent, which was probably the other reason they were involved.

      --
      "But this one goes to 11!"
    10. Re:Moo by jedrek · · Score: 1

      No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

      The FBI has an office in Warsaw and they work with the polish police and the CB all the time. I know a guy who got a binder prepared by the FBI during the discovery period of his CC fraud case in the mid 90s.

      Tak w ogole, to niezla reakcja... niezle z dupy.

    11. Re:Moo by Phormion · · Score: 1
      Recalling the Extradition Treaty and accompanying Protocol between the United States of America and the [*16] Republic of Poland signed at Warsaw November 22, 1927 and the Supplementary Extradition Treaty signed at Warsaw April 5, 1935

      Dunno about Poland, and I don't mean to support the GP's general US bashing, but there were at least two cases of American soldiers who've killed people in car accidents in Romania, only to be quickly taken out of the country and made to stand a mock trial in the States, where they would be invariably found not guilty, or given some joke sentence. One of them killed a Romanian rock star, otherwise the whole thing might've been whitewashed. Here's some articles about that.

      Not to mention the 'hotshots' that ran into a cable car wire in Italy, killing 20 people, only to be charged in the US and acquitted. So, I would say that the GP's doubts about the US's fairness in dealing with its own people that commit crimes abroad aren't completely unfounded. Not to mention that having a certain extradition treaty doesn't mean the US applies it.

      Disclaimer: I've nothing against decent, ordinary americans who can't be made responsible for the arrogance of their government. However, it's appalling to see that there are some who are unaware of their own government's wrongdoings, and then think it's just some bad people that have a problem with the US.

    12. Re:Moo by loraksus · · Score: 1

      It was a "training" type situation where the DEA folks were telling the RCMP who (as in what to look for) to stop and search. Which I'm ok with, it's just the "get secretly invited to the country and take part in arrests and carry handguns possibly without the proper paperwork, licenses etc" thing that is a bit disturbing.

      It is basically impossible to get a carry permit up in Canada (you need written permission from "some guy" and have it planned weeks or even months in advance, etc.

      --
      1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcfv gbhnjmk,l.;/
    13. Re:Moo by Mister+Whirly · · Score: 1

      The invation wasn't "secret" - the US DEA was helping the Canadian law enforcement in an official capacity. It's not a big deal or a conspiracy - they were just offering them training and probably intelligence gathering techniques. And if the DEA agents are certified with their firearms, I'm sure it is quite legal to bring them into Canada, especially if they are working with the blessing of the Canadian government. I realize it may be harder for Canadian citizens to get conceal and carry permits, but I am guessing that law enforcement agents are allowed, even under the strict conditions.

      --
      "But this one goes to 11!"
  5. ...if my mail is any indication... by mythosaz · · Score: 1

    ...then things are at an all-time high. I can hardly delete fake PayPal, eBay and banking phishing emails fast enough. I do legitimate eBay sales and the phishers get more sophisticated every day -- well, at least their formatting has gotten better.

  6. Not really just a drop in the bucket by TheFlyingGoat · · Score: 3, Insightful

    The Washington Post is slashdotted, so I can't read the article, but I doubt this is just a "drop in the bucket". A group of 18 is likely to have more than a single phishing website. More than likely they'd have over 100. That's still just 1% of the sites out there, but it's at least something. Also, if there were other people in this phishing group, those people would be stongly deterred from phishing in the future. It also serves as a preventative against additional people getting into phishing. At least something is being done about these crimes.

    --
    You have enemies? Good. That means you've stood up for something, sometime in your life. --Winston Churchill
    1. Re:Not really just a drop in the bucket by RareButSeriousSideEf · · Score: 1

      Probably more than that even, especially if they have any sense of templating & code re-use.

      I hope we find out. It'd be nice to get some forensic details on their operation out into the open.

      --
      Pi Ran Out
  7. no mention to Romania in the article by swatthatfly · · Score: 1

    I read nothing about Romania. The article talks about US and Polish citizens. Maybe anonymous submitters should be scrutinized a tad more by the editors.

    --
    keyboard not found! press any key to continue...
    1. Re:no mention to Romania in the article by Anonymous Coward · · Score: 0

      No mention in this article, but at least this article does...

      http://www.theregister.co.uk/2006/11/03/operation_ cardkeeper_phishing_arrests/

      Google for similar articles, you'll see Romanian individuals involved.

  8. More articles by DeQuincey · · Score: 1

    One from The Register: http://www.theregister.com/2006/11/03/operation_ca rdkeeper_phishing_arrests/

    And the Wired article sited by The Register:
    http://www.wired.com/news/technology/0,72064-0.htm l?tw=wn_index_1

  9. Arresting these people is pointless by cdrguru · · Score: 1

    They haven't committed any crime in their own country, for starters. They may not have committed any crime in the USA, either. I am completely unaware of any laws against tricking someone into giving out their banking information.

    The Internet is pretty much a consequences-free zone. You can do anything you like there, such as stealing or what would be considered a hate crime in the offline world and never get prosecuted for it. You can see examples of this every day. And just about every "Internet prosecution" you do see is very selectively done or someone stepped way, way over the line.

    Phishing and the public awarenesss of it is one way to keep people away from the Internet if they don't believe they can tell the difference between the real Ebay and the fake one.

    1. Re:Arresting these people is pointless by Anonymous Coward · · Score: 0

      I am completely unaware of any laws against tricking someone into giving out their banking information.

      Oh, so this whole elaborate "criminal" operation was nothing more then acquiring credit card numbers through trickery but not actually using those credit card numbers once they got them? Yeah, and I'm sure there is absolutely no evidence to support the accounts were being used and this whole investigation and arrests were just an multi national police force scam. Interesting thought you have on this.

    2. Re:Arresting these people is pointless by sobachatina · · Score: 2, Insightful
      Tricking someone out of their bank account info is fraud and using that info to debit money without authorization is theft- both of these are illegal of course.

      These people may not have committed a crime in their country but that is what extradition is for.

      I agree completely with you that the best solution is educating internet users however this justifies the criminal behavior of these phishers not at all.

    3. Re:Arresting these people is pointless by kbob88 · · Score: 1
      I am completely unaware of any laws against tricking someone into giving out their banking information.

      Ever hear of fraud?
    4. Re:Arresting these people is pointless by novus+ordo · · Score: 1

      What if somebody writes their banking information on their forehead and walks around? Would everyone that took note or memorized it be breaking the law? What happened to personal responsibility? I have seen scams worse than this in the "real world" and the people never get prosecuted. They hide behind their small print and their armies of lawyers, not the Internet. So much for justice.

      --
      "You're everywhere. You're omnivorous."
    5. Re:Arresting these people is pointless by Mister+Whirly · · Score: 1

      "The Internet is pretty much a consequences-free zone."

      I see people that think like this all the time being busted trying to meet 13 year olds for sex on Dateline MSNBC... And anything you do on the internet is as illegal as doing it in the real world - being online isn't like being in "international waters" or anything...

      --
      "But this one goes to 11!"
    6. Re:Arresting these people is pointless by ShibaInu · · Score: 1

      Dude, you can memorize my banking information all you want. However, if you fucking take money from me without authorization, that is theft and is illegal pretty much everywhere. Your stupid rant about personal responsibility is sadly misplaced - how about not trying to rip people off?

    7. Re:Arresting these people is pointless by novus+ordo · · Score: 1

      No, sorry wrong. You fail to realize what phishing is all about. You give your information away voluntarily. Nobody breaks into your house, rapes your dog and steals your kittyfood. It's no different than any other scam. When you give your information away like that you place your responsibility into someone else's hands. Sure, they are responsible for any abuse, but you are responsible for providing that information. I don't care where you are, but giving somebody your wallet because they "Wanted to look at it" and then running off with it will get your ass laughed out the court. What is it they say? "Fool me once, shame on...you, fool me twice.... You cant get fooled again!"

      And BTW I doubt these people will get charged with 'theft' rather it will be more along the lines of fraud and conspiracy. And AFAIK ripping people off is not illegal, it's called "business." Welcome to America, hope you stay long. Our reach is.

      --
      "You're everywhere. You're omnivorous."
    8. Re:Arresting these people is pointless by FusionDragon2099 · · Score: 1

      Having the banking information is not the crime. Obtaining it by posing as a legitimate business and then cleaning out bank accounts is.

    9. Re:Arresting these people is pointless by Bing+Tsher+E · · Score: 1

      And AFAIK ripping people off is not illegal, it's called "business."

      I doubt if 'ripping people off' has any legal defintion at all.

      Nice ad homeim about 'business' there, btw. I take it you sell the Militant on your days off.

    10. Re:Arresting these people is pointless by jedrek · · Score: 1

      The Internet is pretty much a consequences-free zone.

      Only in some ways. For example, it allows you to talk out your ass with an air of authority.

      As much as you'd like to think the laws in Europe and the US differer oh so much, they don't. Stealing is stealing, and it's pretty much illegal everywhere in the world that has running water. I don't know about Romania, but in Poland you can and will do time for CC fraud, bank fraud and income tax evasion. With our strict personal data laws, you can get time for selling/distributing people's non-private data (PESEL/NIP [our SSN equivs], address, name) without their permission.

      Why am I writing this with such an air of self righteousness and authority? Let's just say I remember my friends' 'got out of jail' parties really well.

    11. Re:Arresting these people is pointless by mgblst · · Score: 1

      being online isn't like being in "international waters" or anything...
       
      But it is, I can say anything I won't on an online forum or instant message, there is nothing illegal.

      It is when you use the internet to do illegal things in the real world. I can arrange to meet a 13 year old kid for sex as much as I want, but when I actually turn up, that is when it gets illegal. I can offer to sell you a bridge every day, but when I actually take your money, that is when problems arise.

    12. Re:Arresting these people is pointless by Anonymous Coward · · Score: 0

      If I hand over my car key to an auto mechanic to perform work on my car and instead, he takes the car and sells it, is that a crime? What if he makes a copy of the key and comes to my house later and takes the car?
      What if I give the pool repair man permission to enter my yard and work on my pool but he also takes my lawn mower?
      What if I pay a contractor a down payment to start paving my driveway but he never comes back and starts the job?

      People should be aware of their surroundings and use caution but that does not change the fact that fraud and theft are crimes.

  10. Operation Cardkeeper? by HolyCrapSCOsux · · Score: 1

    Who comes up with operation names? And why? Might be a bit offtopic, but seriously. Cardkeeper? What about operation Gone Phishing?

    --
    0xB315AA8D852DCD3F3DCA578FD2E0BF88
    1. Re:Operation Cardkeeper? by griffjon · · Score: 1

      Or "Operation Phishers of Phishers of Men"

      --
      Returned Peace Corps IT Volunteer
    2. Re:Operation Cardkeeper? by Briareos · · Score: 1

      "Operation Phisherman's Phriend?"

      Or do they phear being litigated by L0phthouse? :P

      np: Underworld - Pizza For Eggs (RiverRun Project)

      --

      "I'm not anti-anything, I'm anti-everything, it fits better." - Sole

    3. Re:Operation Cardkeeper? by shdwclone · · Score: 1

      Hey, I got my rod and tackle box ready! Did someone say Mission Impossible? Sierr! Then again that dream I had last night about the Loch Ness Monster, reeling it in, that was a nightmare - call that a mission impossible! Ops, Sorry off the topic! Just that "gone phishing" triggered ME memory path, and my instincts just wondered off with imagination.

    4. Re:Operation Cardkeeper? by mgblst · · Score: 1

      There is one guy who comes up with all the names. That is his whole job. I think he may be related to the president. Well worth it.

  11. A Bad Day At Work... by Esion+Modnar · · Score: 1

    beats a good day phishing. At least if you're these guys.

    --

    They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
  12. Interesting by Anonymous Coward · · Score: 1, Funny

    To remind us what a drop in the bucket such international operations are, the article says: "The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January."

    Yes, and of course, dont forget the webstandard ..... one web site per person.

  13. If we can count them... by Nom+du+Keyboard · · Score: 4, Insightful
    more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January.

    If we can count them, why can't we shut them down?

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
    1. Re:If we can count them... by foamrotreturns · · Score: 1
      If we can count them, why can't we shut them down?
      Because they are hosted in countries over which US law enforcement has no jurisdiction. Eastern Europe is the biggest culprit, but they are found all over the world. It's not like we can just march in there and unplug their Internet connections.
    2. Re:If we can count them... by Anonymous Coward · · Score: 0

      I'm guessing they count them as they get shut down.

    3. Re:If we can count them... by TubeSteak · · Score: 1
      If we can count them, why can't we shut them down?
      10,000 phishing sites is probably an extrapolation based on some small sample. That's usually how such numbers are made up.

      I seriously doubt they actually counted sites, though anti-phishing companies would be a good resource for real figures.
      --
      [Fuck Beta]
      o0t!
    4. Re:If we can count them... by Zedrick · · Score: 1

      If we can count them, why can't we shut them down?

      We can, and we do - but it doesn't help much. I work for a fairly large webhost, and shut down 10-15 phishing sites per day. Next day there are 10-15 new ones, thanks to morons who are using outdated CMS'es/phpBB's or just people who have no idea what they're doing and gets their index.php injected.

    5. Re:If we can count them... by Mister+Whirly · · Score: 1

      Yep, it's probably an educated guess. Kind of like when the DEA starts quoting figures about what percentage of drugs they are stopping from entering the US. If they don't know how much they aren't stopping, how the hell can the come up with a percentage of drugs they are stopping??

      --
      "But this one goes to 11!"
    6. Re:If we can count them... by Gunstick · · Score: 1


      do you do it proactive? Like run a search robot on new files if they are copies of bank sites. Or run some network scanner which triggers an alarm if it sees the login page of yahoo/ebay/paypal etc fly by. It could even drop the connection...

      If you are annoyed by the 15 sites to shut down because people email you that there are phish sites up, it is more interesting to not make it possible to run phishing sites in the first place. The hackers will get annoyed and move to another ISP.

      good ida? bad idea?
      I know an ISP who simply blocks port 6667 because too many script kiddies attack IRC. No IRC, no problems.

      --
      Atari rules... ermm... ruled.
  14. Shoulda had a license by the_wishbone · · Score: 1

    Here in Virginia, you can get a phishing license for like $10 at tons of different places...no need to steal identities to get them, they hand them out to just about anyone. I don't know what these guys were thinking...

  15. Idea: Automated anti-phishing network? by Anonymous Coward · · Score: 0


    oh, oh, I have an idea:

    A client is made accessible to the wider public. The client autoupdates from a central database with details of known phising sites. The download contains a set of randomised data (URL, list of form fields, random credit card number that follows the validation rules) that is used by the client to submit a false set. Unlike spam address collectors where false emails have very little impact, a high number of invalid credit card purchases would hopefully make all sorts of alarm bells ring. It could potentially be fully secure and automated, aka SETI@home. More like antiphising@home.

    Workable?

    1. Re:Idea: Automated anti-phishing network? by pushf+popf · · Score: 1

      I like that a lot! It could be a SpamAssassin plugin. If the mail server gets a confirmed phish (verified with a phishing DB), it could go to the website and start filling in the form. Again and Again.

  16. The reverse authentication problem by 140Mandak262Jamuna · · Score: 2, Interesting
    I have seen all kinds of tough authentication systems. My friend used to carry around a key fob with a random number generator that changes every minute. Along with his user id and password he needs to supply this random number to access his cray account. And I have seen others carrying a credit card sized challenge-and-response thingie from RSA. But all these elaborate measures are used to autheticate the user for the server.

    In the phishing scenario, the user has to authenticate the server. That is the crux of the problem. The user base is vast and their technical expertise varies significantly. There is an urgent need to let the users spot phishing attacks easily and reliably. All the banks and financial institutions know it is a looming problem, still they dont do anything. Finally some lawyer sues some bank and suddently the pendulam will swing all the way to the other end and the banks will make us ALL jump through hoops of fire just to log in.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  17. Erratum: U.S.A. and Poland, not Romania by Corson · · Score: 1

    The article cited mentions cyber criminals in the U.S.A. and Poland, not Romania.

  18. Territory + law enforcement = yes by AdamD1 · · Score: 1

    Everybody seems to be missing a pretty crucial point here:

    If I'm a bank, and I am based in the US (say: CitiBank, or Wells Fargo, both of whom have been victims of numerous phishing attacks) and if I am the victim of an international gang who phishes my customers: guess who I have to go to to investigate? Usually the FBI and / or the SEC. If the criminals behind the phishing attack are found to be in a country other than the US, *usually* INTERPOL gets involved so they can then point me (or the FBI / SEC) to the appropriate foreign law enforcement groups.

    If the company was based in the UK, the process would be exactly the same: Scotland Yard + INTERPOL + foreign law enforcement = arrest someone in Poland, usually with links to Romania / Russia / Ukraine.

    This should be shocking to precisely nobody. What are we supposed to do: ignore it? "Oh well they're all the way over in Poland, now we'll NEVER find out who did it."

    Don't be so hair-trigger about what is and is not appropriate. If you're getting defrauded, there are tons of international avenues available for the investigation of this crime.

    Please note that when the issue is the creation or sales of weapons of mass destruction, all of the above seems to go right out the window (history has at least two examples now.) :)

    ad

    --
    Because I can! [Brainrub.com]
  19. authorities in Poland and Romania by alx.slashdot · · Score: 1

    Where's Romania in this article? I can't seem to find any reference to it...

  20. No mention of Romania by mihaicapota · · Score: 1

    There is no mention of Romania in the article.

  21. Romanian redundancy by tom_75 · · Score: 1

    Yeah, I know this is redundant, but you shouldn't tarnish Romania's reputation. It's bad enough that we have to use only European online banking sites for legitimate money transfers, cause the Americans have us classified as "card-stealing plague". I know we've had to deal with our share of malicious people, but we're pretty much out of the Middle Ages now, you know... It's really annoying when you try to buy/sell stuff through E-bay and you want to sign up for a Paypal account, only to notice that your country is "misteriously" missing from the drop-down list. Save for Moneybookers and a couple of other European sites maybe, the rest of the internet banking world has us blacklisted, and that's just wrong.