Phishers Arrested In Eastern Europe and US

An anonymous reader writes to let us know about the roundup of a phishing gang by the FBI and authorities in Poland and Romania. 18 arrests were made in what the FBI calls "Operation Cardkeeper." The gang has allegedly been selling stolen identities and information on credit cards and bank accounts since at least 2004. To remind us what a drop in the bucket such international operations are, the article says: "The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January."

Romania????

[adinu79]

I see nowhere in the article a mention about Romania. I know we've had our share of online scam artists, but mentioning Romania any time something like this comes along is just plain ridiculous.

Re:Romania????

[El+Torico]

Other articles noted that the investigation includes Romania - http://www.net-security.org/secworld.php?id=4352.

This article in the Washingtonn Post appears to be the most comprehensive - http://blog.washingtonpost.com/securityfix/2006/11 /14_arrested_for_credit_card_ph_1.html

Convictions?

[j00r0m4nc3r]

We read about these busts quite frequently, but I wonder what percentage of these guys are actually convicted and jailed.

Re:Convictions?

[ReidMaynard]

They are sentenced to eating Filet-O-Phish for eternity.

Re:The real question is:

[brian1078]

No, no, no... Everyone knows that Canada is the 51st state.

Not really just a drop in the bucket

[TheFlyingGoat]

The Washington Post is slashdotted, so I can't read the article, but I doubt this is just a "drop in the bucket". A group of 18 is likely to have more than a single phishing website. More than likely they'd have over 100. That's still just 1% of the sites out there, but it's at least something. Also, if there were other people in this phishing group, those people would be stongly deterred from phishing in the future. It also serves as a preventative against additional people getting into phishing. At least something is being done about these crimes.

Re:Moo

[DenDude]

No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

I guess you missed the part of the article that stated:

Working with international authorities, the FBI also assisted in the arrests of 11 people in Poland believed to be connected to a network of online fraud forums. The FBI said it had traced a series of phishing attacks from late 2004 back to members of the Polish ring. (emphasis is obviously mine)

And after doing things like that you still wonder WHY OH WHY you're not very liked in Europe?!

I already know the answer to that. You people (and by you people, I don't mean all Europeans, just you asshole haters) are simply hateful, jealous, mean spirited, and look for *any* opportunity to bash America. You didn't even Read The Fine Article, you just read FBI - Poland - Arrest, and assumed that the FBI was there trouncing on you like the Wermacht after the Reichstag fire.

FWIW: I lived in West Germany from 82-85, when the Baader-Meinhoff gang was kidnapping and killing Americans. Oh yeah, and car bombs that blew up the American Air Force Base and the Civilian Airport near it in 1985. Remember, that was 20 years ago. The attitude there has not changed much; we were hated then, and we are hated now. I will say, however, that as bad (IMO) as the reasoning for the Red Army Faction and the Baader-Meinhoff gang was (communist), at least they had an ideology behind them, not just a compete hate of everything based on feeling.

Like I've said in the past, if an American scientist discovered something that cured all illnesses, and no one *ever* died prematurely, you asshats would whine about overpopulation.
Typical of the America hating group that loves to tout "tolerance".

If we can count them...

[Nom+du+Keyboard]

more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January.

If we can count them, why can't we shut them down?

Re:Arresting these people is pointless

[sobachatina]

Tricking someone out of their bank account info is fraud and using that info to debit money without authorization is theft- both of these are illegal of course.

These people may not have committed a crime in their country but that is what extradition is for.

I agree completely with you that the best solution is educating internet users however this justifies the criminal behavior of these phishers not at all.

The reverse authentication problem

[140Mandak262Jamuna]

I have seen all kinds of tough authentication systems. My friend used to carry around a key fob with a random number generator that changes every minute. Along with his user id and password he needs to supply this random number to access his cray account. And I have seen others carrying a credit card sized challenge-and-response thingie from RSA. But all these elaborate measures are used to autheticate the user for the server.

In the phishing scenario, the user has to authenticate the server. That is the crux of the problem. The user base is vast and their technical expertise varies significantly. There is an urgent need to let the users spot phishing attacks easily and reliably. All the banks and financial institutions know it is a looming problem, still they dont do anything. Finally some lawyer sues some bank and suddently the pendulam will swing all the way to the other end and the banks will make us ALL jump through hoops of fire just to log in.