The Houston Press reports three men have been indicted for going to local ATMs and putting in overlay pads to intercept and store customers’ financial info, according to the U.S. Attorney’s Office. Jason Michael Lall, 38, John Pierre Griffin, 32, and John DaSilva Paz, 27, hid themselves from security cameras by blocking them with vehicles or spray-painting them, and then installed the devices in otherwise normal-looking official bank ATMs. The information captured from the various ATM machines was then re-encoded onto fraudulent cards that were used to withdraw money in excess of $400,000 from various area bank locations.
The Log Cabin Democrat reports officials with the Conway Arkansas police department are investigating a banking scam that has affected the Conway area. Nearly two-dozen police reports were filed from customers of various banks in the community who claimed that money had been taken from their accounts without their permission. Luther Guinn, Deputy Bank Commissioner of the Arkansas State Bank Department, said this type of scam, known as “skimming,” is something that has not been predominant in central Arkansas.
CNN Money reports for decades, Internet scams have been as numerous as they’ve been easy to spot — but fraudsters’ tools and tricks are now becoming more sophisticated. Those poorly written spam e-mails often seem more annoying than threatening, but they can wreak financial havoc on their victims. Internet fraudsters have traditionally preyed on the vulnerable, including older victims who aren’t as well versed in computer technology. But scammers’ skills at deception have improved so greatly over the years that even seasoned Internet users often have to do a double take before they realize they’ve been duped. For instance, a widely used, relatively new scheme that’s difficult to detect, features pop-up notifications that look just like antivirus software alerts. They usually say something to the effect of, “Your computer has been infected with 49 viruses, click OK to quarantine them.”
SmartBriefs for CFOs cites a Wall Street Journal article noting security specialists say computer hackers are moving on to the small-business community in their search for targets. U.S. Secret Service data show that 63% of attacks in 2010 were aimed at companies with fewer than 100 employees, while Visa says 95% of the card-data breaches it sees are from small-business customers. Experts blame smaller security budgets and lower levels of technical expertise, with one survey showing that about half of small businesses had conducted a system-wide security assessment.
The Washington Post reports EMC disclosed that it spent $66 million in its second quarter to deal with a cyber attack that compromised its RSA Security division. EMC spent the $66 million on transaction monitoring for its corporate customers who worried that their RSA security tokens – long considered the gold-standard for protecting sensitive data – had been compromised in the attack. EMC also offered replacements to any company that requested them.
Bank Info Security interviewed Randy Vanderhoof, executive director of the Smart Card Alliance who contends that building on existing near-field communication, or contactless NFC, technology is a possible step in bridging the gap between magnetic-stripe credit/debit cards, and the Europay, MasterCard, Visa (EMV) standard for U.S. card issuers. Vanderhoof believes there is a roadmap to evolve contactless magnetic stripe data cards to an EMV contactless format by changing the components within the card and the data elements that interact with the point-of-sale systems.
The Register reports a California man has been sentenced to more than 12 years in prison for his role in an international phishing ring that stole the identities of more than 38,000 people. Tien Truong Nguyen, 34, of Long Beach, received the 151-month sentence from US District Judge Morrison C. England, who called the phisher “a one-man wrecking crew when it comes to identity theft.” According to court documents, Nguyen and two cohorts used identities stolen from users of PayPal and other financial services to fraudulently obtain merchandise worth about $200,000 from Wal-Mart stores.
SC Magazine reports Sony’s insurer is contesting any obligation to cover the electronics giant for costs related to lawsuits filed over its massive PlayStation Network breach earlier this year. In a complaint filed with the state Supreme Court in New York, Zurich American Insurance Co. is seeking “declaratory relief” from having to defend and possibly compensate Sony over class-action lawsuits or state Attorneys General actions filed in response to the breach. The complaint contends that Sony has been named in 58 class-action lawsuits, including three in Canada. Zurich argues that it is not liable to indemnify Sony for these costs because its policy with the company only covers claims for bodily injury, property damage or personal and advertising injury. Sony’s policy contains “certain exclusions” related to “class-action complaints and miscellaneous claims,” according to the complaint, filed Wednesday
CNN Money notes digital security is no longer an issue you can relegate to the IT department. Top-level execs need to be in on the discussion from the start. If a team of mastermind computer experts wants to hack your company’s network, it probably will. But if any rookie hacker with some time to kill can crack your system, that’s a problem. And the problem doesn’t start with poor technology; it starts with management.
Memento Security reports Utah bank officials are warning residents not to fall for a scheme – known as phishing – that involves fraudulent text messages being sent from a number claiming to be Wells Fargo and asking for personal account information. Washington County resident Tony Calderon said he received a text message from the number 888-381-7671, and when he called the number, an automated message said there was something wrong with his Wells Fargo account.
