Thursday, October 8, 2009

Operation Phish Phry Nets 100 Phishers From US to Egypt

Via ComputerWorld -

More than 50 people in Southern California, Las Vegas and Charlotte, N.C., were indicted by a grand jury in Los Angeles for scheming to steal bank account information from thousands of people in the U.S. using phishing techniques.

U.S. authorities today arrested 33 of those named in the indictments and are on the lookout for the other 20.

In addition, authorities in Egypt charged another 47 co-conspirators in connection with the same scheme, bringing the total number of people charged to 100 -- the largest number of defendants ever charged for the same cybercrime, according to the FBI.

The indictments stem from a two-year operation dubbed "Phish Phry," which involved the FBI, the U.S. Attorney's Office, the Electronic Crimes Task Force in Los Angeles and Egyptian law enforcement authorities.

FBI officials called the operation the largest cybercrime investigation in the U.S. The arrests were announced in Los Angeles by Keith Bolcar, acting assistant director in charge of the FBI in Los Angeles, George Cardona, acting U.S. Attorney in Los Angeles, and Egyptian law enforcement authorities.

The 51-count indictment, which was unsealed today, accused all of the defendants with conspiracy to commit wire fraud and bank fraud. Some of those named were also charged with aggravated identity theft, unauthorized access to protected computers and money laundering.

---------------------

Good catch indeed.

While we are on the topic of the FBI & Phishing...take a look at this video of FBI Director Robert Mueller describing how a "certain" department head in the bureau was just clicks away from becoming the next phishing victim.

Director Mueller isn't alone, I too was caught by a phisher back in my early days of college (late 90s). I was fresh and wasn't fully aware of all the tricks used by fraudsters at the time..

One day I received an e-mail from an unfamiliar person questioning me about the Nikon camera I had for sale on eBay. Since I neither owned or wanted to sell a $2000 Nikon camera...this sparked my attention immediately. Luckily the person included the ID of the item in question, which I checked and discovered it was indeed posted under my account.

Due to my poor security practices at the time, I was using the same password for my e-mail & Ebay. The attacker had posted the camera for sale and then was responding to questions from potential buyers in my own Yahoo e-mail box. He would forward them to his mail, formulate a proper reason, which he would then shuffle back thru my inbox. The attacker was smart, he would clean up my inbox so that I didn't notice the mail shuffling. But he wasn't smart enough, he forgot to delete the "sent" messages...which allowed me to discover the account he was using.

At this point, I knew he had my Ebay & my e-mail....I had to assume he had more. I changed the passwords to all web-mail and to my online banking account, which was connected to Paypal. I called Ebay and informed them that the sale was invalid and due to a comprised account, which prompted them to suspend my account - which was fine with me. Next, I wiped my computer and did a fresh Windows 2000...to ensure that any potential rookits or malware were removed. At the time I wasn't much concerned with evidence, I just wanted to shake the hacker.

Then I waited....I figured if I made it difficult for him to keep chasing me, he would cut his loses and move on to a softer target.

For about the next week or two, I noticed my online banking account would repeatedly become locked out, due to invalid log-in attempts. Clearly, the hacker was trying to get into my bank...but luckily my quick actions thwarted his plan.

After a while, I noticed the activity surrounding my accounts reduce and then disappear....I had shaken him off...finally.

This personal experience was the turning point that made me want to get into security...and ultimately lead my desire to join Castlecops PIRT and take down phishers - which I am proud to say I did.

No comments:

Post a Comment