Spyware bank frauds uncovered in US and South Africa
21 July 2003 | 7031 views | 0
Police and banks in South Africa and the US are urging customers to be extra vigilant when transacting online following two recent incidents in which fraudsters used key-logging software to successfully steal customer identities and bank account details and siphon off cash into scam accounts.
In a federal court in Manhattan last week, JuJu Jiang, 24, of Flushing, New York, pleaded guilty to five-counts of computer fraud and software piracy, following a ten-month scam in which he installed keylogging software on computer terminals located at Kinko's stores throughout Manhattan to surreptitiously record keystroking activity and collect computer usernames and passwords.
Jiang also admitted that he then used the confidential information he obtained to access, or attempt to access, bank accounts belonging to at least 15 persons, and fraudulently open on-line bank accounts.
He was caught when one of his intended victims heard his home PC switch on and observed the cursor opening files as if by remote control. Afterwards, the victim saw his machine open a new bank account at online payment transfer service neteller and attempt to access his American Express corporate card.
Jiang is being held in custody while awaiting sentencing.
In South Africa, Absa has admitted that at least three Internet banking customers have lost money from their accounts in a similar fraud. A further six cases are under investigation.
"Fraudsters are beginning to realise how difficult it is to breach bank security systems and are now targeting the home computers of account holders by stealing their electronic identity, mainly their PIN and access account numbers," says Richard Peasey, Absa group information security officer.
It is understood that the criminal behind this latest scam stole R530,000 from Absa accounts before the crime was detected. Peasey says the bank's forensic team is working with the police in an attempt to track the culprit.
He says the bank has called a meeting of all information security officers in the national banking industry to find ways of stopping this form of crime.
"At Absa and all the other banks, the peace of mind of our clients is our first priority and whenever we as the industry are faced with a new security problem like this, we work together to ensure the safety of clients' money," says Peasey.
According to figures released today by Gartner, seven million US adults, or 3.4 percent of US consumers, were victims of identity theft during the 12 months ending June 2003. This represents a 79% increase over the 1.9% rate reported in a Gartner consumer survey concluded in February 2002.
The analyst group says banks must implement solutions that effectively screen for application fraud, so they don't wrongfully extend credit to identify thieves.
Says vice president and research director Avivah Litan: "Without industry prevention efforts, consumers whose identities have been stolen will continue to bear the brunt of social and indirect economic costs."