Share This

Showing posts with label Internet scams. Show all posts
Showing posts with label Internet scams. Show all posts

Friday 13 September 2013

Prevent ATM thieves and cyber crimes on the rise

Banks to arm machines with ink bombs to stain stolen notes


PETALING JAYA: Thieves who rob automated teller machines will be left with worthless pieces of paper if a Bank Negara proposal is put into place. Dye bombs are to be placed in the ATMs and if anyone tampers with the machines, the “bomb” goes off, leaving the notes stained in red and easily recognisable as stolen money.

Bank Negara, in its guidelines on Dye-Stained Banknotes dated Aug 26, is calling on both banks and Cash in Transit Companies to consider using the currency protection device (CPD) to deter ATM theft.

Local security company Extro Code Sdn Bhd demonstrated yesterday a CPD or dye pack which is already available in the market.

Its technical director Mohd Zaki Sulaiman said that once installed, the dye pack would be triggered when someone tries to break into the ATM.

“The device is like a smoke bomb which releases the ink onto the stacks of banknotes in the ATM,” he said.

Mohd Zaki said there’s no actual explosion but there is some heat when the CPD is triggered.“The actual triggering mechanism is a trade secret,” he added.

He said the ink called Disperse Red 9 was not harmful. He said the ink was imported but the actual CPD was developed and produced locally.

Mohd Zaki declined to reveal the cost of each dye pack and the installation cost. “Who pays for the device will depend on Bank Negara and the banks,” he said.

He said there are four ATM providers in the country but installing the dye-packs in the different machines should not be a problem.

The Bank Negara guidelines state that the CPD would emit a bright coloured dye by smoke, liquid or any other agent to stain the currency in the event ATMs are broken into.

This will enable authorities and the public to easily identify the defaced stolen currency and render them unfit for use.

The guidelines also sets out conditions under which these banknotes will be replaced. Among them:
  • > The ink has to be indelible by water, fuel, gas, bleach and detergent.
  • > It must be traceable to the ATM, to assist police investigations.
  • > It must stain at least 10% of each bank note.
  • > It can be detected and rejected by banknotes authentication machines used by banks such as Cash 

Deposit Machines. >It must be non-hazardous and non-toxic.

If banks retrieved the dye-stained currency, they can submit the banknotes to the central bank for assessment.
Tellers will also be trained to detect these banknotes.

The public and retailers will be advised not to accept dye-stained banknotes as they are likely to be stolen.

These measure, Bank Negara believes, will reduce ATM robberies.

In the United States, banks have dye bombs in vaults and any unauthorised person who tries to remove any money will trigger the bomb, leaving all the money – and the robber – stained in ink.


Related stories:
9000 machines nationwide to have CPD
Cops welcome currency protection device proposal

Cyber crimes on the rise - millions of ringgit being lost annually to scams
Public awareness: (From left) Ambank deputy managing director Datuk Mohamed Azmi Mahmood, Khalid and AmIslamic Bank Berhad CEO Datuk Mahdi Morad at the launch of the Scam Alert campaign in Bukit Aman. 
Public awareness: (From left) Ambank deputy managing director Datuk Mohamed Azmi Mahmood, Khalid and AmIslamic Bank Berhad CEO Datuk Mahdi Morad at the launch of the Scam Alert campaign in Bukit Aman 

KUALA LUMPUR: Fraud and cyber crimes in the country have risen unchecked due to the lack of public awareness, while victims are hesitant to report the crime, the police said.

Millions of ringgit have been lost annually to crimes like sms scams and parcel scams, which have mostly gone unnoticed in the public eye.

In a bid to stop such crimes, the police has launched an awareness initiative on the various types of scams in the country.

Inspector-General of Police Tan Sri Khalid Abu Bakar said the initiative, under the National Blue Ocean Strategy, comprised cooperation with the Association of Banks in Malaysia (ABM) and the Association of Islamic Banking Institutions Malaysia (AIBIM).

The public would be informed and educated on the different types of fraud and cyber crime scams being used by today’s criminals.

“We are posting a list of the various methods and modus operandi used in these scams at our official police website at www.rmp.gov.my.

“This will be linked to the websites of all banks in the country so that anyone can easily access the information which will be regularly updated,” he said after launching the initiative at Bukit Aman yesterday.

Khalid said RM98.6mil in losses was recorded last year in cases involving cyber crimes, including Internet banking fraud as well as sms and parcel scams.

“So far this year, such losses have reached RM80.7mil, which shows that such cases and losses are increasing,” he said.

He added that losses to sms scams had jumped from RM5.8mil last year to RM39.2mil so far this year.

- The Star/Asia News Network

Sunday 19 May 2013

Online banking Trojans going after your money!


Online banking users in Malaysia need to be wary of sophisticated Trojans. 

IMAGINE a burglar hiding in your house and slowly cleaning out your valuables, bit by bit, without you even realising it.

According to security firm Symantec, that is the common modus operandi of banking Trojans today, which have grown so sophisticated that they are almost impossible to detect and very difficult to get rid of.

As its latest white paper the World of Financial Trojans reveals recently, malware (short for malicious software) attacked over 600 financial institutions worldwide last year.

With this growth, bank hold-ups or ATM robberies, the bank heist of choice in Malaysia these days will soon be a thing of the past.

The phenomenon is no doubt partly due to the growing trend of online banking. As banks move online to make their transactions fast, easy and convenient for customers, cyber criminals are also finding the digital route the faster, easier and more convenient mode for looting.

A big threat, the report highlights, is the rate at which banking Trojans are now developed: with state-of-the-art mechanisms to circumvent the more complex security systems and exploit their weaknesses.

“Trojans have indeed evolved and the attackers have become more specialised and sophisticated,” Symantec Corporation (Malaysia) Sdn Bhd director (systems engineering) Nigel Tan concurs.

Most worrying, is that while the United States and Japan remain top of their target list, the banking Trojans are increasingly targeting emerging economies with high Gross Domestic Products (GDP) in Asia and the Middle East like Malaysia.

Tan notes, “Malaysia is on the radar of these cyber criminals and our financial institutions experienced attacks out of the 600 reported globally last year. We are not in the top 10 of countries attacked but the threat for Malaysia is no less dangerous.”

Internet banking has grown steadily in Malaysia since it was first launched in June 2000, and is now offered by 29 banks in Malaysia. As of September last year, there were 12.8 million registered users, rising from 3.2 million in 2006 and eight million in 2009.

Predictably, cyber crimes in Malaysia have also increased, with some RM2.75bil losses recorded over five years, from 2005 to 2010, especially in the financial sector.

The fact that cyber criminals are starting to eye Malaysian banks means we need to be more vigilant and tighten up our cyber security, says Tan.

End-users need to keep abreast with what security measures there are. - Nigel Tan End-users need to keep abreast with what security measures there are. - Nigel Tan
“They need to look at the malware threats they are risked to and look for measures to mitigate them because any organisation will face these threats.”

However, one problem is that many of these institutions cannot keep up with the constantly evolving sophisticated attacks. Another is the gap in the ability of certain organisations to detect threats on customers systems, according to the report.

Tan concedes that the security of our financial institutions can be improved.

Another challenge is that the Trojans are beginning to work out which banks have less security, and going after them, he warns.

“There is a difference in quality between the different banks in terms of how much of the protection and fraud detection methods they put in place.

“And if you are a robber trying to decide between two houses one big house with full security or one smaller house with minimal security; it is secured with only a padlock and chain which one will you target?” Tan quizzes.

As the report sums it, banking Trojans now “enter through the backdoor, strike with clinical precision, and have evolved to a degree of sophistication that allows attackers to conduct high-value transactions while evading traditional fraud-detection measures.”

It is not that banks have been unaware of this growing threat. Since online banking was first introduced in 1994, cyber criminals have looked for various ways to attack them. By 2003, around 20 distinct banking Trojans have existed including simple keylogging Trojans and phishing, said the report.

In response, the banks bolstered their security and fraud detection capabilities.

The problem is, the cyber criminals started adapting, until most security systems and measures were neutralised.

Tan calls these cyber criminals a specialised hacking community that is no longer searching for notoriety and fame, but is in it for the money.

“Hackers now are less noisy than five years ago, but just because there is less noise right now, it does not mean that they are not there. Trojans now stay in your computer as quiet and as long as possible to steal as much money as possible,” Tan cautions.

As mentioned, an attack technique increasingly used is called “man-in-the-browser” which basically involves an application hooking into the browser and manipulating data before it is displayed.

Sophisticated thievery

The report explains, the users will not be able to detect any malicious activity but the Trojan will intercept their transactions and inject a form in the browser requesting sensitive information. Once the user submits the requested personal information, it steals the data for future thievery.

The more sophisticated Trojans can automatically execute transactions in the background, the report highlighted.

What makes it difficult to notice with the naked eye, says Tan, is that “the domain is legitimate and the security page is accurate. It is your computer that is affected, so it can steal your personal data or attack your bank.”

One thing that makes it difficult to clamp down on the attackers behind these Trojans is that it is not easy to pin the crime on them.

“Just writing malware is not an offence. It is hard to pin it as a crime, as long as the writer does not go out and sell it,” Tan points out.


It also does not help that they are reportedly organised underground groups who are not only experts at scripting and automating attacks, but are also knowledgeable about the sophisticated global financial industry and supported by a service industry of widely available malware.

It is akin to organised crime, he opines.

As the report puts it, “The financial fraud marketplace is also increasingly organised. It is a service industry where a wide variety of financial Trojans, webinjects, and distribution channels are bought and sold. Services being offered are dedicated to each aspect of a financial fraud campaign. These offerings will improve effectiveness of established techniques.”

The Top Three of the “Most Wanted” malware list in 2012 were the Zeus Trojan, also known as Zbot (+ Gameover), having compromised more than 400,000 computers worldwide; followed by Cridex at more than 250,000 computers compromised and Spyeye at more than 50,000.

Symantec also points to third-party remote webinjects which can circumvent security countermeasures, targeting a large number of financial companies “concurrently and intelligently” as posing a threat to financial companies.

According to the report, it is not only the main financial organisations like commercial banks that are high on the list of targets, but also organisations that perform online financial transactions such as automated clearing house payments systems and payroll systems.

It is thus crucial for the “good guys” to be alert all the time. They can't slip up and must put in place adequate security mechanisms and take strong measures to deter attackers from targeting these institutions, Tan urges.

Ultimately, users cannot leave the responsibility for security solely to the institutions, he warns.

“End-users need to raise their awareness of the threats out there as at the end of the day, the criminal will go through the end-user to attack the financial institutions.”

The best measure, he stresses, is not to get infected in the first place, so installing a good anti-malware programme on your personal devices is crucial.

As he puts it, anti-malware solutions can stop the malware, even if you were already infected, shares Tan.

“The scanning will pick it up and delete it off your system.”

Tan also emphasises ongoing education in security, as the threats are constantly evolving.

“There will not be a point where you can say this is it. This is what everyone should do. End-users need to keep abreast with what security measures there are.”

Good practice needs to be adopted such as reading the message box or running an anti-virus before downloading anything from a website.

“Most of the time when people get a pop-up to say that you have a malware, they just cancel it or click it close, or when it says your computer is infected, they just ignore it.”

Significantly, Tan says this is not a call to say that Internet banking is bad.

“Quite the contrary. Internet banking has a lot of benefits.

“But as we embrace any new technology or media, we just have to be aware of what the threats are on the Internet. As long as we take adequate protection, we will be safe.”

By HARIATI AZIZAN sunday@thestar.com.my

Friday 25 May 2012

Malaysian banks to curb the online scams' ;Carelessness, Lease your bank account to scammers?

PETALING JAYA: Banks will introduce a new layer of security as they work closely with cyber security authorities and the police to combat the proliferation of online fraud.

Cybersecurity Malaysia said fraud cases reported to the agency had doubled from 606 in 2009 to 1,328 in 2010 and 3,142 last year.

“As of April this year, we received nearly 2,000 cases of online banking fraud,” said its CEO Lt Col (Ret) Prof Datuk Husin Jazri, who confirmed that the agency was joining forces with the Association of Banks Malaysia to combat Internet scams.

Going the extra mile: A third layer of security is to be adopted for online systems soon.
 
The agency, under the Science, Technology and Innovation Ministry, will work with banks to carry out an intensive campaign to raise awareness of the scams.

The matter has become so serious that CIMB and Maybank recently made a concerted effort to warn of online banking scams by taking a full page advertisement in The Star, urging their customers to report immediately if they received a TAC (Transaction Authorisation Code) which had not been requested.

The TAC, which is sent by SMS to the registered mobile phone of the user, is the second layer of security. The first is the login credentials the username and password.

According to Macro Kiosk Bhd, the mobile service provider for 16 local banks, financial institutions might adopt a “third layer” of security for their online systems soon.

The “Third Factor Authentication” feature will detect attempts to hack into online banking accounts based on the location of the user's mobile.

“It will allow banks to detect the location of the computer used to log into the account and match it with the location of the user's mobile phone.

“For example, if the person accessing the account is found to be outside Malaysia, while the user's mobile phone is in this country, it is likely that something is not right,” said Macro Kiosk CEO Kenny Goh.

The user would then be sent an SMS to confirm if they wanted to continue with the transaction.

“This will alert the user if someone is trying to hack into his or her online banking account.”

By P. ARUNA aruna@thestar.com.my

Hectic lives can lead to carelessness, says cyber cop


PETALING JAYA: It is not always greed or ignorance that leads people to become victims of online scams. Sometimes, a hectic schedule could be the cause.

“Due to our busy schedules, we tend to overlook or forget to be wary of online fraud ... until it happens to us,” said Cybersecurity Malaysia CEO Lt Col (Ret) Prof Datuk Husin Jazri.

He related an incident involving a professional who ended up losing all the money in his bank account within minutes.

“He was about to go out for a meeting when he decided to quickly check his e-mail before leaving the office.

“He then saw one supposedly from his bank asking him to click on a link to update his account details.

“As he was in a hurry, he clicked on the link without much thought and followed the instructions as he was eager to proceed to his meeting.

“It was only much later that he remembered what he had done with the e-mail.

“Suddenly, it occurred to him that it was a hoax because he had heard about such a scam before.”

Husin said that although the victim contacted the agency, it was already too late.

He said Cybersecurity Malaysia had a two-minute video on how to avoid becoming a victim of banking scams that could be downloaded for free from its website http://www.cybersafe.my/video/banking/Banking.wmv.

He said scammers were always “up-to-date” and took advantage of the latest banking trends and offers.

“When a bank launches a mobile banking service, the scammer will also launch a new trick to cheat mobile banking users.

“This year, several new malware known as mobile banking trojans that mimic mobile banking applications have emerged,” he said.

He advised users to pay close attention to security messages posted on online banking websites.

“These initiatives are to help you, they are for your benefit,” said Husin

It doesn’t pay to lease your bank account to scammers


GEORGE TOWN: Two civil servants were nabbed for their alleged involvement in a ‘Macau-scam’ where the victims were cheated of millions of ringgit here.

Both of them were among three people arrested by the police on the mainland.

Penang Commercial Crime Department chief Asst Comm Roslee Chik said the suspects, in their 20s and 30s, had allowed the syndicate members to use their bank accounts for ‘illicit’ money to be deposited.

He said initial investigations showed that the suspects were given commissions by the syndicate for leasing out their accounts.

ACP Roslee said the syndicate members would impersonate personnel from the Home Ministry, Bukit Aman and Bank Negara.

“They use the Voice over Internet Protocol (VoIP) technology, to replicate phone numbers of the police, Bank Negara and other govern­ment agencies to call family members of those implicated in criminal activities overseas.

“The family members would then be told to transfer their money into an account given by the syndicate members, so that the family would not have their assets or bank accounts frozen by the authorities,” he said yesterday.

ACP Roslee said during a press conference at the state police headquarters here that police were still tracking the mastermind behind the scam.

He also said the case was being investigated under Section 420 of the Penal Code for cheating.

He added that police were looking for Nazarime Siran, 29, to help in investigation into cheating cases involving the sale of second-hand cars.

Thursday 10 November 2011

Is Your Computer Infected by DNS Malware? Seven accused in $14 million click-hijacking scam



Seven accused in $14 million click-hijacking scam

by Elinor Mills 
This graphic shows how the DNSChanger malware worked.
This graphic shows how the DNSChanger malware worked.
(Credit: FBI)
 
The U.S. Department of Justice said today that it has uncovered a large, sophisticated Internet scam ring that netted $14 million by infecting millions of computers with malware designed to redirect their Web searches to sites that generated ad revenue.

Six people have been arrested in Estonia and a Russian is being sought on charges of wire fraud and computer intrusion, the FBI said. They are accused of infecting about 4 million computers in more than 100 countries--500,000 in the U.S. alone, including NASA--with malware called DNSChanger. The malware altered the Domain Name Server settings on the computers so they could be automatically redirected to rogue DNS servers and then on to specific Web sites.



In essence, the malware hijacked the computers when certain Web searches were done, redirecting them to sites that would pay them money when people visited or clicked on ads.

"When users of infected computers clicked on the link for the official Web site of iTunes, for example, they were instead taken to a Web site for a business unaffiliated with Apple Inc. that purported to sell Apple software," an FBI statement said.

In addition, the malware would redirect infected computers searching for Netflix to a business called "BudgetMatch" and searches or the IRS to H&R Block, according to the FBI.

Defendants also allegedly replaced legitimate ads on sites with ads that triggered payments to them. For instance, they are accused of replacing an American Express ad on the Wall Street Journal home page with an ad for "Fashion Girl LA," and an Internet Explorer 8 ad on Amazon.com with one for an e-mail marketing firm.

Computers became infected with DNSChanger when they visited certain Web sites or downloaded particular software to view videos online. In addition to altering the DNS server settings, the malware also prevented antivirus and operating systems from updating, according to officials.

The defendants allegedly created companies that masqueraded as legitimate advertising publisher networks. The operation began in 2007 and ended in October with the completion of the two-year FBI investigation called "Operation Ghost Click," the FBI alleges.

The rogue DNS servers used in the operation have been replaced with legitimate servers in the hopes that infected computers will still be able to access the Internet. Owners of infected computers will need to clean the malware off their machines. People can see if their computer is infected by typing in their DNS information on this FBI Web page.

The indictment filed in the U.S. District Court of New York was unsealed today.


Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press.

 Newscribe : get free news in real time