Tag Archives: former Soviet Union

The Phisher Commuter

My colleague Lee Gomes writes in WSJ.com in his  Portals column (a few days old, this, sorry; but it is free) about phishers, and what they’re really like, quoting a guy called Christopher Abad, a researcher for Cloudmark:

Mr. Abad himself is just 23 years old, but he has spent much of the past 10 years hanging out in IRC chat rooms, encountering all manner of hackers and other colorful characters. One thing that’s different about phishers, he says, is how little they like to gab.

“Real hackers will engage in conversation,” he says. “With phishers, it’s a job.”

Readers may remember my piece a year or so back (sorry I can’t find the URL for this, and it would be subscription anyway) based on interviews with several people from East European and former Soviet Union countries who worked in various stages of the phishing train, from trojan writers to mule hunters (folk who try to recruit foreignes to move money from stolen accounts to overseas havens).

I found something slightly different to Abad: For sure these guys think it’s just a job, but they also were quite keen to justify what they did, either saying it was the only work around, or else talking in terms of redistributing a little wealth. One guy in some obscure former Soviet bloc town said he trudged several miles each day to an Internet cafe, where he worked sometimes 20 hours a day trying to recruit mules on ICQ and IRC, before walking back to his apartment where his wife and baby waited. She thought he was a stockbroker, he said.

A good piece by Lee; too little light is shed on this submerged industry. But I wonder whether, as phishing gets more popular and focused, it hasn’t moved west?

A Glimpse Of A Tentacle From The Phishing Monster

Gradually the tentacles of the Russian gangs behind phishing are appearing. But we still have no idea how it really works, and how big the beast is.

The Boston Herald reports today on the arraignment of a “suspected Russian mobster” on multiple counts of identity fraud, having allegedly obtained personal information from more than 100 victims by phishing emails.

Andrew Schwarmkoff, 28, was ordered held on $100,000 cash bail after being arraigned in Brighton District Court on multiple counts of credit card fraud, identity fraud, larceny and receiving stolen property. He is also wanted in Georgia on similar charges, and is being investigated in New Jersey.

What’s interesting is that clearly phishing is tied in, as if we didn’t know, with broader financial fraud. Schwarmkoff — if that is his real name, since investigators are unsure if they have even positively identified him — was found with “$200,000 worth of stolen merchandise, high-tech computer and credit card scanning equipment, more than 100 ID cards with fraudulently obtained information and nearly $15,000 in cash,” the Herald says.

That would at least indicate that phishing is not just an isolated occupation, and that the data obtained is not necessarily just used to empty bank accounts, but to make counterfeit cards, ID cards and all sorts of stuff. What’s also clear is that the Russians (or maybe we should say folk from the former Soviet Union states) are doing this big time. The Herald quotes sources as saying “Schwarmkoff is a member of the Russian mob and has admitted entering the country illegally. “We know some things that we don’t want to comment about,” a source said, “but he’s big time.”

Schwarmkoff, needless to say, isn’t talking. “‘Would you?’ the Herald quotes the source as saying. “Schwarmkoff,” the Herald quotes him as saying, “is more content to sit in jail than risk the consequences of ratting out the Russian mob.” That probably tells us all we need to know.

A Way To Filter Spam In Outlook (And Who The Hell Are Behind It?)

There’s a lot of software out there, but who is really behind it?

Reading a piping fresh press release from a company that may or may not be called FlowRuler, which has just released a product called, er, FlowRuler, I tried to find out a bit more about who was behind it (FlowRuler, by the way, looks like an interesting tool if you use Microsoft Outlook email. It is an add-in that enables you to “filter SPAM and organize your inbox” using “graphically designed rules”. There are two versions available: a free shareware version and the full version ($22.95). More here.

Now, back to who is behind this. I’ve noticed a growing number of press releases that appear without any details on company name, location, or whatever. Many of them turn out to be in Eastern Europe, or the former Soviet Union. That’s OK with me, but why go to such trouble to hide where you’re from?

The folk behind FlowRuler are a mystery. The website was registered in Cordoba, Argentina by an outfit called Ginkgosoft, but they don’t seem to exist as far as I can see (although I did find out that Ginkgo is a tree, the world’s oldest living species, and has been used in traditional Chinese medicine for over 4,000 years. Ginkgo soft capsules are apparently effective in improving memory, alleviating symptoms of Alzheimer’s disease, working as an anti-depressant, improving circulation, thin blood, cardiovascular health, antioxidant etc.)

Fascinating, but it doesn’t get me any closer to finding out who these guys are. More when I do.