The Big Ring

Good piece today by my WSJ colleague Cassell Bryan-Low on the Douglas Havard case which I mentioned a week or so back: As Identity Theft Moves Online, Crime Rings Mimic Big Business (subscription only, I suspect):

Most identity theft still occurs offline, through stolen cards or rings of rogue waiters and shop clerks in cahoots with credit-card forgers. But as Carderplanet shows, the Web offers criminals more efficient tools to harvest personal data and to communicate easily with large groups on multiple continents. The big change behind the expansion of identity theft, law-enforcement agencies say, is the growth of online scams.

Police are finding well-run, hierarchical groups that are structured like businesses. With names such as Carderplanet, Darkprofits and Shadowcrew, these sites act as online bazaars for stolen personal information. The sites are often password-protected and ask new members to prove their criminal credentials by offering samples of stolen data.

Shadowcrew members stole more than $4 million between August 2002 and October 2004, according to an indictment of 19 of the site’s members returned last October by a federal grand jury in Newark, N.J. The organization comprised some 4,000 members who traded at least 1.5 million stolen credit-card numbers, the indictment says.

The organizations often are dominated by Eastern European and Russian members. With their abundance of technical skills and dearth of jobs, police say, those countries provide a rich breeding ground for identity thieves. One of Carderplanet’s founders was an accomplished Ukrainian hacker who went by the online alias “Script,” a law-enforcement official says. As with many of its peers, the Carderplanet site was mainly in Russian but had a dedicated forum for English speakers.

Well worth a read as it details how Havard’s UK operation worked.

A Glimpse Of A Tentacle From The Phishing Monster

Gradually the tentacles of the Russian gangs behind phishing are appearing. But we still have no idea how it really works, and how big the beast is.

The Boston Herald reports today on the arraignment of a “suspected Russian mobster” on multiple counts of identity fraud, having allegedly obtained personal information from more than 100 victims by phishing emails.

Andrew Schwarmkoff, 28, was ordered held on $100,000 cash bail after being arraigned in Brighton District Court on multiple counts of credit card fraud, identity fraud, larceny and receiving stolen property. He is also wanted in Georgia on similar charges, and is being investigated in New Jersey.

What’s interesting is that clearly phishing is tied in, as if we didn’t know, with broader financial fraud. Schwarmkoff — if that is his real name, since investigators are unsure if they have even positively identified him — was found with “$200,000 worth of stolen merchandise, high-tech computer and credit card scanning equipment, more than 100 ID cards with fraudulently obtained information and nearly $15,000 in cash,” the Herald says.

That would at least indicate that phishing is not just an isolated occupation, and that the data obtained is not necessarily just used to empty bank accounts, but to make counterfeit cards, ID cards and all sorts of stuff. What’s also clear is that the Russians (or maybe we should say folk from the former Soviet Union states) are doing this big time. The Herald quotes sources as saying “Schwarmkoff is a member of the Russian mob and has admitted entering the country illegally. “We know some things that we don’t want to comment about,” a source said, “but he’s big time.”

Schwarmkoff, needless to say, isn’t talking. “‘Would you?’ the Herald quotes the source as saying. “Schwarmkoff,” the Herald quotes him as saying, “is more content to sit in jail than risk the consequences of ratting out the Russian mob.” That probably tells us all we need to know.

Do It Yourself Passport Photos

Here’s a neat piece of software that does something useful: Prepares regulation size passport or ID photos from your snaps.

Passport Photo costs $10 and will let you crop or extract from existing photos before saving the photos in a batch that can then be printed out from your home printer or sent to the shop for a more professional job. As someone who still relies on photos that were taken when I was a lot younger (when I applied for a U.S. visa recently I used a 7-year old photo and the consular official looked very unimpressed when I turned up for the interview. ‘You look kinda different,’ was all she said but I could tell she was disappointed).

Anyway, good to see people still coming up with good software ideas. Sure you could do all this in Photoshop or whatever, but why bother? The program comes with preset U.S, Canadian and European formats, but will also let you configure your own. If you’ve got a family or small office this could save you a lot of fiddling about.

A new version of Passport Photo has just been released by Israel-based OnTheGoSoft.

News: ID Theft Is A Problem. It’s Official

 The Federal Trade Commission is now wise to the reality: identity theft is a problem. Nearly one in eight U.S. adults has had their credit card hijacked, identity co-opted or credit rating pockmarked by identity thieves over the past five years, Reuters quoted the Federal Trade Commission as saying. The FTC surveyed some 4,000 adults this spring to come up with the most comprehensive picture yet of the fast-growing crime.
 
Amid the grim statistics, the agency found a silver lining: After nearly doubling for two to three years, new incidents of identity theft are growing more slowly and tend to involve less money. That’s because banks are wising up to the problem, making it more difficult for scam artists to set up fraudulent credit cards, and consumers are spotting suspicious activity on their accounts earlier, said Howard Beales, director of the FTC’s consumer-protection division.