Saffin encourages increasing awareness of identity fraud

Media release from the Federal Member for Page on the NSW North Coast:

Page MP Janelle Saffin is encouraging people in her electorate to gauge how well they protect their identity, during National Identity Fraud Awareness Week which runs from 17-23 October 2011. 

“Our community needs to realise just how serious identity crime is and to understand the devastating effects it can have on an individual’s life,” Ms Saffin said.

A survey is available on the Australian Federal Police website as an innovative way of educating the general public on importance of being aware of identity crime.

The survey covers safety tips such as checking ATMs for any signs of tampering before using, shredding bank statements and other documents instead of putting them in the recycling bin, and deleting spam emails from the deleted email folder. 

 “This survey allows members of the public to test how vulnerable they are to identity crime and take remedial measures if they need to,” Ms Saffin said. 

“Many local people contact me about receiving unsolicited phone calls and emails claiming to be from the Australian Tax Office or other Government office seeking bank account details or other personal information.

“I can confirm that no Government department will ever ask people to offer confidential identity or financial information over the telephone.”  said Ms. Saffin.

“I encourage people interested in taking steps to protect their identity to complete the short survey and to also report any suspicious phone calls or contact to SCAMwatch.”

The survey is available at http://www.afp.gov.au/what-we-do/campaigns/national-identity-fraud-awareness-week.aspx.  

To find out more about identity fraud scams and how you can protect yourself from identity crime, visit SCAMwatch or call 1300 795 995.

John Xavier Berlin jailed for fraud - history of child sex-offences revealed in court

THERE is no way John Xavier Berlin could have been a police officer, after being convicted of child-sex offences and spending two years in a Queensland jail.

That was the conclusion drawn by magistrate David Heilpern when he sentenced Berlin to 12 months behind bars at Grafton local court yesterday.

“Mr Berlin, you have never been a police officer,” he said.

“That is the source of all these problems.” Source: The Daily Examiner, 24/8/11

Today's Examiner gives Berlin much more attention than he'd ever like. Berlin is front-page material, gets more coverage on page 5 and is also the subject of an opinion piece written by the paper's chief-of-staff. Topping things off is a front page photograph of Berlin.

Read The Daily Examiner's report here.

More on identity theft - a warning about a so-called ATO website

A scam email doing the rounds again purports to be from the Australian Tax Office.

The email states:

"Subject: Please submit your tax refund
After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund . Please submit the tax refund request and allow us 3-6 days in order to process it.
See your refund status by downloading attachment."

The email's attachment leads to a webpage that looks very much like an official ATO page, but it's not! The page seeks tax file numbers, date of birth and other personal details.

Details about the sender of the email are linked to the e address info@stout-associates.com

Advance Australia the Plastic

I was having a yarn with a local shopkeeper the other day when he remarked that most of his over-the-counter sales involved plastic.
I was rather surprised, being addicted to the feel of a roll of readies myself, but it was an observation borne out by the Australian Crime Commission’s latest report this year:

“Card transactions have continued to increase substantially over the past decade.
For example, during that period credit card transactions have increased from 42.8 million to 118.8 million per month.
Australians spend A$17.8 billion per month on credit cards and A$11.3 billion per month on EFTPOS transactions, and they withdraw A$12.4 billion per month from ATMs……
More than 657 000 cases of card fraud on Australian issued credit and debit cards were reported in Australia during 2009.
The value of credit card fraud was estimated at 57.15 cents per $1000 transacted in 2009. The value of debit card fraud during that year was estimated at 9.43 cents per $1000 transacted.”

Be prepared for the Twelve Scams of Christmas

Bluddy 'ell it's almost December.
What do those scouts say? Be prepared......
With the festive season starting to gear up and thoughts of present buying beginning to creep into idle moments, it was probably timely that someone passed these emails on to me as examples of what may come down Teh Netz and land on your PC to snatch up your hard-earned readies, raid your credit card or wreck your home computer:

Xmas Promotion‏
From: Microsoft Award (cleohfn@bellnet.ca)
Sent: Friday, 20 November 2009 10:22:20 PM
To:
£750,000.00 has been award to you,send us your Names/Tel/Country to slyvester_howard@gala.net. Tel: +44-70-24-030-541

read and reply now‏
From:united state postal inspection service (uspostal@noreply.com)
Sent:Sunday, 22 November 2009 10:43:51 PM
To:
1 attachment delivery.doc (26.0 KB)

Here's a reminder from McAfee by way of CNet News:

1. Charitable phishing scams: Marcus warns consumers to be wary of e-mails that appear to be from legitimate charities. Not only will they take your money and deprive charities of needed funds, but they will also steal your credit card information and identity.
2. 
   Fake invoices from delivery services: During this period, scammers will send out fake invoices and delivery notifications appearing to come from Federal Express, UPS, the U.S. Postal Service or even the U.S. Customs Service saying that they were unable to deliver a package to your address. They ask you to confirm your address and give them credit card information to pay for delivery.
3. 
   Social networking friend requests: Bad guys take advantage of this social time of year by sending out authentic looking friend requests via e-mail. Marcus recommends that you not click on those links but sign into Facebook and other services and look for friend requests from the site itself. Clicking on a link could install malware on your computer or trick you into revealing your password.
4. 
   Holiday e-cards: Be careful before clicking on a holiday e-card, especially if it's from a site you haven't heard of. This is a way to deliver malware, pop-ups, and other forms of unwanted advertising. Some fake e-cards will look like they come from Hallmark or other legitimate companies, so pay close attention and make sure it's from someone you know. If you're going to send an e-card, be sure you're dealing with a reputable service lest you risk infecting yourself and your friends.
5. 
   Fake "luxury" jewelry: If you see an offer for luxury gifts from companies like Cartier, Gucci, and Tag Heuer at a price that's too good to be true, it probably isn't true. These links could lead you to malware and take your money or merchandise that will probably never arrive (or be fake if it does). Some of these sites, according to McAfee, even display the logos of the Better Business Bureau.
6. 
   Practice safe holiday shopping. Make sure your wireless network is secure and be sure you're shopping on sites that are secure. Though it isn't an iron clad guarantee, you should look for the lock icon in the lower right corner of your browser and make sure the Web page starts with https. The "s" stands for "secure."
7. 
   Christmas carol lyrics can be dangerous: Bad guys know that people are searching for holiday related sites for music, holiday graphics, and other festive media. During this time, they create fraudulent holiday related sites.
8. 
   Job search related scams: With the unemployment rate at 10.2 percent, there are plenty of job seekers looking for work. Beware of online offers for high paying jobs or at-home money making schemes. Some of these sites ask for money up front, which is a good way for criminals not only to steal your "set up fee" but misuse your credit card too. Marcus said that some "get rich quick" sites are all about money laundering, asking you to accept an inbound financial transfer and pay them.
9. 
   Auction site fraud: McAfee has observed a rise in fake auction sites during the holidays. Make sure you're actually going to eBay or whatever site you plan to deal with.
10. 
    Password stealing scams: Criminals use low-cost tools to uncover passwords, in some cases planting key logger software to record keystrokes. Once they get your passwords, they gain access to bank accounts and credit card accounts and send spam from your e-mail accounts.
11. 
    E-mail banking scams: A common type of phishing scam is sending out official looking e-mails that appear to come from your bank. Don't click on any links but type in your bank's Web address manually if you need to access your account.
12. 
    Files for ransom: Hackers use malware to gain control of your computer and lock your data files. To access your own data you have to pay them ransom.

Update:

On the SCAMwatch radar this month:
Overcharged bank fees scam
November 2009: SCAMwatch is warning consumers about hoax offers of assistance to reclaim overcharged bank fees.
Bogus anti-virus alerts
November 2009: Scamwatch is warning consumers to be wary of bogus security software or 'scareware'.
Travelling to the USA?
November 2009: SCAMwatch is warning all prospective travellers to the United State of America to be wary of unauthorised third party websites.
Comcover non-refundable loan email
November 2009: SCAMwatch is warning about an email from Comcover that offers a non-refundable loan
Steer clear of sports investment schemes
November 2009: SCAMwatch is warning you to be very careful if you think you can improve your odds with the aid of sports ‘investment’ opportunities.

A case of the biter bit, but few are chortling over AFP intelligence fiasco

I was watching ABC Four Corners last Monday when this little comment came up:
"ANDREW FOWLER: The site was called root-you.org, and for the last two weeks the Australian Federal Police in cooperation with the South Australian Police have run the perfect sting.

TIM DAVIS, FEDERAL AGENT, HIGH TECH CRIME OPS. AFP: We've infiltrated that site and so now we've got control as well.

NEIL GAUGHAN: What we've done with that particular network is we've captured all the identities of all the people that've been using that network. We can operate in a covert activity here fairly seamlessly with no harm to our members with continual and actual significant penetration.....

ANDREW FOWLER: In the case of root-you.org, the Federal Police decided the best result was to effectively blow up the site by posting a notice that it was under law enforcement control.

TIM DAVIS, FEDERAL AGENT: Mate are you right to post that message on the forum.

MAN (on phone): Yep.

TIM DAVIS, FEDERAL AGENT: Well if you can do that now that'd be great."

I did idly wonder if there would be a cyber response and thought - "Naw, won't happen".
Then it well and truly did and F-Secure has links to this not so funny episode of counter-hacking, which was the almost inevitable result of all that televised bragging by the boys in blue (this also saw police computer files of actual bank, building society and corporate credit card details exposed to the view of at least one other hacker).

Some of the hacker chatter {A little **** covers words which offend those bluidy filters}:
"After the authorities FINALLY posted their little "ohhh, we have been monitoring this website", we finally said "Enough is enough, we are sick of these f**ks acting like they are hackers, lets see what they really know".
So After writing another FTP report yesterday.. I decided I would move on to getting control of r00t-y0u.org. See what the authorities know about server maintenance.. and how secure they can make stuff.
Lo and behold, their server was windows! I couldn't stop laughing at the sight of this, but I soon moved on. After visiting a 404 page, I instantly noticed that they were using Xampp. Those lazy f***s
can not even just install apache, and php themselves. So instead, they download some application to do it all for them.
Figures.
Now, of course.. they were just SO F***KING SMART, that they left the MYSQL password BLANK! After screwing around with their database, I dumped a vulnerable query into a php file, thus giving me full access to their servers.
After taking a look at the r00t-y0u database, lookie what we find.
User: "h1t3m" (Administrator)
Email: macrobber@gmail.com
These dipsh*ts are using an automatic digital forensics and incident response tool.
They can't do sh*t all themselves, because like I have said before, they have no skill. Anyways, after looking on their win32 machine for a while, I noticed some really awkward stuff. They have credit cards, and bank accounts all on a seperate drive (G:\)."

Four Corners transcript

Pic from Google Images

Phishing lures received this week

St. George Group

Dear Customer,

Due to recent account takeovers and unauthorized listings, St.George Bank is requesting a new account verification procedure. From time to time, randomly selected accounts (seller and/or buyer) are placed under an advanced updating process based on merchant accounts/bank relations and on-file credit cards. St.George Bank may also request in an email message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account has expired, or if you have changed/replaced your credit card without letting us know about the change.

An email one doesn't reply to!

Dear costumer ,

For your security, we have temporarily prevented access to your account. We have reasons to believe that your access may have been accesed by someone else than you. You may be getting this message because you are signing on from a different location or device.
If this is the case, your access may be restored when you return to your normal sign on method.
For immediate access, you are required to follow the link below to secure your personal account informations.
https://ibanking.stgeorge.com.au/InternetBanking/welcome.jsp?loginattempt=max&resetid=emailID29953291
Thank you for helping us protect your account.

© St.George Bank Limited ABN 92 055 513 070 AFS Licence No. 240997

The spelling gives this attempt at Internet fraud away.

Church of Scientology on trial in France on charges of organised fraud

... and the case could lead to the nationwide dissolution of the controversial organisation.

The so-called church is accused of targeting vulnerable people for commercial gain.

France, which categorises Scientology as a sect, has previously convicted several individual Scientologists of fraud over the past decades – most notably its science fiction-writing creator, L Ron Hubbard, in 1978.

The Guardian reports that the case stems from the testimony of a French woman who filed an official complaint against the organisation in 1998.

Lawyers for Aude-Claire Malton claim Scientologists preyed upon her at a time when she was "very psychologically fragile", pressuring her into spending €21,000 (£18,000) – her life savings – on products including "purification packs" and vitamins.

The investigating magistrate in charge of bringing the case against the church, Jean-Christophe Hullin, said the church, which has been glamourised by Hollywood members such as Tom Cruise and John Travolta, made a profit by placing individuals in a "state of subjection". The organisation, he argued, is "first and foremost a commercial business" whose actions reveal "a real obsession for financial remuneration".

Another low-life email scam

In our electronic global village it won't be long before this email surfaces again in Australia.

According to Network World on Monday:
"You've been let go. Click here to register for severance pay. " With the economy in the state it is in now, people are afraid for their jobs and criminals are taking advantage of that fear, said Rubinoff. A common tactic includes sending an email to employees that looks like it is from the employer. The message appears to relay news that requires a quick response.
"It can be an email that appears to be from HR that says: 'You have been let go due to a layoff. If you wish to register for severance please register here,' and includes a malicious link."
No one wants to be the person that causes problems in this economy, so any email that appears to be from an employer will likely elicit a response, noted Rubinoff. Lares' Nickerson has also seen cons that use fake employer emails.
"It might say, 'In an effort to cut costs, we are sending W-2 forms electronically this year,'" said Nickerson"
* Eight other scams are here.

2009 Internet scams, hoaxes and threats and the NSW North Coast

E-Victims has released its top 10 Internet scams expected to plague users this year.

ScamBusters also has a similar top ten list:

10. Travel and vacation scams. Travel scams have always been around. But this year we expect to see more Internet-based ruses like bogus offers of cheap airfare and event tickets. The huge Olympic Games Internet tickets scam of 2008 was just the start.

9. Phony auction and classified sales. Yes, eBay, Craigslist, etc. scammers continue to reel in the victims. Despite attempts by the sites themselves to clamp down on the con artists, we expect the tricksters to re-double their deception efforts.

8. Investment and pump and dump scams. We've broadened this category after reporting on a number of failed or phony investment schemes that have cost victims tens of millions of dollars.

7. Work at home and job scams. With unemployment on the rise and the growing popularity of working from home, we think this scam will become more prevalent in 2009.

6. Grandparent, family tragedy and death threat scams. These are extremely common scams where people ask for money by claiming a relative is in trouble or that a murder contract has been taken out. Mostly, they come by phone but increasingly are seen in emails.

5. Viruses and spyware.

4. Nigerian scams, again with lots more new twists.

3. Lottery scams. You've won! New ones are appearing from Canada, the Caribbean, inside the US and from the Far East.

2. Economy related scams. We predict huge growth in loan- and credit-related scams, but foreclosure scams may ease slightly as pressure eases on banks. We'll see.

1. Identity theft and phishing. Despite tougher counter-measures, this scam is still way too easy for the criminals.

Currently in Australia a phishing email is doing the rounds which falsely alerts the recipient to an Australian Tax Office refund.
Surprisingly, by last Wednesday morning this scam was not yet posted on the ACCC-managed Scam Watch .

Australians reportedly lost up to a billion dollars in these scams in 2006-07, but what is more worrying is that identity theft is often being used for purely malicious ends in email attacks mounted as 'payback' for some form of personal disagreement.

There is some evidence that emails of this sort may have be sent from the NSW North Coast over the last 6-12 months.

So, if you receive an email with content or language that appears out of character for the named sender:

• First, contact the sender directly (not via email reply link) and attempt to verify the suspect email;
• Secondly, contact the local police if the email is fraudulent as identity theft can be an offence under Australian law if it involves stealing, fraud, forgery, uttering, computer hacking and misuse, or personation.

Ponzi scheme promoter bites the dust

"Investment manager" (and that term is used very loosely) Bernard Madoff, the former Nasdaq chairman, was charged on Thursday with massive fraud.

Time reports that according to the U.S. Attorney's office in the southern district of New York, Madoff admitted to defrauding clients for up to $50 billion in a massive Ponzi scheme that was committed over a number of years. (See the top 10 scandals of 2008.)

Forbes reports that Madoff, known to his mates as Bernie, informed “senior employees,” possibly his sons, that his investment advisory business was a fraud. (See "Mad Madoff.")

Madoff reportedly said he was “finished,” that he had “absolutely nothing,” that “it's all just one big lie.” He allegedly stated that the business was insolvent, and that it had been for years.

His estimated losses from the fraud clocked in at $50.0 billion. The U.S. Securities and Exchange Commission said regulatory files showed that the firm had more than $17.0 billion in assets under management at the start of the year and that virtually all of that is missing.

The 70-year-old Madoff is being charged with one count of securities fraud, which carries a maximum penalty of 20 years in prison and a maximum fine of $5.0 million. Madoff was released on his own recognizance after posting a $10.0 million bond secured by his Manhattan apartment.

The Securities and Exchange Commission asked the federal court in New York to freeze Madoff’s assets. The commission also appointed a receiver who will try to gather all the assets and will try to determine whether anyone else was complicit in the fraud. “The process takes years,” said Powers. “Although these frauds may appear simple, forensic accountants must go through the various transactions that occurred to understand the full extent.”

Powers said Ponzi-like schemes typical start when the scamster made a bad investment decision or dipped into clients' funds, and instead of admitting to the mistake or paying back the losses, uses new money from investors to meet redemptions.

Some are considering Madoff’s scheme the biggest fraud case in Wall Street’s history. Madoff’s clients, which reportedly include Lombardier, the Loeb Family, Banco Santander, and a slew of charities, will likely seek civil lawsuits or other legal action to try to recover the money they’ve invested.