Phone scammer stung by ABC radio presenter

ABC News, 12 September 2017:

A man claiming to be from the Australian Taxation Office (ATO) has given an expletive-ridden spray to ABC presenter Nick Rheinberger after being told their conversation was being recorded.

It was a voicemail likely to make even the most honest taxpayer frightened — a message from someone claiming to be from the tax office accusing you of tax fraud and asking you to call back immediately.

This is what happened to the ABC Illawarra presenter recently, so he called them back from his radio studio.

AUDIO: ATO Scam recorded (ABC News)

The phone call (which was not broadcast live) started politely with a man identifying himself as an ATO employee, who then asked for Rheinberger's details.

The conversation quickly turned offensive when the ABC presenter told him he was in a radio studio.

"I need to let you know I'm recording this call as well," Rheinberger said.

"F*** you, and the recording, and put this recording to your ass as well mother f***er," the man said.

"Right, OK, that's what I'd expect from the Australian Taxation Office," Rheinberger said sarcastically.

"OK? So go and get f***ed, go and f*** your mum."

The call was recorded because Rheinberger suspected it was a scam and wanted to highlight the problem, which the ATO warns has already scammed Australians out of $1.5 million this year.

The caller (who sounds as if he is an Australian resident) has been attempting to make contact with a number of people this month. See http://www.reverseaustralia.com/lookup/0253062283/

The name “Michael Anderson” or “Mike Anderson” appears to be associated with a number of scams and more than one scammer – lottery win, advance fee, cash advance debt recovery, scam victims compensation fund, next of kin inheritance fraud, unlawful prescription drug purchase, application fee, romance and more.

One of these “Michael Andersons” was caught, charged and convicted sometime between 2006 and 2008.

A number of the other Mr. Andersons appear to still be busy dialling and emailing – trying to get the unwary to either hand over their cash or volunteer enough personal information to allow the caller to attempt identity theft.

And so the spotlight hovers over Australian Deputy Prime Minister Barnaby Joyce and NSW Regional Water Minister Niall Blair......

When both the NSW Coalition Government (2 April 2015) and Federal Coalition Government (21 September 2015) gave a minister dual responsibility for agriculture and water one could almost hear the political train careening wildly in the distance.

Unfortunately two years later the people of Australia woke to discover that handing over responsibility for water in a complex major river system to two National Party MPs meant it was also a social, economic and environmental train wreck as well.

All the audits and investigations in the world will not unmake the disaster that the Murray-Darling Basin Plan has become under Barnaby Joyce and Niall Blair unless the political will is there, however this is a good start.

"The Auditor-General will investigate how Barnaby Joyce's Dept is monitoring use of environmental water by NSW." [@Tony_Burke]

In an effort to wrest back control of the situation Prime Minister Turnbull has reportedly 
ordered the Murray Darling Basin Authority to conduct an allegedly ndependent basin-wide review into compliance with state-based regulations governing water use. The review report will be presented to the December 2017 Council of Australian Government (COAG) meeting.

Would you trust these men with your personal health information? Part Two

Left to Right: Minister for Human Services and Liberal MP for Aston, Alan Tudge

& Minister for Health and Liberal MP for Flinders, Greg Hunt

The Guardian, 8 July 2017:

The government found itself facing heavy criticism this week over how it handles Australians’ personal information, after a Guardian investigation revealed a darknet trader was illegally selling the details of any Medicare card holder on request by “exploiting a vulnerability” in a government system.

The data had been for sale since at least October 2016, and the seller appears to have sold the Medicare details of at least 75 Australians…..

“What’s happening is the community is wrapping these attacks together and seeing them as a threat, and it adds to a perception that their data is not safe,” said Australia’s privacy commissioner, Timothy Pilgrim. “All the players need to work out a way to build up that trust.”

But why do these breaches keep happening? And is the government doing everything it can to stop them, and reassure the public when they do happen?

After being alerted by the Guardian to the Medicare breach, the minister took swift action, referring it to the Australian federal police for investigation. Pilgrim welcomed this as an appropriate response…..

The most critical risk to Australians from the misuse of Medicare card data is one of identity fraud. A fake Medicare card with legitimate details can get a criminal a quarter of the way to an entire fake ID. This could then be used by organised crime groups in any number of ways, for example by leasing property or equipment. It could also be used to fraudulently obtain services from Medicare itself.

In this case, the darknet was the vehicle for this particular identity fraud scam. But it didn’t need to be, and it is likely similar, less-sophisticated scams are taking place right now.

Tudge has used an unusual line to explain the breach. He has said it was not a hack or cyber attack, but “traditional criminal activity”. What he’s edging around is that his department believe this was a case of an individual using a legitimate method to access Medicare data – but for an unauthorised and illegal purpose.

But contrary to Tudge’s assertion, access control is very much a matter of cybersecurity. And there are a lot of problems with the way Medicare card details can be obtained.

For instance more than 200,000 individual users can potentially look up Medicare card details through the department’s system. The department has declined to answer whether each access is logged, which could allow it to trace when a particular card was looked up. If those controls aren’t there, it’s unlikely the darkweb vendor selling this data will be found.

It doesn’t mean someone sitting in a doctor’s clinic has been supplying the data. A prospective patient could show up at a GP’s reception, pretending to be someone else, and just ask for that person’s Medicare card details. Guardian Australia has spoken with one employee at a medical practice who said people regularly asked for their card details to be supplied.

Identity fraud using Medicare cards is coming to be seen as a big problem in the government. The human services department acknowledged in February 2016 that there had been 1,500 “probable” cases of Medicare fraud, a jump from 269. The Australian reported that in 2014 the justice minister, Michael Keenan, set out to quantify the scale of Medicare card fraud taking place. A study found Medicare cards and driving licences were the mostly commonly used forms of ID for fraudsters.

The problem appears to be growing worse as those given credentials to access Medicare card details legitimately has increased – jumping 25% in the last financial year – and as organised crime groups grow more sophisticated in their methods.

All of this contributes to the loss of trust….

Would you trust these men with your personal health information? , 5 July2017

Former Queensland LNP politician found guilty of fraud

What started with this……

Hockings v Queensland Retail Traders and Shopkeepers Association (Industrial Organization of Employers) [2014] QIRC 37 (19 February 2014):

CITATION:	Hockings v Queensland Retail Traders and Shopkeepers Association (Industrial Organization of Employers) [2014] QIRC 037
PARTIES:	Hockings, John Norman (Applicant) v Queensland Retail Traders and Shopkeepers Association (Industrial Organization of Employers) (Respondent)
CASE NO:	B/2013/18
PROCEEDING:	Application to re-open proceedings
DELIVERED ON:	19 February 2014
HEARING DATES:	12 and 26 April 2013 30 May 2013
MEMBER:	Deputy President Bloomfield
ORDERS :	1.  Matter No. RIO/2012/155 be re-opened on the Commission's own initiative. 2.  Orders in Matter No. RIO/2012/155, issued on 10 September 2012 and formalised on 5 December 2012, be vacated. 3.  Mr Scott and Mrs Emma Driscoll be referred to the Queensland Police Service for investigation. 4.  Mr  Scott Driscoll  be referred to the Speaker of Queensland Parliament for possibly misleading Parliament.

Ended with this…….

Brisbane Times, 25 November 2016:

Former Queensland politician Scott Driscoll has admitted to soliciting thousands of dollars in secret commissions and falsifying records during his term as the Member for Redcliffe.

Driscoll was expected to stand trial in the Brisbane District Court next week but on Friday pleaded guilty to 15 charges, including fraud.

The 41-year-old was released on bail and is due to be sentenced next year on March 6.

The former Liberal National Party MP won office in the Newman government's landslide in the March 2012 election victory.

Driscoll resigned in disgrace from State Parliament in November 2013for misleading the House about his financial interests and his role in the Queensland Retail Traders and Shopkeepers Association.

A year later, Driscoll was charged by the Crime and Corruption Commission for soliciting secret commissions worth at least $400,000 on behalf of the QRTSA from Wesfarmers and Woolworths in October 2012 while he was in office……

Driscoll did not speak to the media as he left the court with his wife Emma, who was sentenced in September to three years jail, wholly suspended, for multiple counts of falsifying a record and making a false declaration.

Is PayWave picking your pocket at the checkout?

Tweed Daily News 3 September 2014:

PAYWAVE card payments have improved efficiency at the checkout, but the experience of one South Grafton man suggests you should be vigilant near one of the terminals.

Last week, Don Booth, of South Grafton, was waiting behind another customer at the cash register of a Grafton business.

As he watched the cashier, he noticed she did something different and asked her what happened.

He was shocked to find that instead of billing the customer in front of him, the terminal had picked up the card in his wallet and completed the transaction with his money.

"Because the girl at the checkout noticed it, we were able to fix it up straight away," Mr Booth said.

He said the girl at the checkout told him it was not her first experience of a payWave transaction going wrong.

"She said it happened in Coles to a customer, in the same way it happened to me," Mr Booth said.

Mr Booth said he would be taking extra care to check his next card statement.

Perhaps the rise in credit card fraud NSW Police Coffs Clarence Police Command has recently complained about may also be a result of flaws in wireless near field communication technology.

In October last year Among Tech posted this information on electronic pickpocketing:

The fact that you can use your smartphone to pay at a restaurant or a store is great and with NFC (Near Field Communication) technology you can do just that, but what else? Several months back a report from CBC showed us how easy it is to steal credit card credentials using an App and NFC technology which is integrated in most of the high end Android smartphones, but even after 6 months it is still possible to download one of these Apps and hack someone’s credit card and Google has made no changes to its software in order to make it harder for people to steal someone else’s credit card info.

Apps like SquareLess allow users to see a credit cards number, security code and expiration date which later can be used by hackers to purchase products online without the credit card holder to give them permission to do so. SquareLess is just one of the many apps available on the Play Store that allow you to do just this, which is a very serious issue. A study done by xdadevelopers that any of the following credit cards can be hacked using NFC:

American Express Blue Cards

Barclaycard

Chase Credit Cards

MasterCard PayPass

Visa payWave Cards

So, How can an App and NFC read credit card credentials? NFC technology is also what is used in stores to read our credit card, a credit card will give its information which allows you to make the transaction once it finds a valid payment terminal device but the credit card doesn’t look at what type of terminal device this is (since it doesn’t know this information), it is just interested in finding one. Making the smartphone function like a payment terminal can allow you to “fool” the credit card making it think it is what it is looking for, easily allow the app to read all the necessary credentials. In order to do so, all that is required is for the smartphone with NFC to be approximately 10cm close to the credit card. Here is a video demonstrating just how easy it can be done……

Channel 7 Today Tonight also broadcast an item on this subject in July this year.

Internet websites are now offering RFID-shielding passport holders/wallets/sleeves to prevent remote scanning and skimming of Paywave or touch-and-go-credit cards, although the effectiveness of these products is open to question.

Attorney-General George Brandis and his bravura performance as Pot-Kettle-Black

Australian Attorney-General George Brandis in opposition and government on the subject of members of parliament and honest/ethical conduct.

In Hansard 17 August 2011:

Finally, it was only yesterday, when this matter was brought to light, that the member for Dobell sought to amend his register of a member's interests by lodging with the Register of Members' Interests for the House of Representatives a letter that identified the payment of a sum of money in May 2011 by the Australian Labor Party's New South Wales branch, in settlement of a legal matter to which I was a party. Why was that amendment made only after its disclosure was revealed?

On ABC The Drum 29 August 2011:

Senator Brandis has pursed the ALP backbencher Thomson with a vigour that is disturbing on a number of levels.

Firstly, there are the telephone calls to ministers and police commissioners. Senator Brandis called New South Wales Attorney-General Greg Smith, a fellow Liberal, in early August. Smith says that Brandis was alerting him to a forthcoming media story which would reveal Brandis had asked the New South Wales DPP to look at the Thomson matter.

Then a couple of weeks later Brandis was on the phone again, this time to speak with New South Wales Police Minister Michael Gallacher to again alert him to the fact that Brandis would be sending a brief to the Police Commissioner Andrew Scipione. Gallacher himself alerted Scipione to look out for the Brandis brief.

Then there was Brandis's call to Australian Federal Police Commissioner Tony Negus last week. Brandis apparently wanted to clarify whether the AFP would be investigating the matter.

On Channel 7 Sunrise:

"Shadow Attorney-General George Brandis has provided information to police in relation to a number of matters concerning a federal Labor MP," police said in a statement on Tuesday.

"This correspondence has now been referred for internal assessment to determine whether a criminal offence has occurred."

In Hansard 5 February 2013:

Meanwhile, in the coming week there are the fraud charges against the other man upon whose vote the Gillard government depends, Mr Peter Slipper.

In The Sydney Morning Herald 23 September 2013:

he regarded the wedding as a chance to ''foster collaboration'' over Mr Smith's work covering the then prime minister and the Craig Thomson scandal

In the Herald Sun 30 September 2013:

Yesterday, Senator Brandis said he would repay the money to avoid any uncertainty about the circumstances of Mr Smith’s wedding in December 2011.

But he said he still considered he was within parliamentary entitlements to make them.

“I considered that those costs were within parliamentary entitlements, since they were incurred in the course of attendance at a function primarily for work-related purposes. I remain of that view,” he said in a letter written today to the Finance Department.

George Brandis’ July-December 2011 Parliamentarian’s Expenditure Record covering the period in which he travelled to and from the private Smith wedding at taxpayers’ expense:

                                

Domestic Travel 4 Dec 11 Brisbane Sydney 5 Dec 11 Sydney Brisbane $1,191.06

Com Car Brisbane 4 Dec 11 $82.83 Brisbane 5 Dec 11 $44.23

Hire Car Sydney 4 Dec to 5 Dec 11 $143.40

TOTAL $1,461.52

News.com.au 8 April 2013:

Mr Slipper, who stood down from the role of Speaker of the House of Representatives amid controversy last year, faces charges relating to three occasions in which he allegedly dishonestly used Cabcharge dockets to visit Canberra wineries in hire cars in 2010, amounting to $1194 in charges to the taxpayer.

It would appear that the more a member of parliament or senator owes the Department of Finance, the less likely he or she will be held accountable at law.

While the Attorney-General’s attitude seems to be that it is fraud when someone considered a political enemy makes a dubious claim for expenses over and above his/her parliamentary salary or fails to accurately record financial details, but it is perfectly alright when he or a member of his party does so. Additionally, Brandis appears to believe he is entitled to use his expense claims to hide the cost of actively pursuing such a perceived enemy.

The rules relating to parliamentarians' travel allowances/entitlements can be found here.

Fracking PsyOps. Yesterday America, today New South Wales?

For all those NSW Northern Rivers 'insurgents' out there.........

http://youtu.be/vJwAXTxPIXo

DRIVING FORWARD A UNITED INDUSTRY FRONT TO EDUCATE THE PUBLIC, ENGAGE NGOs AND LEVERAGE MASS MEDIA, SOCIAL MEDIA AND GRASSROOTS ADVOCACY TO OVERCOME PUBLIC CONCERN OVER HYDRAULIC FRACTURING, Houston, Texas USA 2011

CNBC 8 November 2011:

CNBC has obtained audiotapes of the event, on which one presenter can be heard recommending that his colleagues download a copy of the Army and Marine Corps counterinsurgency manual. That’s because, he said, the opposition facing the industry is an “insurgency.”....

Another told attendees that his company has several former military psychological operations, or “psy ops” specialists on staff, applying their skills in Pennsylvania....

In a session entitled “Designing a Media Relations Strategy To Overcome Concerns Surrounding Hydraulic Fracturing,” Range Resources communications director Matt Pitzarella spoke about “overcoming stakeholder concerns” about the fracking process.

“We have several former psy ops folks that work for us at Range because they’re very comfortable in dealing with localized issues and local governments,” Pitzarella said. “Really all they do is spend most of their time helping folks develop local ordinances and things like that. But very much having that understanding of psy ops in the Army and in the Middle East has applied very helpfully here for us in Pennsylvania.”

At another session, Matt Carmichael, the manager of external affairs for Anadarko Petroleum , spoke on the topic of “Understanding How Unconventional Oil & Gas Operators are Developing a Comprehensive Media Relations Strategy to Engage Stakeholders and Educate the Public.”

He said he had several recommendations for the oil industry media professionals at the event, one of which, he said, involved the military.

“Download the U.S. Army-slash-Marine Corps Counterinsurgency Manual, because we are dealing with an insurgency,” Carmichael said. “There’s a lot of good lessons in there and coming from a military background, I found the insight in that extremely remarkable.”

Audio here.

Approximately 472 page U.S. Army -Marine Corps Counterinsurgency Field Manual (December 2006) here.

Excerpt from U.S. Army - Marine Corp Counterinsurgency Field Manual: Afghanistan Edition here.

Saffin encourages increasing awareness of identity fraud

Media release from the Federal Member for Page on the NSW North Coast:

Page MP Janelle Saffin is encouraging people in her electorate to gauge how well they protect their identity, during National Identity Fraud Awareness Week which runs from 17-23 October 2011. 

“Our community needs to realise just how serious identity crime is and to understand the devastating effects it can have on an individual’s life,” Ms Saffin said.

A survey is available on the Australian Federal Police website as an innovative way of educating the general public on importance of being aware of identity crime.

The survey covers safety tips such as checking ATMs for any signs of tampering before using, shredding bank statements and other documents instead of putting them in the recycling bin, and deleting spam emails from the deleted email folder. 

 “This survey allows members of the public to test how vulnerable they are to identity crime and take remedial measures if they need to,” Ms Saffin said. 

“Many local people contact me about receiving unsolicited phone calls and emails claiming to be from the Australian Tax Office or other Government office seeking bank account details or other personal information.

“I can confirm that no Government department will ever ask people to offer confidential identity or financial information over the telephone.”  said Ms. Saffin.

“I encourage people interested in taking steps to protect their identity to complete the short survey and to also report any suspicious phone calls or contact to SCAMwatch.”

The survey is available at http://www.afp.gov.au/what-we-do/campaigns/national-identity-fraud-awareness-week.aspx.  

To find out more about identity fraud scams and how you can protect yourself from identity crime, visit SCAMwatch or call 1300 795 995.

John Xavier Berlin jailed for fraud - history of child sex-offences revealed in court

THERE is no way John Xavier Berlin could have been a police officer, after being convicted of child-sex offences and spending two years in a Queensland jail.

That was the conclusion drawn by magistrate David Heilpern when he sentenced Berlin to 12 months behind bars at Grafton local court yesterday.

“Mr Berlin, you have never been a police officer,” he said.

“That is the source of all these problems.” Source: The Daily Examiner, 24/8/11

Today's Examiner gives Berlin much more attention than he'd ever like. Berlin is front-page material, gets more coverage on page 5 and is also the subject of an opinion piece written by the paper's chief-of-staff. Topping things off is a front page photograph of Berlin.

Read The Daily Examiner's report here.

More on identity theft - a warning about a so-called ATO website

A scam email doing the rounds again purports to be from the Australian Tax Office.

The email states:

"Subject: Please submit your tax refund
After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund . Please submit the tax refund request and allow us 3-6 days in order to process it.
See your refund status by downloading attachment."

The email's attachment leads to a webpage that looks very much like an official ATO page, but it's not! The page seeks tax file numbers, date of birth and other personal details.

Details about the sender of the email are linked to the e address info@stout-associates.com

Advance Australia the Plastic

I was having a yarn with a local shopkeeper the other day when he remarked that most of his over-the-counter sales involved plastic.
I was rather surprised, being addicted to the feel of a roll of readies myself, but it was an observation borne out by the Australian Crime Commission’s latest report this year:

“Card transactions have continued to increase substantially over the past decade.
For example, during that period credit card transactions have increased from 42.8 million to 118.8 million per month.
Australians spend A$17.8 billion per month on credit cards and A$11.3 billion per month on EFTPOS transactions, and they withdraw A$12.4 billion per month from ATMs……
More than 657 000 cases of card fraud on Australian issued credit and debit cards were reported in Australia during 2009.
The value of credit card fraud was estimated at 57.15 cents per $1000 transacted in 2009. The value of debit card fraud during that year was estimated at 9.43 cents per $1000 transacted.”

Be prepared for the Twelve Scams of Christmas

Bluddy 'ell it's almost December.
What do those scouts say? Be prepared......
With the festive season starting to gear up and thoughts of present buying beginning to creep into idle moments, it was probably timely that someone passed these emails on to me as examples of what may come down Teh Netz and land on your PC to snatch up your hard-earned readies, raid your credit card or wreck your home computer:

Xmas Promotion‏
From: Microsoft Award (cleohfn@bellnet.ca)
Sent: Friday, 20 November 2009 10:22:20 PM
To:
£750,000.00 has been award to you,send us your Names/Tel/Country to slyvester_howard@gala.net. Tel: +44-70-24-030-541

read and reply now‏
From:united state postal inspection service (uspostal@noreply.com)
Sent:Sunday, 22 November 2009 10:43:51 PM
To:
1 attachment delivery.doc (26.0 KB)

Here's a reminder from McAfee by way of CNet News:

1. Charitable phishing scams: Marcus warns consumers to be wary of e-mails that appear to be from legitimate charities. Not only will they take your money and deprive charities of needed funds, but they will also steal your credit card information and identity.
2. 
   Fake invoices from delivery services: During this period, scammers will send out fake invoices and delivery notifications appearing to come from Federal Express, UPS, the U.S. Postal Service or even the U.S. Customs Service saying that they were unable to deliver a package to your address. They ask you to confirm your address and give them credit card information to pay for delivery.
3. 
   Social networking friend requests: Bad guys take advantage of this social time of year by sending out authentic looking friend requests via e-mail. Marcus recommends that you not click on those links but sign into Facebook and other services and look for friend requests from the site itself. Clicking on a link could install malware on your computer or trick you into revealing your password.
4. 
   Holiday e-cards: Be careful before clicking on a holiday e-card, especially if it's from a site you haven't heard of. This is a way to deliver malware, pop-ups, and other forms of unwanted advertising. Some fake e-cards will look like they come from Hallmark or other legitimate companies, so pay close attention and make sure it's from someone you know. If you're going to send an e-card, be sure you're dealing with a reputable service lest you risk infecting yourself and your friends.
5. 
   Fake "luxury" jewelry: If you see an offer for luxury gifts from companies like Cartier, Gucci, and Tag Heuer at a price that's too good to be true, it probably isn't true. These links could lead you to malware and take your money or merchandise that will probably never arrive (or be fake if it does). Some of these sites, according to McAfee, even display the logos of the Better Business Bureau.
6. 
   Practice safe holiday shopping. Make sure your wireless network is secure and be sure you're shopping on sites that are secure. Though it isn't an iron clad guarantee, you should look for the lock icon in the lower right corner of your browser and make sure the Web page starts with https. The "s" stands for "secure."
7. 
   Christmas carol lyrics can be dangerous: Bad guys know that people are searching for holiday related sites for music, holiday graphics, and other festive media. During this time, they create fraudulent holiday related sites.
8. 
   Job search related scams: With the unemployment rate at 10.2 percent, there are plenty of job seekers looking for work. Beware of online offers for high paying jobs or at-home money making schemes. Some of these sites ask for money up front, which is a good way for criminals not only to steal your "set up fee" but misuse your credit card too. Marcus said that some "get rich quick" sites are all about money laundering, asking you to accept an inbound financial transfer and pay them.
9. 
   Auction site fraud: McAfee has observed a rise in fake auction sites during the holidays. Make sure you're actually going to eBay or whatever site you plan to deal with.
10. 
    Password stealing scams: Criminals use low-cost tools to uncover passwords, in some cases planting key logger software to record keystrokes. Once they get your passwords, they gain access to bank accounts and credit card accounts and send spam from your e-mail accounts.
11. 
    E-mail banking scams: A common type of phishing scam is sending out official looking e-mails that appear to come from your bank. Don't click on any links but type in your bank's Web address manually if you need to access your account.
12. 
    Files for ransom: Hackers use malware to gain control of your computer and lock your data files. To access your own data you have to pay them ransom.

Update:

On the SCAMwatch radar this month:
Overcharged bank fees scam
November 2009: SCAMwatch is warning consumers about hoax offers of assistance to reclaim overcharged bank fees.
Bogus anti-virus alerts
November 2009: Scamwatch is warning consumers to be wary of bogus security software or 'scareware'.
Travelling to the USA?
November 2009: SCAMwatch is warning all prospective travellers to the United State of America to be wary of unauthorised third party websites.
Comcover non-refundable loan email
November 2009: SCAMwatch is warning about an email from Comcover that offers a non-refundable loan
Steer clear of sports investment schemes
November 2009: SCAMwatch is warning you to be very careful if you think you can improve your odds with the aid of sports ‘investment’ opportunities.

A case of the biter bit, but few are chortling over AFP intelligence fiasco

I was watching ABC Four Corners last Monday when this little comment came up:
"ANDREW FOWLER: The site was called root-you.org, and for the last two weeks the Australian Federal Police in cooperation with the South Australian Police have run the perfect sting.

TIM DAVIS, FEDERAL AGENT, HIGH TECH CRIME OPS. AFP: We've infiltrated that site and so now we've got control as well.

NEIL GAUGHAN: What we've done with that particular network is we've captured all the identities of all the people that've been using that network. We can operate in a covert activity here fairly seamlessly with no harm to our members with continual and actual significant penetration.....

ANDREW FOWLER: In the case of root-you.org, the Federal Police decided the best result was to effectively blow up the site by posting a notice that it was under law enforcement control.

TIM DAVIS, FEDERAL AGENT: Mate are you right to post that message on the forum.

MAN (on phone): Yep.

TIM DAVIS, FEDERAL AGENT: Well if you can do that now that'd be great."

I did idly wonder if there would be a cyber response and thought - "Naw, won't happen".
Then it well and truly did and F-Secure has links to this not so funny episode of counter-hacking, which was the almost inevitable result of all that televised bragging by the boys in blue (this also saw police computer files of actual bank, building society and corporate credit card details exposed to the view of at least one other hacker).

Some of the hacker chatter {A little **** covers words which offend those bluidy filters}:
"After the authorities FINALLY posted their little "ohhh, we have been monitoring this website", we finally said "Enough is enough, we are sick of these f**ks acting like they are hackers, lets see what they really know".
So After writing another FTP report yesterday.. I decided I would move on to getting control of r00t-y0u.org. See what the authorities know about server maintenance.. and how secure they can make stuff.
Lo and behold, their server was windows! I couldn't stop laughing at the sight of this, but I soon moved on. After visiting a 404 page, I instantly noticed that they were using Xampp. Those lazy f***s
can not even just install apache, and php themselves. So instead, they download some application to do it all for them.
Figures.
Now, of course.. they were just SO F***KING SMART, that they left the MYSQL password BLANK! After screwing around with their database, I dumped a vulnerable query into a php file, thus giving me full access to their servers.
After taking a look at the r00t-y0u database, lookie what we find.
User: "h1t3m" (Administrator)
Email: macrobber@gmail.com
These dipsh*ts are using an automatic digital forensics and incident response tool.
They can't do sh*t all themselves, because like I have said before, they have no skill. Anyways, after looking on their win32 machine for a while, I noticed some really awkward stuff. They have credit cards, and bank accounts all on a seperate drive (G:\)."

Four Corners transcript

Pic from Google Images

Phishing lures received this week

St. George Group

Dear Customer,

Due to recent account takeovers and unauthorized listings, St.George Bank is requesting a new account verification procedure. From time to time, randomly selected accounts (seller and/or buyer) are placed under an advanced updating process based on merchant accounts/bank relations and on-file credit cards. St.George Bank may also request in an email message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account has expired, or if you have changed/replaced your credit card without letting us know about the change.

An email one doesn't reply to!

Dear costumer ,

For your security, we have temporarily prevented access to your account. We have reasons to believe that your access may have been accesed by someone else than you. You may be getting this message because you are signing on from a different location or device.
If this is the case, your access may be restored when you return to your normal sign on method.
For immediate access, you are required to follow the link below to secure your personal account informations.
https://ibanking.stgeorge.com.au/InternetBanking/welcome.jsp?loginattempt=max&resetid=emailID29953291
Thank you for helping us protect your account.

© St.George Bank Limited ABN 92 055 513 070 AFS Licence No. 240997

The spelling gives this attempt at Internet fraud away.

Church of Scientology on trial in France on charges of organised fraud

... and the case could lead to the nationwide dissolution of the controversial organisation.

The so-called church is accused of targeting vulnerable people for commercial gain.

France, which categorises Scientology as a sect, has previously convicted several individual Scientologists of fraud over the past decades – most notably its science fiction-writing creator, L Ron Hubbard, in 1978.

The Guardian reports that the case stems from the testimony of a French woman who filed an official complaint against the organisation in 1998.

Lawyers for Aude-Claire Malton claim Scientologists preyed upon her at a time when she was "very psychologically fragile", pressuring her into spending €21,000 (£18,000) – her life savings – on products including "purification packs" and vitamins.

The investigating magistrate in charge of bringing the case against the church, Jean-Christophe Hullin, said the church, which has been glamourised by Hollywood members such as Tom Cruise and John Travolta, made a profit by placing individuals in a "state of subjection". The organisation, he argued, is "first and foremost a commercial business" whose actions reveal "a real obsession for financial remuneration".

Another low-life email scam

In our electronic global village it won't be long before this email surfaces again in Australia.

According to Network World on Monday:
"You've been let go. Click here to register for severance pay. " With the economy in the state it is in now, people are afraid for their jobs and criminals are taking advantage of that fear, said Rubinoff. A common tactic includes sending an email to employees that looks like it is from the employer. The message appears to relay news that requires a quick response.
"It can be an email that appears to be from HR that says: 'You have been let go due to a layoff. If you wish to register for severance please register here,' and includes a malicious link."
No one wants to be the person that causes problems in this economy, so any email that appears to be from an employer will likely elicit a response, noted Rubinoff. Lares' Nickerson has also seen cons that use fake employer emails.
"It might say, 'In an effort to cut costs, we are sending W-2 forms electronically this year,'" said Nickerson"
* Eight other scams are here.

2009 Internet scams, hoaxes and threats and the NSW North Coast

E-Victims has released its top 10 Internet scams expected to plague users this year.

ScamBusters also has a similar top ten list:

10. Travel and vacation scams. Travel scams have always been around. But this year we expect to see more Internet-based ruses like bogus offers of cheap airfare and event tickets. The huge Olympic Games Internet tickets scam of 2008 was just the start.

9. Phony auction and classified sales. Yes, eBay, Craigslist, etc. scammers continue to reel in the victims. Despite attempts by the sites themselves to clamp down on the con artists, we expect the tricksters to re-double their deception efforts.

8. Investment and pump and dump scams. We've broadened this category after reporting on a number of failed or phony investment schemes that have cost victims tens of millions of dollars.

7. Work at home and job scams. With unemployment on the rise and the growing popularity of working from home, we think this scam will become more prevalent in 2009.

6. Grandparent, family tragedy and death threat scams. These are extremely common scams where people ask for money by claiming a relative is in trouble or that a murder contract has been taken out. Mostly, they come by phone but increasingly are seen in emails.

5. Viruses and spyware.

4. Nigerian scams, again with lots more new twists.

3. Lottery scams. You've won! New ones are appearing from Canada, the Caribbean, inside the US and from the Far East.

2. Economy related scams. We predict huge growth in loan- and credit-related scams, but foreclosure scams may ease slightly as pressure eases on banks. We'll see.

1. Identity theft and phishing. Despite tougher counter-measures, this scam is still way too easy for the criminals.

Currently in Australia a phishing email is doing the rounds which falsely alerts the recipient to an Australian Tax Office refund.
Surprisingly, by last Wednesday morning this scam was not yet posted on the ACCC-managed Scam Watch .

Australians reportedly lost up to a billion dollars in these scams in 2006-07, but what is more worrying is that identity theft is often being used for purely malicious ends in email attacks mounted as 'payback' for some form of personal disagreement.

There is some evidence that emails of this sort may have be sent from the NSW North Coast over the last 6-12 months.

So, if you receive an email with content or language that appears out of character for the named sender:

• First, contact the sender directly (not via email reply link) and attempt to verify the suspect email;
• Secondly, contact the local police if the email is fraudulent as identity theft can be an offence under Australian law if it involves stealing, fraud, forgery, uttering, computer hacking and misuse, or personation.