Dave Stelzl's Blog

Working with small businesses that don’t think they are a target?  Read this – and then read more through the link below.  This is big business for organized crime, and there is little in the way of protection for the small unaware business.  (This comes from our friends at Presidio – thanks Tim!)

HOW IT WORKS

According to the Washington Post,  “The scammers infiltrate companies in a similar fashion: They send a targeted e-mail to the company’s controller or treasurer”,  this would generally be a Trojan that — when opened — surreptitiously installs malicious software designed to steal passwords.

You’ve heard me talk about Money Mules – here they are.  “Mules are instructed to set up bank accounts, withdraw the fraudulent deposits and then wire the money to fraudsters, the majority of which are in Eastern Europe”

IT GETS WORSE!

According to this article, “Businesses do not enjoy the same legal protections as consumers when banking online. Consumers typically have up to 60 days from the receipt of a monthly statement to dispute any unauthorized charges” – businesses have about 2 days!

AND CHECK THIS OUT!

“The banks spend a lot of money on protecting consumer customers because they owe money if the consumer loses money,” Litan said. “But the banks don’t spend the same resources on the corporate accounts because they don’t have to refund the corporate losses.” – Does your client understand this?

http://www.washingtonpost.com/wp-dyn/content/article/2009/08/24/AR2009082402272.html?nav%3Dhcmodule&sub=AR

This week has been a serious week for Cybercrime Sound bites…here are a few details to remember.

1. First, if you don’t have a copy of WSJ’s front page, Tuesday, AUGUST 18, 2009 – you need one.  This pictures Albert Gonzalez, called the king pin in our nations cybercrime.  28 Years old and running an organization called, “Get Rich or Die Tryin”.

2. Gonzalez was involved in the 4000 member group called Shadowcrew – one I talk about in my book The House & the Cloud.  While that group was busted some time ago, Gonzalez went free after agreeing to become an informant to the secret service.

3. This article reports TJX losses at 40 Million Credit Card numbers – again, this number seems to fluctuate between 40 and 100.  I’m not sure which number is right because they’ve all been quoted in the WSJ and USAToday. 40 makes this new 130 Million number sound much bigger. Who knows.

4. The article quotes TJX losses at $200 Million.  Remember they settled with Visa last year.

5. Gonzales was working with two others from Russia – but there are probably more, and the Russians are said to be “At Large”.

The final paragraph indicates that banks are in trouble, they are insecure, and the expert quoted warns us that putting Gonzalez in jail does not solve the problem.  He’s right.  So memorize the facts and use these sound bites going forward.

Yesterday the WSJ reported history’s largest credit card heist of 130 million credit cards, however the following article may be even more important to your next sale!  Note the following important points, and then read the link below:

1. Dwelling House Savings and Loan, a 119-year-old thrift, was shut down by federal regulators on Friday August 14^th
2. In 2008 federal auditors discovered $3 million had been electronically drained out of this banks capital account – the bank was actually operating $500,000 in a negative equity position.
3. Cyber thieves (10 to 12 individuals) were behind the heist via electronic bank transfers – leading to insolvency and ultimately bank failure.
4. Officers of the organization were fined about $10,000 in the past weeks by the Office of Thrift Supervision for failing to implement anti-money-laundering measures and internal controls ordered by the OTS.

http://www.defensetech.org/archives/004983.html

In a video that posted Friday, ABC interviews a security analyst claiming that at least 40% of all system are infected.  This improves on an older statistic that stated 66% of outside systems, and 6% of internal corporate systems were infected with Spyware.  In addition, comments on hacking through social networks, medical fraud, and Social Security Number scams are covered – check out the link below for these and more sound bites.

http://cosmos.bcst.yahoo.com/up/player/popup/?rn=3906861&cl=15058601&ch=4226720&src=news