Crime Files Network

Archive for the ‘CREDIT CARD FRAUD’ Category

Accused Fraudster Pleads Not Guilty in U.S.



RIA Novosti
credit card theft  of id


A Russian national accused of setting up an online fraud ring that used stolen credit card details to defraud U.S. retailers of millions of dollars has pleaded not guilty in a Pittsburgh court, according to U.S. media reports.

Michigan-based Artur Gorlov, 28, who allegedly used the online pseudonym “Evilvodka,” was indicted on charges of conspiracy and wire fraud in 2011, but he remained at large until arrested by U.S. authorities as he disembarked from a plane at New York’s JFK airport last month, according to the Pittsburgh Post-Gazette.

Prosecutors have accused Gorlov of helping establish a group called “Atlanta Alliance,” which between 2005 and 2010 is believed to have run a network that used stolen credit card data to buy goods inside the U.S.





An alleged prostitute who police say stole credit card details from clients and bought more than $100,000 of goods over the internet has been charged with identity theft and fraud.

Karl Perry of the WA Police Major Fraud Squad said the 35-year-old woman also accessed identity documents of a female associate, assumed that woman’s identity, made online applications for credit cards in her name, then racked up a $13,000 credit card debt.

Police executed search warrants at the woman’s Rockingham house and recovered a large amount of the property bought with the cards.

She was arrested on June 25.

Senior Constable Perry said members of the public, internet sales companies and financial institutions were all victims of the alleged fraud.

The woman has been charged with 39 fraud offences and will appear in Rockingham Magistrates Court on July 10.


A high-tech syndicate composed mainly of Romanians is believed to be behind a spate of recent ATM skimming incidents that have targeted almost 40 ATMs in Sydney alone, the Fraud Squad says.

Up to a dozen members of the sophisticated gang are believed to have entered the country in recent months, moving between capital cities and attaching skimming devices to ATMs, said Colin Dyson, Commander of the NSW Fraud Squad.

They operate under the orders of international ringleaders, who at the same time orchestrate similar scams in other countries.

At least 10 ATMs in Melbourne have been used to steal customers’ bank card details and more than $1 million, police say.

Sydney has been hardest hit, with police sources saying as many as 40 ATMs have been targeted. The amount of cash stolen is yet to be tallied.

NSW Police on Sunday arrested two Romanian nationals after people saw them allegedly installing suspicious devices on an ATM at Avalon, on Sydney’s northern beaches.

The men, aged 36 and 32, were charged with possessing implements for making false instruments, and face court today.

Seven other Romanian men aged in their 20s and 30s have already been charged over the scams – two who faced court in Sydney last week and five in Melbourne.

In recent days, police in the US and New Zealand also prosecuted Romanian nationals over ATM skimming.

“It’s a global phenomenon,” Detective Superintendent Dyson said. “We also suffer a fair bit of internet fraud from that part of the world, from Eastern Europe and Russia.

“It seems they’re adept at putting this technology together.”

Detective Superintendent Dyson said there had been a rise in ATM skimming since late last year,

“Back in 2005 we arrested some Bulgarians that came out here.

“There hasn’t been a great number of incidents since then, but towards the end of the year we started to see it again.”

“The monetary impact is hard to gauge, even for the financial institutions, as it’s hard to identify [if missing money] is the result of ATM skimming, retail skimming or phishing or internet fraud,” Detective Superintendent Dyson said.

Members of the Eastern European syndicate had moved “in and out” of the country in recent months, he said.

“Its a sizeable group … I wouldn’t like to put a number on it, but less than a dozen.

“They are organised international crime groups … there are people at the very top that run it and other more lowly members that make the devices, and fit the devices to machines, and they have organisers [that co-ordinate local operations].”

Detective Superintendent Dyson believed those that had entered Australia were “organisers” and more lowly-ranked members tasked with fitting the skimming devices to machines.

“We believe we have arrested some of the organisers,” he said.

“The challenge for us is it’s global, from the other side of the world, and across jurisdictions.

“We are working with international authorities … we are working with immigration and customs, but I wouldn’t like to say how.”

There had been a noticeable improvement in skimming technology in recent years, Detective Superintendent Dyson said.

“The devices are improving and becoming smaller, more sophisticated, and the devices are capable of storing more data.

“They are becoming very difficult to detect, they seem to be made specifically for different models of ATMs.

“It’s very hard to detect unless a cardholder was very familiar with a particular ATM, or unless they saw a photo of a machine without it and with it.”

The scam involves using a skimmer to record the magnetic stripe information from a person’s card, and then capturing their PIN through a tiny, pinhole camera placed in view of the keypad.

The card details are then sold to other criminal groups and often used to buy goods here and overseas.

“From an account holder’s point of view, the best thing you can do is place something above your hand as you key in the pin, because the camera is always directly above,” he said.

“There is nothing they can do without the PIN.

Several people have been charged over the use of false identities and stolen credit card details to obtain property worth a total of $360,000

The first of the two separate operations began in early August and involved detectives gathering evidence, executing search warrants and seizing vehicles, computers and false identity documents.

Acting Detective Inspector Pete Davies said a 25-year-old man allegedly used computer editing software to create false identity documents, which he used to create six new false identities for himself.

“He then allegedly opened 17 bank accounts in the false names and successfully applied for drivers licence learners permits in these false names,” he said.

Police allege the false identities were used to buy vehicles from Perth car dealerships while entering into contracts with finance companies.

“He also entered into insurance contracts for the encumbered vehicles using the false identities,” Acting Detective Inspector Davies said.

The man then fraudulently obtained $210,000 in property including two Nissan Navara utes, a Ford XR6 ute, a Holden SV6 sedan and two Holden SS utilities.

He allegedly on-sold several of the vehicles online and forged a letter showing the vehicles were free of financial encumbrance.

He was charged with 12 counts of fraud, six counts of applying for a drivers licence while suspended, five counts of forging or altering vehicle licences, possessing a false Australian travel document, and false or misleading representation.

In a separate operation, police charged four people with a total of 78 offences including fraud, attempted fraud, receiving and possessing stolen or unlawfully obtained property.

Police say the group obtained $150,000 worth of electrical goods, perfume, jewellery, household goods and alcohol using stolen credit card information in a series of “card-not-present” transactions.

The offenders allegedly obtained the credit card numbers by “dumpster diving” in bins and then made calls to businesses and used online purchasing facilities to obtain the goods.

They allegedly used false identities, created false email accounts and used different phone numbers to deceive the businesses, which accepted the transactions.

A 40-year-old man appeared in court on July 19 and pleaded guilty to 40 counts of fraud, six counts of attempted fraud and eight counts of possessing stolen or unlawfully obtained property.

A 38-year-old woman is due to appear in the Perth Magistrates Court on September 19 charged with nine counts of fraud and two attempted fraud charges.

A 33-year-old man is due to reappear in the Perth Magistrates Court on September 22 on 11 counts of fraud and one count of receiving.

A 56-year-old man is due to reappear in the Perth Magistrates Court on September 29 charged with attempted fraud.

Acting Detective Inspector Davies said the incidents should serve as a warning to everyone to be careful with how they secure and dispose of identification documents and bank statements.

“It is not safe to throw papers in the bin, as offenders go through rubbish to locate other people’s identification papers, which facilitates identity theft and fraud,'” he said.

“Businesses are reminded to be careful accepting card-not-present transactions and consider requesting additional photo identification from customers to reduce their risk of falling victim to fraud.”

Acting Detective Inspector Davies said businesses that collect other people’s identification documents should also secure those records and ensure documents were not thrown in bins or left on unattended office desks.


Popular Australian

e-commerce fraud

suburbs revealed


Ben Grubb

May 4, 2011 – 1:24PM

New data collated from about 2 million Australian credit and debit cards reveals the popular suburbs in which e-commerce fraud has been attempted, using internet-connected computers.

E-commerce fraud involves a criminal using a stolen credit or debit card to buy goods online. The computers in the suburbs listed are either being used by an actual fraudster sitting at the terminal or remote fraudsters who have infected machines within that suburb.

The data, released by security company RSA to Fairfax, publisher of this website, showed Queensland was the hot spot for e-commerce fraud in Australia during the January to March reporting period, which used data collected from about 2 million Visa and MasterCard credit and debit cards.

Victoria, New South Wales and Western Australia were the second, third and fourth most popular states after Queensland, RSA data showed. Both MasterCard and Visa were RSA clients, RSA spokesman Mason Hooper said.

In NSW the suburb of Fairfield accounted for 6.9 per cent of the state’s e-commerce fraud. Gosford (5.4 per cent), Hurstville (2.1 per cent), North Ryde (2 per cent), Hay (1.5 per cent), Sydney (1.1 per cent) and Mascot (1 per cent) were also among the top-ranked NSW suburbs in which e-commerce fraud was committed.

The Victorian suburb of Sunshine accounted for 3.1 per cent of the state’s e-commerce fraud, Melbourne (1.1 per cent), Sunbury (0.7 per cent), Burwood East (0.3 per cent) and Burwood (0.2 per cent).

In Queensland the suburb of Sandgate accounted for 2.6 per cent of the state’s e-commerce fraud followed by Brisbane (1.6 per cent), the Sunshine Coast (0.8 per cent) and Ipswich (0.6 per cent).

Popular goods attempted to be purchased using stolen credit or debit card details often included iPhones, iPads, laptops and other computer hardware, as well as plane tickets, Mr Hooper said, adding: “We see a lot of fraud in the air travel space.”

A person’s credit or debit card information was usually stolen by a fraudster “phishing” for it or a victim unknowingly installing what is known as a “Trojan” virus on their computer.

Phishing can occur when a fraudster sends a victim an email that appears to look as though it’s come from a bank. It usually asks the victim to “verify” their details by clicking on a link and entering their credit or debit card details. Banks will never ask customers to supply these details online.

If the details are filled out and submitted, the victim essentially hands over their details to the fraudster instead of to their bank, allowing the fraudster to perform what is known as a card-not-present transaction to buy goods using the internet with the card information they have obtained.

A Trojan on the other hand, such as Zeus or SpyEye, can be used by hackers to steal information from a compromised computer. It usually takes advantage of security flaws in web browsers when a victim visits a compromised website that is used to install the Trojan.

Trojan-infected computers are also used by fraudsters to render a credit or debit card transaction anonymous, which is why many of the top-ranked suburbs were not necessarily crime hot spots, but where victims of Trojan-infected computers lived, Mr Hooper said.

Tapping into a Trojan-infected computer allows a fraudster to become untraceable, using the victim’s IP address – the unique sequence of numbers assigned to each computer, website or other internet-connected device – instead of their own.

“So we find out via IP address location [of suburbs],” Mr Hooper said. “Which … means that it could be the actual fraudster sitting at the end of that IP address or it could be someone proxying though an infected machine. And there’s no real way to break that down.”

Mr Hooper said there was “definitely a correlation between high-crime areas and online fraud”. He said he expected that “a lot” of the 6.9 per cent of e-commerce fraud being committed at Fairfield during the reporting period was “genuine” and not fraudsters using victims’ computers in that suburb “because there’s a lot of … crime out in [Sydney’s western suburbs] … so it’s not surprising to see genuine fraud attempts out in those areas”.

He also said Mascot, which is near Sydney Airport, would be where “you’d get a lot of fraud attempts on public machines”, especially on internet cafe computers at the airport.

“If you’re a fraudster then you don’t want to be caught, so it’s better if you’re going to commit fraud … to do it from public Wi-Fi or from a public machine,” Mr Hooper explained.

“So at airports it’s not surprising to see a lot in those sorts of areas and in universities where they’ve largely got free and open access to the internet.”

In the case of universities being a hot spot for e-commerce crime, Mr Hooper pointed to North Ryde, where 2 per cent of NSW’s e-commerce fraud had been committed and where Macquarie University is situated.

“So again that’s not surprising to see these things where universities exist and there’s a lot of public machines that people can use to commit fraud.”

Mr Hooper suspected many of the Queensland suburbs listed to be hot spots for Trojan-infected computers rather than where the criminals lived.

“[In] Sandgate … there’s a lot of retirees around there and people that might not be patching their machines and keeping both the patching up-to-date and the anti-virus up to date,” Mr Hooper said.

“They might be more likely to be prone to open an email message that they shouldn’t open. So either responding to a phishing attack or opening up a Trojan that’s embedded within a machine.”

He also suspected this to be the case for the NSW town of Hay – but for a different reason.

“Hay’s a very small town in NSW. I would suspect that [with] somewhere like Hay it’s actually more likely to be rampant Trojans out there. And because they’re a smaller community they’ll be sharing files between each other. So it’s quite easy to … get a concentrated infection in one area. So I would suggest there’d be less genuine fraud [there]. So I don’t think the fraudsters will live in Hay. I think they’ll live somewhere else. But there’ll be a large proportion of their machines that are infected out there. And again a lot of that will come from the community sort of impact of sending files around.”

Mr Hooper said schemes such as Verified by Visa and MasterCard’s Securecode were designed to stop e-commerce fraud from occurring.

“RSA are providing that extra level of authentication or fraud detection [to them],” he said. “So we’re stopping that fraud as the user’s making that transaction.”

Verified by Visa, which is available only on websites that participate in adding the extra level of security, creates another factor of authentication when completing a transaction.

MasterCard’s Securecode works on the same premise

insight So I guess it’s official: the enemies of Wikileaks are now the enemy of the thousands of faceless cyber mercenaries who gather under the collective of Anonymous.

Rage(Rage image by Amy McTigue, CC BY-ND 2.0)

They managed to cripple perhaps every global website of MasterCard, including Australia, after the company cut ties with Wikileaks.

That followed attacks on PayPal and a Swiss bank.

One Anonymous attacker claimed that he and very few others attacked the PayPal blogs site because they felt the whistleblower’s plight was similar to their own fight against cash-laden copyright laws.

But crippling the global MasterCard home page sites takes coordination and decision-making, which, in a hive-mind rabble of a thousand angry, overly excited online activists, is surely not an easy task.

More than 700 Low Orbit Ion Cannons — the public and open-source software written to conduct denial-of-service (DoS) attacks — blasted the sites with continuous phoney web traffic requests until they crashed under the load.

From a hotel in Hong Kong, I jumped into the Internet Chat Relay service used by the pirates during the attacks.

It was a speedy and horrid tumult of invective anarchy with a pinch of intellect and fleeting moments of lawful moderation.

“MasterCard is ******* down! They wont b [sic] ******* with Wikileaks again,” wrote one user.

“They will learn. Watch them fall. Watch them when we hit them again and again and again,” wrote another.

A few members of the libertarian hive agreed to a brief interview.

I asked user Anon555 what DoS attacks means to them and why they use them.

“We are removing the freedom of speech from those who are doing it on a grand scale,” they said.

“By that, they are really saying Wikileaks has no right to promote free speech.”

I managed to attract the attention of a few possible attack moderators, whose often whirlwind reign takes sic transit gloria mundi to the extreme.

They started with the now infamous “we are anonymous, we are legion” slogan, but were quick to offer meaningful answers to some more pressing questions.

“Wkileaks is about freedom of information, it is about revealing to the pacified masses what is really going on in their world,” they said.

US hacker guilty of

$36m credit card scam

April 22, 2011

A 26-year-old computer hacker has pleaded guilty to stealing hundreds of thousands of credit card numbers, causing losses of more than $US36 million ($33.8 million).

Rogelio Hackett, of Lithonia, Georgia, entered the plea in a court in Alexandria, Virginia, the Justice Department said in a statement.

US Secret Service special agents found more than 675,000 stolen credit card numbers in Hackett’s computers and email accounts during a 2009 search of his home, the department said.

Advertisement: Story continues below

Hackett acknowledged in court documents that he had obtained credit card numbers for the previous seven years by hacking into business computer networks, downloading credit card databases or buying them on the internet.

He also admitted selling credit card information and counterfeit cards to acquire gift cards and merchandise.

Tens of thousands of fraudulent transactions were traced to the card numbers acquired by Hackett, totalling more than $US36 million.

Hackett will be sentenced on July 22. He faces a maximum penalty of 10 years in prison and a $US250,000 fine on fraud charges and an additional two years for identity theft.


US shuts down massive

cyber crime ring

April 14, 2011 – 1:30PM

US authorities claimed one of their biggest victories against cyber crime as they shut down a ring they said used malicious software to take control of more than two million PCs around the world, and may have led to theft of more than $US100 million.

A computer virus, dubbed Coreflood, infected more than two million PCs, enslaving them into a “botnet” that grabbed banking credentials and other sensitive data its masters used to steal funds via fraudulent banking and wire transactions, the U.S. Department of Justice said.

The government shuttered that botnet, which had operated for a decade, by seizing hard drives used to run it after a federal court in Connecticut gave the go-ahead.

“This was big money stolen on a large scale by foreign criminals. The FBI wanted to stop it and they did an incredibly good job at it,” said Alan Paller, director of research at the SAN Institute, a nonprofit group that helps fight cyber crime.

The vast majority of the infected machines were in the United States, but the criminal gang was likely overseas.

“We’re pretty sure a Russian crime group was behind it,” said Paller.

Paller and other security experts said it was hard to know how much money the gang stole. It could easily be tens of millions of dollars and could go above $US100 million, said Dave Marcus, McAfee Labs research and communications director.

A civil complaint against 13 unnamed foreign nationals was also filed by the U.S. district attorney in Connecticut. It accused them of wire and bank fraud. The Justice Department said it had an ongoing criminal investigation.

The malicious Coreflood software was used to infect computers with keylogging software that stole user names, passwords, financial data and other information, the Justice Department said.

“The seizure of the Coreflood servers and internet domain names is expected to prevent criminals from using Coreflood or computers infected by Coreflood for their nefarious purposes,” U.S. Attorney David Fein said in a statement.

In March, law enforcement raids on servers used by a Rustock botnet were shut down after legal action against them by Microsoft. Authorities severed the Rustock IP addresses, effectively disabling the botnet.

Rustock had been one of the biggest producers of spam e-mail, with some tech security experts estimating they produced half the spam that fills people’s junk mail bins.

A botnet is essentially one or more servers that spread malicious software and use the software to send spam or to steal personal information or data that can be used to empty a victim’s bank account.

U.S. government programmers shut down the Coreflood botnet on Tuesday. They also instructed the computers enslaved in the botnet to stop sending stolen data and to shut down. A similar tactic was used in a Dutch case, but it was the first time U.S. authorities had used this method to shut down a botnet, according to court documents.

Victims of the botnet included a real estate company in Michigan that lost $US115,771, a South Carolina law firm that lost $US78,421 and a Tennessee defense contractor that lost $US241,866, according to the complaint filed in the U.S. District Court for the District of Connecticut.

The government plans to work with Internet service providers around the country to identify other victims.



Crime news from around the world. Easy access to reported crimes & data.

We often have a need to access files on a plethara of criminal activities that involve not only habitual crimes of various descriptions but those of impulsive one off actions that result in a crime being committed by an individual in an unintentional or negligent way.

To collate these happenings and events one can collect them from many varied sources throughout the IT world and published media.

As there are many various aspects to criminal activities, we are in no way making any judgements as to the guilt & nor innocence of any individual nor making any legal claims in giving legal/court advice or describing policies on our own, but reporting what we have accessed from what we deem to be reliable sources.

The reported crimes are catergorized in common headings for easy recognition

Subscribe to Crime Files Network