Monday, 28. July 2014

When Cyber Thieves Disrupt Your Life – Online Financial Threats



I was supposed to publish a blog today that discusses our recent report, Operation Emmental, which disclosed details about a cybercrime organization that put together an elaborate online banking theft operation whereby they socially engineered the victims using DNS Changers, phishing sites, and mobile apps to obtain 2-factor authentication codes.  This report highlights the needs for individuals to be vigilant with their financial accounts, especially online.

This brings me to the main topic I want to share today. Recently, my wife’s PayPal account ended up being compromised. The thieves were able to get access to her account even though she had a good password with caps, numbers, and symbols associated with it. Once they had access, the criminals kicked off a series of transactions which consisted of more than 70 purchases of $100 gift certificates. This occurred within a 1 hour timeframe. Not very subtle by the criminals, and they also started purchasing Starbucks gift cards too from that account as well.  The Starbucks account used a different password from the PayPal one.

The good news was my wife had set up her PayPal account to email her whenever a transaction occurred, so she was able to identify very quickly that something was amiss. Contacting PayPal, we were able to stop those transactions from occurring, and cancelling the credit card tied to the account, any other transaction would be stopped. My wife then persisted in changing all of her online accounts passwords, just to be safe, which was many as most of you probably have experienced too. She also opened a fraud case with IC3 (Internet Crime Complaint Center) who we hope are looking into the criminals behind the attack.

All of this was rather stressful for us as we were not sure which other accounts they may have compromised, but the swift action on her part I believe we were able to stop these criminals from getting any money from this attack. This is great, but I can’t help think how many others they do, since IC3’s email response from her case submission stated, “This is the only reply you will receive from the IC3. Because we receive thousands of complaints per week, we cannot reply to every complaint received or to every request for updates.” And that is only the complaints actually filed by people, one has to wonder how many don’t get submitted probably due to most people not even knowing how to file one or that they can file one.

I’d like to share a few things you can do to help mitigate these types of incidents from occurring to you.


Set up your financial accounts to alert you via email or text message whenever a transaction occurs. This was how my wife was able to quickly identify the fraudulent transactions.
Use different passwords for each account and make them strong. I suggest using phrases you can remember with caps, numbers, and symbols included. Better yet, use a password manager like our DirectPass application to create strong passwords for you and manage your multiple online accounts.
Use a comprehensive security solution that includes multiple layers of protection, like web reputation, browser exploit prevention, file reputation, behavior monitoring, spam & phishing protection, and if it has a financial vault to encrypt your credit and/or debit card numbers use it too.
If you are compromised, open a case with IC3 (if you are in the United States). It is a lengthy submission form, but we have to get these criminals off the cyberstreets and law enforcement cannot do this unless they are informed. Submit a case here: https://complaint.ic3.gov/. If you are not in the US, you should check with your federal government for a similar option.
Monitor your financial accounts regularly for fraudulent transactions and if you can set up 2-factor authentication for transactions I’d recommend you do so.


We’ve seen over the years that cyber criminals will do whatever they can to steal your money, but if you take some precautions and set up your accounts properly, you can prevent these criminals from getting money from you.

I’d love to hear your feedback on any other practices you’ve implemented to help deter cybercriminals through your comments to this article. Please add your thoughts in the comments below or follow me on Twitter; @jonlclay.