CONSUMER NEWS    RECALLS    COMPLAINT FORM    SCAM ALERTS  


Complain about a product or service
Small Claims Guide | Class Actions | Lemon Law | FAQ | Resources | Newsletters | Spanish
Automotive    Education    Electronics    Family    Finance    Health    Homeowners    Shopping    Travel   
NEWS   Latest |  Archives |  Auto |  Cells, etc. |  Computers |  Financial |  Health |  Homeowners |  Parents |  Privacy |  Scams |  Seniors |  Travel

IT Firm Uncovers Identity Theft Scam




By Martin H. Bosworth
ConsumerAffairs.com

August 23, 2005
A routine study of a malicious spyware program led an Internet security company to a vast identity-theft criminal enterprise.

The perpetrators used a "keylogger" program to infiltrate users' systems, record their passwords, and feed the information back to a central server. The scammers were able to gain access to thousands of individuals' bank account numbers, credit card numbers, and other vital personal information.

Eric Sites, vice president of research and development for Clearwater, FL-based Sunbelt Software estimates that at least 27,000 personal computers may have been infected.

Patrick Jordan, a Sunbelt employee, was performing an examination of the infamous "CoolWebSearch" spyware program when he noticed the machine he was using sent a notification to another machine.

He traced the notification back to a remote server somewhere in the United States, and was shocked to find it contained records of "passwords for online accounts from 50 banks, eBay and PayPal logins, hundreds of credit card numbers and reams of personal data," according to BBC News.

Sites himself has seen individuals' retirement plans, "investments from Fidelity…all kinds of sensitive stuff."

Alex Eckelberry, president of Sunbelt, posted a warning regarding the virus on his blog on August 4th and notified the FBI of the ring's existence.

Eckelberry personally contacted several individuals and families whose information was stolen by the identity thieves. The company has been creating special programs to track down and identify the stolen credit card numbers and send them to the major credit companies, with similar plans being developed for banks, as well as PayPal and eBay.

Since the initial discovery, Sunbelt's staff has discovered four variants of the spyware program, which appear to have been utilized by the same people. The server is located in the United States, but the program appears to originate somewhere in Russia.

The "keylogger" program, called "Srv.SSA-KeyLogger", steals information by recording and logging everything a user types on their keyboard. This particular keylogger is part of a Trojan spyware program that infiltrated computers through the Microsoft Internet Explorer browser, and copied information stored in the Windows "AutoComplete" feature, such as private passwords and account numbers.

According to Sites, "everything you've done on your computer" can be found in this file.

Customary antivirus or anti-spyware software such as Symantec AntiVirus or McAfee Virus Scan will not detect this particular keylogger program, but Sunbelt is offering a free "cleaner" utility (http://research.sunbelt-software.com/ssaclean.cfm) for computers that may have been infected.

Sites also strongly recommended that Windows users install the latest security updates and patches to their software. "None of [the infected computers] had Service Pack 2 on them, and most didn't have Service Pack 1," he said. "Just use the updates and you'll be all right."

Of course, one of the best defenses against spyware -— particularly browser-related spyware -- is the Mozilla Firefox Web browser. In this case, Firefox does not possess the flaw that renders computers using Internet Explorer vulnerable to the keylogger program.



Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.


Consumer News

July 23 2008

Recent Recalls & Safety Alerts

Print, mail, etc.


FREE CONSUMER NEWSLETTERS

The Daily Consumer
Afternoons M-F
Sign up now!

Consumer News & Alerts
Every Sunday
Sign up now!

Knowledge is free.
Knowledge is power.



Back to the top |

Advertisement


Home | Rogues Gallery | Good Guys | Complaint Form | News | Recalls | Search | Video | FAQ |
Consumer Resources | Small Claims Guide | Lemon Law | Newsletter | Contact Us
Advertise With Us | Testimonials | Newsroom | RSS Feeds | Radio | Job Postings



Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice.  ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof. 

Copyright © 2003-2008 ConsumerAffairs.com Inc.  All Rights Reserved.