Phishers Arrested In Eastern Europe and US

An anonymous reader writes to let us know about the roundup of a phishing gang by the FBI and authorities in Poland and Romania. 18 arrests were made in what the FBI calls "Operation Cardkeeper." The gang has allegedly been selling stolen identities and information on credit cards and bank accounts since at least 2004. To remind us what a drop in the bucket such international operations are, the article says: "The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January."

Romania????

[adinu79]

I see nowhere in the article a mention about Romania. I know we've had our share of online scam artists, but mentioning Romania any time something like this comes along is just plain ridiculous.

Re:

[brian1078]

No, no, no... Everyone knows that Canada is the 51st state.

Re:

[Anonymous Coward]

Canada is an ice skating rink. It needs more than 12 people to qualify as a state.

Re:

[LindseyJ]

Wait, then why is Colorado a state? ;)

Re:

[Proz512]

And Wyoming is a blank square.

Re:

[LindseyJ]

Maybe if your own law enforcement could handle the problem, they wouldn't need to ask ours for help.

And stuck-up? Talk about pots and kettles...

Re:

[DenDude]

Well excuse bloody me for having had the audacity to think that I was living in a sovereign country, and being pissed when I learn that that it's not exactly the case. Apparently that counts as "stuck-up" these days.

You don't even have the balls to respond to *any* of the comment to your ignorant rants, and yet you still whine about the FBI arresting people in your country? I mean, you may not be a native english speaker, do there may be a problem with the translation, but geez dude, answer some of the ot

Re:

[DenDude]

that police force of country that BOTH has capital punishment, AND maintains Guantanamo prison (with torture, and all associated niceities)

Here is one of the problems. We do have capital punishment, and I can see why some people are against it. HOWEVER, in the extradition treaty, it is specifically stated that if one country has capital punishment, and the other does not, an agreement can be made that the person being extradited will not be executed. That would be up to your government. In fact, we had

Re:

[rkcallaghan]

DenDude wrote:

Not sure if you know this, but the major media wants the republicans out of office in a BIG way. I mean more than anything, they want them out.

I don't know this, and I would like to. Could you provide a link to any information on this?

~Rebecca

Re:

[Majik Sheff]

It's MUCH easier to name the major media organizations that aren't overtly hostile to Rebublicans (real conservative Republicans, not RINOs [wikipedia.org]).

You want examples of a leftward bias in the American media? Watch CNN for an hour and listen not only to what is reported, but how it is reported. Read a New York Times from front to back and see if you can differentiate between the political news and the editorials.

Re:

[rkcallaghan]

It's pretty easy to be to the left of the Bush administration; but that's not evidence that they "want them out of office in a BIG way". Show me where they're promoting the election fraud information, show me the cries for impeachment, something that qualifies as actually trying to get them out of office.

I haven't seen it yet. The simple fact is, the Bush administration is FAR right, much farther to the right than the democrats have ever been to the left. Compared to the rest of the world the democrat

Re:Romania????

[El Torico]

Other articles noted that the investigation includes Romania - http://www.net-security.org/secworld.php?id=4352 [net-security.org].

This article in the Washingtonn Post appears to be the most comprehensive - http://blog.washingtonpost.com/securityfix/2006/11 /14_arrested_for_credit_card_ph_1.html [washingtonpost.com]

More articles

[DeQuincey]

One from The Register: http://www.theregister.com/2006/11/03/operation_ca rdkeeper_phishing_arrests/ [theregister.com]

And the Wired article sited by The Register:
http://www.wired.com/news/technology/0,72064-0.htm l?tw=wn_index_1 [wired.com]

Convictions?

[j00r0m4nc3r]

We read about these busts quite frequently, but I wonder what percentage of these guys are actually convicted and jailed.

Re:

[ReidMaynard]

They are sentenced to eating Filet-O-Phish for eternity.

Re:

[Neon Spiral Injector]

In Romania it would be the Sheriff making them eat Mister Phish.

Re:

[Technician]

We read about these busts quite frequently, but I wonder what percentage of these guys are actually convicted and jailed.

I hope it is enough to reduce the number of e-mail messages I get telling me of problems with my non-existant e-bay account.

Moo

[Chacham]

An anonymous reader writes to let us know about the roundup of a phishing gang by the FBI and authorities in Poland and Romania.

Poland and Romania have an FBI?

Re:

[DenDude]

No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

I guess you missed the part of the article that stated:

Working with international authorities, the FBI also assisted in the arrests of 11 people in Poland believed to be connected to a network of online fraud forums. The FBI said it had traced a series of phishing attacks from late 2004 back to members of the Polish ring. (emph

Re:

[LindseyJ]

When people in YOUR country steal credit card information from people in MINE, I sure as hell hope someone over here is doing something about it.

Idiotic finger-pointing aside, this is perfectly standard international policing pracitce. If you live in a country where your government won't protect its citizenry from international criminals, then I frankly feel sorry for you.

*Waits for the anti-americanites to come out of the woodwork to jump all over that set-up*

Re:

[DenDude]

But is' okay only when it's Amercans arresting other people isn't it? When american citizen comes to Poland, murders someone, and manages to escape to the USA he will not be extradited, but the other way - sure, any day.

Recalling the Extradition Treaty and accompanying Protocol between the United States of America and the [*16] Republic of Poland signed at Warsaw November 22, 1927 and the Supplementary Extradition Treaty signed at Warsaw April 5, 1935

Look at the dates, surely that can't be right... oh y

Re:

[Phormion]

Recalling the Extradition Treaty and accompanying Protocol between the United States of America and the [*16] Republic of Poland signed at Warsaw November 22, 1927 and the Supplementary Extradition Treaty signed at Warsaw April 5, 1935

Dunno about Poland, and I don't mean to support the GP's general US bashing, but there were at least two cases of American soldiers who've killed people in car accidents in Romania, only to be quickly taken out of the country and made to stand a mock trial in the States, w

Re:

[Mister Whirly]

RTFA moron - the FBI didn't arrest anybody in Poland. Nor could they, they only have jurisdiction to arrest in the US. They can assist other countries law enforcement, by I assume, giving them intelligence and information on the subjects. And the USA would extradite anybody that committed a capital crime in Poland - which you could have found out yourself if you would used the minute it took to write your ignornace filled post to actually learn something. I don't know where you are from, but please post so

Re:

[loraksus]

The FBI and DEA took part in raids and traffic stops up here in Canada a while back. Supposedly in an "advisory" role only, but there were cases where they were pointing guns at Canadians...

Re:

[Mister Whirly]

They can point all the guns they like with the Canadian Authorities approval - they just can't actually "arrest" anybody. I'm sure the US authorities were there because the case involved trafficing into the US. I'm guessing the US DEA has a little more experience with that kind of stuff than the Canadian DEA or equivalent, which was probably the other reason they were involved.

Territory + law enforcement = yes

[AdamD1]

Everybody seems to be missing a pretty crucial point here:

If I'm a bank, and I am based in the US (say: CitiBank, or Wells Fargo, both of whom have been victims of numerous phishing attacks) and if I am the victim of an international gang who phishes my customers: guess who I have to go to to investigate? Usually the FBI and / or the SEC. If the criminals behind the phishing attack are found to be in a country other than the US, *usually* INTERPOL gets involved so they can then point me (or the FBI / SEC) t

Re:

[loraksus]

It was a "training" type situation where the DEA folks were telling the RCMP who (as in what to look for) to stop and search. Which I'm ok with, it's just the "get secretly invited to the country and take part in arrests and carry handguns possibly without the proper paperwork, licenses etc" thing that is a bit disturbing.

It is basically impossible to get a carry permit up in Canada (you need written permission from "some guy" and have it planned weeks or even months in advance, etc.

Re:

[Mister Whirly]

The invation wasn't "secret" - the US DEA was helping the Canadian law enforcement in an official capacity. It's not a big deal or a conspiracy - they were just offering them training and probably intelligence gathering techniques. And if the DEA agents are certified with their firearms, I'm sure it is quite legal to bring them into Canada, especially if they are working with the blessing of the Canadian government. I realize it may be harder for Canadian citizens to get conceal and carry permits, but I am

Re:

[Anonymous Coward]

The FBI didn't arrest anybody in Poland. They arrested some people in Ohio, and provided information to the Polish authorities. And as far as I can tell, the only ones being charged under US law are the US citizens - those arrested in Poland will face trial there according to local law.

Re:

[jedrek]

No, we sure as bloody hell don't. So the real question is - what the **** is YOUR police force doing in MY country?! Who gave them the authority to arrest anyone on Polish soil?!

The FBI has an office in Warsaw and they work with the polish police and the CB all the time. I know a guy who got a binder prepared by the FBI during the discovery period of his CC fraud case in the mid 90s.

Tak w ogole, to niezla reakcja... niezle z dupy.

...if my mail is any indication...

[mythosaz]

...then things are at an all-time high. I can hardly delete fake PayPal, eBay and banking phishing emails fast enough. I do legitimate eBay sales and the phishers get more sophisticated every day -- well, at least their formatting has gotten better.

Not really just a drop in the bucket

[TheFlyingGoat]

The Washington Post is slashdotted, so I can't read the article, but I doubt this is just a "drop in the bucket". A group of 18 is likely to have more than a single phishing website. More than likely they'd have over 100. That's still just 1% of the sites out there, but it's at least something. Also, if there were other people in this phishing group, those people would be stongly deterred from phishing in the future. It also serves as a preventative against additional people getting into phishing. At least something is being done about these crimes.

Re:

[RareButSeriousSideEf]

Probably more than that even, especially if they have any sense of templating & code re-use.

I hope we find out. It'd be nice to get some forensic details on their operation out into the open.

no mention to Romania in the article

[swatthatfly]

I read nothing about Romania. The article talks about US and Polish citizens. Maybe anonymous submitters should be scrutinized a tad more by the editors.

Arresting these people is pointless

[cdrguru]

They haven't committed any crime in their own country, for starters. They may not have committed any crime in the USA, either. I am completely unaware of any laws against tricking someone into giving out their banking information.

The Internet is pretty much a consequences-free zone. You can do anything you like there, such as stealing or what would be considered a hate crime in the offline world and never get prosecuted for it. You can see examples of this every day. And just about every "Internet pros

Re:

[novus ordo]

What if somebody writes their banking information on their forehead and walks around? Would everyone that took note or memorized it be breaking the law? What happened to personal responsibility? I have seen scams worse than this in the "real world" and the people never get prosecuted. They hide behind their small print and their armies of lawyers, not the Internet. So much for justice.

Re:

[ShibaInu]

Dude, you can memorize my banking information all you want. However, if you fucking take money from me without authorization, that is theft and is illegal pretty much everywhere. Your stupid rant about personal responsibility is sadly misplaced - how about not trying to rip people off?

Re:

[novus ordo]

No, sorry wrong. You fail to realize what phishing is all about. You give your information away voluntarily. Nobody breaks into your house, rapes your dog and steals your kittyfood. It's no different than any other scam. When you give your information away like that you place your responsibility into someone else's hands. Sure, they are responsible for any abuse, but you are responsible for providing that information. I don't care where you are, but giving somebody your wallet because they "Wanted to look a

Re:

[FusionDragon2099]

Having the banking information is not the crime. Obtaining it by posing as a legitimate business and then cleaning out bank accounts is.

Re:

[Bing Tsher E]

And AFAIK ripping people off is not illegal, it's called "business."

I doubt if 'ripping people off' has any legal defintion at all.

Nice ad homeim about 'business' there, btw. I take it you sell the Militant on your days off.

Re:

[sobachatina]

Tricking someone out of their bank account info is fraud and using that info to debit money without authorization is theft- both of these are illegal of course.

These people may not have committed a crime in their country but that is what extradition is for.

I agree completely with you that the best solution is educating internet users however this justifies the criminal behavior of these phishers not at all.

Re:

[kbob88]

I am completely unaware of any laws against tricking someone into giving out their banking information.

Ever hear of fraud?

Re:

[Mister Whirly]

"The Internet is pretty much a consequences-free zone."

I see people that think like this all the time being busted trying to meet 13 year olds for sex on Dateline MSNBC... And anything you do on the internet is as illegal as doing it in the real world - being online isn't like being in "international waters" or anything...

Re:

[mgblst]

being online isn't like being in "international waters" or anything...
 
But it is, I can say anything I won't on an online forum or instant message, there is nothing illegal.

It is when you use the internet to do illegal things in the real world. I can arrange to meet a 13 year old kid for sex as much as I want, but when I actually turn up, that is when it gets illegal. I can offer to sell you a bridge every day, but when I actually take your money, that is when problems arise.

Re:

[jedrek]

The Internet is pretty much a consequences-free zone.

Only in some ways. For example, it allows you to talk out your ass with an air of authority.

As much as you'd like to think the laws in Europe and the US differer oh so much, they don't. Stealing is stealing, and it's pretty much illegal everywhere in the world that has running water. I don't know about Romania, but in Poland you can and will do time for CC fraud, bank fraud and income tax evasion. With our strict personal data laws, you can get time for s

Operation Cardkeeper?

[HolyCrapSCOsux]

Who comes up with operation names? And why? Might be a bit offtopic, but seriously. Cardkeeper? What about operation Gone Phishing?

Re:

[griffjon]

Or "Operation Phishers of Phishers of Men"

Re:

[Briareos]

"Operation Phisherman's Phriend?"

Or do they phear being litigated by L0phthouse? :P

np: Underworld - Pizza For Eggs (RiverRun Project)

Re:

[shdwclone]

Hey, I got my rod and tackle box ready! Did someone say Mission Impossible? Sierr! Then again that dream I had last night about the Loch Ness Monster, reeling it in, that was a nightmare - call that a mission impossible! Ops, Sorry off the topic! Just that "gone phishing" triggered ME memory path, and my instincts just wondered off with imagination.

Re:

[mgblst]

There is one guy who comes up with all the names. That is his whole job. I think he may be related to the president. Well worth it.

A Bad Day At Work...

[Esion Modnar]

beats a good day phishing. At least if you're these guys.

Interesting

[Anonymous Coward]

To remind us what a drop in the bucket such international operations are, the article says: "The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January."

Yes, and of course, dont forget the webstandard ..... one web site per person.

If we can count them...

[Nom du Keyboard]

more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January.

If we can count them, why can't we shut them down?

Re:

[foamrotreturns]

If we can count them, why can't we shut them down?

Because they are hosted in countries over which US law enforcement has no jurisdiction. Eastern Europe is the biggest culprit, but they are found all over the world. It's not like we can just march in there and unplug their Internet connections.

Re:

[TubeSteak]

If we can count them, why can't we shut them down?

10,000 phishing sites is probably an extrapolation based on some small sample. That's usually how such numbers are made up.

I seriously doubt they actually counted sites, though anti-phishing companies would be a good resource for real figures.

Re:

[Mister Whirly]

Yep, it's probably an educated guess. Kind of like when the DEA starts quoting figures about what percentage of drugs they are stopping from entering the US. If they don't know how much they aren't stopping, how the hell can the come up with a percentage of drugs they are stopping??

Re:

[Zedrick]

If we can count them, why can't we shut them down?

We can, and we do - but it doesn't help much. I work for a fairly large webhost, and shut down 10-15 phishing sites per day. Next day there are 10-15 new ones, thanks to morons who are using outdated CMS'es/phpBB's or just people who have no idea what they're doing and gets their index.php injected.

Re:

[Gunstick]

do you do it proactive? Like run a search robot on new files if they are copies of bank sites. Or run some network scanner which triggers an alarm if it sees the login page of yahoo/ebay/paypal etc fly by. It could even drop the connection...

If you are annoyed by the 15 sites to shut down because people email you that there are phish sites up, it is more interesting to not make it possible to run phishing sites in the first place. The hackers will get annoyed and move to another ISP.

good ida? bad idea?
I kno

Shoulda had a license

[the_wishbone]

Here in Virginia, you can get a phishing license for like $10 at tons of different places...no need to steal identities to get them, they hand them out to just about anyone. I don't know what these guys were thinking...

Re:

[pushf popf]

I like that a lot! It could be a SpamAssassin plugin. If the mail server gets a confirmed phish (verified with a phishing DB), it could go to the website and start filling in the form. Again and Again.

The reverse authentication problem

[140Mandak262Jamuna]

I have seen all kinds of tough authentication systems. My friend used to carry around a key fob with a random number generator that changes every minute. Along with his user id and password he needs to supply this random number to access his cray account. And I have seen others carrying a credit card sized challenge-and-response thingie from RSA. But all these elaborate measures are used to autheticate the user for the server.

In the phishing scenario, the user has to authenticate the server. That is the crux of the problem. The user base is vast and their technical expertise varies significantly. There is an urgent need to let the users spot phishing attacks easily and reliably. All the banks and financial institutions know it is a looming problem, still they dont do anything. Finally some lawyer sues some bank and suddently the pendulam will swing all the way to the other end and the banks will make us ALL jump through hoops of fire just to log in.

Erratum: U.S.A. and Poland, not Romania

[Corson]

The article cited mentions cyber criminals in the U.S.A. and Poland, not Romania.

authorities in Poland and Romania

[alx.slashdot]

Where's Romania in this article? I can't seem to find any reference to it...

No mention of Romania

[mihaicapota]

There is no mention of Romania in the article.

Romanian redundancy

[tom_75]

Yeah, I know this is redundant, but you shouldn't tarnish Romania's reputation. It's bad enough that we have to use only European online banking sites for legitimate money transfers, cause the Americans have us classified as "card-stealing plague". I know we've had to deal with our share of malicious people, but we're pretty much out of the Middle Ages now, you know... It's really annoying when you try to buy/sell stuff through E-bay and you want to sign up for a Paypal account, only to notice that your co