Location : Mumbai .. Jan 29, 2009
Caught: Mmereole a Nigerian resident using the alias of Dr Wada Nass
Incident:
Nigerian email Scam a.k.a. 419 Scam
Kudos to Mumbai Police Cyber Crime cell for their success in arresting a Nigerian national on charges of fraud.
A Mumbai resident reported the scam offer to the cops and they trapped Mmereole accepting an advance against the "shipping and processing fees" that were to be paid.
As we all know the Nigerian or the 419 Scam is the oldest one running on the Net and this has been followed by many more sophisticated scamming schemes. However, this one does not seem to die or go away. According to the report India is a favorite hunting ground for the scamsters which is not surprising considering our strong belief in destiny / fate / God's will :)
Lucky Mr Arvind who smelt something fishy and went to the cops.
Comment:
On a lighter note the name used by this Nigerian was Dr Wada Nass and in Punjabi this can read "बड़ा नास " which means 'big loss" .......... I wonder if the Nigerian knew this and was having an additional secret laugh while running he scam :)
Media reports:
DNA, Mumbai : Nigerian held for lottery fraud
Friday, January 30, 2009
Thursday, January 29, 2009
Indian IT professional at Fannie Mae - planting malicious software
PS: This has not happened in India but a person and company of Indian Origin is involved.
Location: USA
Jan 29, 2009
Perpetrator: Rajendrasinh Babubhai Makwana
Amount : x
Incident:
Planting malicious software, unauthorized access, delayed termination of user account
Mr Makwana was on contract at Fannie Mae and his employers are / were Omnitech. He was terminated on Jan 24, 2009 and after he left his ID was not disabled until late in the evening.
Unfortunately for Makwana, and fortunately for Fannie Mae, another engineer 'accidentally' discovered the logic bomb and reported this and they brought the systems down and avoided a disaster waiting to happen.
So here we have another Indian IT professional in the news for the wrong reasons :( and thank God again that he is not from Satyam else one can imagine the additional big stink.
Fannie Mae erred in not revoking his access immediately since he seems to have indulged in all the malicious activity after he was terminated. He should not have logged in to the systems after being terminated, and I must say that most people try to use the official credentials after leaving the organization. And many a time, it works !
On a lighter note.... a number of responses to the articles mentioned below felt bad that the records / systems were not decimated by Makwana's bomb as it would have wiped out the records of a lot of defaulters ! .... maybe this would have cleared the backup too !!
Media Coverage:
DC Examiner: Ex-Fannie Mae worker charged with planting computer virus
eWeek: Fired Engineer at Fannie Mae Accused of Planting Malware Time Bomb
WIRED: Fannie Mae Logic Bomb Would Have Caused Weeklong Shutdown
ZD Net : Fannie Mae IT contractor indicted for planting malware; Mortgage giant didn’t revoke server privileges
Location: USA
Jan 29, 2009
Perpetrator: Rajendrasinh Babubhai Makwana
Amount : x
Incident:
Planting malicious software, unauthorized access, delayed termination of user account
Mr Makwana was on contract at Fannie Mae and his employers are / were Omnitech. He was terminated on Jan 24, 2009 and after he left his ID was not disabled until late in the evening.
Update Feb 04, 2009....... As per statements from FBI there is a goof up in naming Makwana's employer - it is not OmniTech but another company Ionlabs. And Ionlabs have said that he is not their employee but belongs to Marlabs, NJ.Well Makwana accessed the system when he was not supposed to be doing this, created a directory, wrote and parked a few scripts which would wake up at 9 am to check the date. And if the date was Jan 31, 2009 - all hell was to break loose.
Now this is what I term surprising ! I mean it is so simple - FBI checks this guy's passport and the H-1 papers and it has to have his sponsoring employer's name ?? Duh !! Why are we having this runaround with different companies being named.
Or, for God's sake - ask Makwana ! One guy says I placed him, the other says I paid him the the guy who brought him in is not traceable. Bet there is another black hole here.
And yes......... Makwana has pleaded 'not guilty' ! Hello am I hearing this right ? I mean you have the deck stacked against you with incriminating evidence and you are not guilty. Cool.
Unfortunately for Makwana, and fortunately for Fannie Mae, another engineer 'accidentally' discovered the logic bomb and reported this and they brought the systems down and avoided a disaster waiting to happen.
So here we have another Indian IT professional in the news for the wrong reasons :( and thank God again that he is not from Satyam else one can imagine the additional big stink.
Fannie Mae erred in not revoking his access immediately since he seems to have indulged in all the malicious activity after he was terminated. He should not have logged in to the systems after being terminated, and I must say that most people try to use the official credentials after leaving the organization. And many a time, it works !
On a lighter note.... a number of responses to the articles mentioned below felt bad that the records / systems were not decimated by Makwana's bomb as it would have wiped out the records of a lot of defaulters ! .... maybe this would have cleared the backup too !!
Media Coverage:
DC Examiner: Ex-Fannie Mae worker charged with planting computer virus
eWeek: Fired Engineer at Fannie Mae Accused of Planting Malware Time Bomb
WIRED: Fannie Mae Logic Bomb Would Have Caused Weeklong Shutdown
ZD Net : Fannie Mae IT contractor indicted for planting malware; Mortgage giant didn’t revoke server privileges
Himachal Pradesh (HP) - Email fraud
Location: Hamirpur (HP)
Jan 2009
Perpetrator: Unknown
Amount: Rs. 200,000 (US 40K)
Incident:
Email Fraud / Lottery / Nigerian Scam
I came to know that a case of email fraud has been registered with the Police in HP. From the details I got, it seems this is a Lottery / Nigerian 419 scam and someone fell for it and has lost money.
The cops have been able to identify the bank accounts and cellphones. The criminals used fake information for all accounts and are yet to be identified or arrested. The victim deposited money into multiple accounts and this leads me to believe that this was a Lottery or a 419 scam.
BTW I am a member of Open Security Alliance and we plan to have a repository of scam emails and guidance on how to spot / avoid / report this.
Comment:
It is true .. a sucker is born every minute ! and the world of the internet gets more than one newbie user every second.
Media: ! ? !
Jan 2009
Perpetrator: Unknown
Amount: Rs. 200,000 (US 40K)
Incident:
Email Fraud / Lottery / Nigerian Scam
I came to know that a case of email fraud has been registered with the Police in HP. From the details I got, it seems this is a Lottery / Nigerian 419 scam and someone fell for it and has lost money.
The cops have been able to identify the bank accounts and cellphones. The criminals used fake information for all accounts and are yet to be identified or arrested. The victim deposited money into multiple accounts and this leads me to believe that this was a Lottery or a 419 scam.
BTW I am a member of Open Security Alliance and we plan to have a repository of scam emails and guidance on how to spot / avoid / report this.
Comment:
It is true .. a sucker is born every minute ! and the world of the internet gets more than one newbie user every second.
Media: ! ? !
Mumbai - Fraudulent email using Nasscom name
Location: Mumbai (Thane) Jan 24, 2009
Perpetrator : Maanendra Singh from Ma Foi Consultants
Incident:
Fraudulently using the Nasscom name in an email.
He set up an email account on Yahoo! India (rohit.nasscom@yahoo.co.in) and used this address to send mails to IT companies asking them to share company information to include in a Manager's directory being prepared by Nasscom. In the emails he used the name Rohit Chopra introducing himself as an event director at Nasscom.
One of the companies he approached was Kale Consultants. They suspected the email to be a fraud and contacted Nasscom. A quick investigation identified the IP address and traced the email to Singh who was arrested by the Thane Police Cyber Cell.
Comment:
Singh and so many such users are not aware of the fact that the internet 'tags' you and what you do. People think that because they are in the comfort / privacy of their home or in a dark corner in a cybercafe no one can see them while they indulge in such criminla activities.
Unfortunately they forget the 'footprints' any communication picks up along the way from their keyboard(s) to the destination. And then there are so many telltale signs that evolve from any such act.
People like Singh are like petty thieves - first timers who indulge in shoplifting just for a lark. And then they cry "sorry" when caught. Unfortunately, a crime is a crime - small or big and the law then takes it's own course.
Cybercrimes are new additions to the world of crime and criminology so the treatment is different since the law enforcement establishment is also learning the ropes. Unfortunately petty cyber criminals will face stricter reactions than regular petty thieves so it is better to desist !
Better go shoplifting or pick a pocket :)
Media Coverage:
Hindustan Times Jan 25, 2009
Perpetrator : Maanendra Singh from Ma Foi Consultants
Incident:
Fraudulently using the Nasscom name in an email.
He set up an email account on Yahoo! India (rohit.nasscom@yahoo.co.in) and used this address to send mails to IT companies asking them to share company information to include in a Manager's directory being prepared by Nasscom. In the emails he used the name Rohit Chopra introducing himself as an event director at Nasscom.
One of the companies he approached was Kale Consultants. They suspected the email to be a fraud and contacted Nasscom. A quick investigation identified the IP address and traced the email to Singh who was arrested by the Thane Police Cyber Cell.
Comment:
Singh and so many such users are not aware of the fact that the internet 'tags' you and what you do. People think that because they are in the comfort / privacy of their home or in a dark corner in a cybercafe no one can see them while they indulge in such criminla activities.
Unfortunately they forget the 'footprints' any communication picks up along the way from their keyboard(s) to the destination. And then there are so many telltale signs that evolve from any such act.
People like Singh are like petty thieves - first timers who indulge in shoplifting just for a lark. And then they cry "sorry" when caught. Unfortunately, a crime is a crime - small or big and the law then takes it's own course.
Cybercrimes are new additions to the world of crime and criminology so the treatment is different since the law enforcement establishment is also learning the ropes. Unfortunately petty cyber criminals will face stricter reactions than regular petty thieves so it is better to desist !
Better go shoplifting or pick a pocket :)
Media Coverage:
Hindustan Times Jan 25, 2009
Friday, January 23, 2009
Satyam Computers... tracking the muck.......
Yes, I have decided to start tracking the lies and deceit. There is a lot happening here...
Update Jan 31, 2009
- The Enforcement Directorate is going to look at Satyam / Raju and they seem to have swung into action based on the media reports. They are to investigate money laundering and foreign exchange regulation violations. Surely
- SEBI and SFIO are yet to get to speak to Raju ! Is this surprising ? I mean like why does any company have to listen to SEBI etc if they don't even have the power to question a self confessed CEO of a listed company. And the Government does not show any will to face up to the state government either. I shall write about this in a separate blog sometime and am waiting for my blood to boil some more.
- The CID is questioning Raju and his gang. At the same time they say that the CID is not equipped (or does not have the expertise) for investigating financial frauds. Of course ! They are not financial guys so how do we expect them to get a proper act in place or how can we expect them to keep evidence that will stand up in court.
- Satyam employees are grappling with the fear of losing the money they have put up as employment bonds with the company.
- The board has yet to announce their selection of a CEO and CFO. The Board meets and the Chairman's position is rotated amongst all present.
- Maytas, run by Raju's sons is also in trouble so let's keep watching.
Jan 24, 2009
- PwC Auditors are arrested. ... Gopalakrishnan and Talluri were taken into custody. About time PwC came clean on the dubious role in the Satyam affair. I am at a loss to understand how (or why) PwC continued with Gopalakrishnan - I read about his role in Global Trust Bank and DSQ which were two big accounts that messed with public trust and money. In both cases he was censured and he is in the eye of the storm here too.
Does not look good at all for decision makers at PwC. In fact things really do not look good for PwC (?) and if it turns out well for them, we shall be looking at a system which has "well meaning" window dressing. Don't we all know it and live with it !!
- Raju continues to languish in jail and his intentions are dissected by all. All his family are being investigated and they must all be hopping mad.
Like I said earlier, it remains to be seen how far this goes and how strong is the political will to carry out the will of the law.
The score remains at 7000 odd crores and the share meltdown contributed to a loss in market cap of about 23,000 crores. Figure that out for yourself in dollars.
- L & T is running hard to get it's hands on Satyam. I don't like it because I am a marginal investor and have always liked this company. Now, as a result of their race to take over Satyam their current market price is around 690 which is bad :(
Guys you want to buy it, then identify the chunk you want. Stay away from it as a whole please.
Yes, there is iGate too and they have identified their interest in the BPO operations. That's wise and good. It's their core business and makes sense.
Jan 23, 2009
- The prosecution presented their case in court opposing Raju's bail - one of the startling disclosures they made is that the Satyam head count is not 53,000 and is overstated by about 13,000 as per the confessions they have from Raju and his ex_CFO.
Of course Raju's attorney went to town saying this is untrue and that his client has not made any confession wich is also correct since this was something disclosed by the ex-CFO Srinivas.
That gets Raju a cool Rs. 20 cr ($ 4 m) every month.
And it remains to be seen how much more is disclosed.
The fact is that Raju siphoned tons of money to buy land across the state and country. Lots of it is "benami" which means that the transaction is done by someone who is a front for the actual owner.
- I saw a some stuff where people are coming out in the media with their support for Raju saying that they owed their life to him. Well you are right in acknowledging your debt to someone, and it is your bad luck that this person is a criminal.
And please do not say that he did not kill anyone and a murderer is worse than a petty thief but remember both are criminals. And Mr R is not a petty thief, he has gypped 1.2 billion dollars (7000 crore rupees) and that is not a small number.
People in this country make 7000 rupees a month !!! and they ge by with that type of wage !
If Satyamites or Rajuites or his villagers are so highly indebted to Mr R I would not trust them in any company and they will be well placed to continue to work in the sinking / floating Satyam. And they can wait for the rising of R.
Well there are people who worship Jack the Ripper too, so this is a small deal ! What ?
- Raju's confession was a fishy one - read it closely and he is just telling you how helpless he was in the face of the tiger he spawned. When I read it I remember I had a big laugh. He glibly mentions how nice he was not to take any money and now we know he did not need to take it legitimately since he was anyway raping and milking the company at the same time.
He sounds oh so noble when he talks about not profiting but what about the land he bought and the money he gave his sons and villagers and his political / business benefactors.
Well he was a very strong force in the state and even got a Golden Peacock to prove it so does the world really believe him.
- Jail in India is a cakewalk for him and his connections seem to be helping keep him away from the Serious Fraud office. If only he can be sent to the US - "maloom padhega aatey daal ka bhav" which means he will realize the cost of cheating.
Update Jan 31, 2009
- The Enforcement Directorate is going to look at Satyam / Raju and they seem to have swung into action based on the media reports. They are to investigate money laundering and foreign exchange regulation violations. Surely
- SEBI and SFIO are yet to get to speak to Raju ! Is this surprising ? I mean like why does any company have to listen to SEBI etc if they don't even have the power to question a self confessed CEO of a listed company. And the Government does not show any will to face up to the state government either. I shall write about this in a separate blog sometime and am waiting for my blood to boil some more.
- The CID is questioning Raju and his gang. At the same time they say that the CID is not equipped (or does not have the expertise) for investigating financial frauds. Of course ! They are not financial guys so how do we expect them to get a proper act in place or how can we expect them to keep evidence that will stand up in court.
- Satyam employees are grappling with the fear of losing the money they have put up as employment bonds with the company.
- The board has yet to announce their selection of a CEO and CFO. The Board meets and the Chairman's position is rotated amongst all present.
- Maytas, run by Raju's sons is also in trouble so let's keep watching.
Jan 24, 2009
- PwC Auditors are arrested. ... Gopalakrishnan and Talluri were taken into custody. About time PwC came clean on the dubious role in the Satyam affair. I am at a loss to understand how (or why) PwC continued with Gopalakrishnan - I read about his role in Global Trust Bank and DSQ which were two big accounts that messed with public trust and money. In both cases he was censured and he is in the eye of the storm here too.
Does not look good at all for decision makers at PwC. In fact things really do not look good for PwC (?) and if it turns out well for them, we shall be looking at a system which has "well meaning" window dressing. Don't we all know it and live with it !!
- Raju continues to languish in jail and his intentions are dissected by all. All his family are being investigated and they must all be hopping mad.
Like I said earlier, it remains to be seen how far this goes and how strong is the political will to carry out the will of the law.
The score remains at 7000 odd crores and the share meltdown contributed to a loss in market cap of about 23,000 crores. Figure that out for yourself in dollars.
- L & T is running hard to get it's hands on Satyam. I don't like it because I am a marginal investor and have always liked this company. Now, as a result of their race to take over Satyam their current market price is around 690 which is bad :(
Guys you want to buy it, then identify the chunk you want. Stay away from it as a whole please.
Yes, there is iGate too and they have identified their interest in the BPO operations. That's wise and good. It's their core business and makes sense.
Jan 23, 2009
- The prosecution presented their case in court opposing Raju's bail - one of the startling disclosures they made is that the Satyam head count is not 53,000 and is overstated by about 13,000 as per the confessions they have from Raju and his ex_CFO.
Of course Raju's attorney went to town saying this is untrue and that his client has not made any confession wich is also correct since this was something disclosed by the ex-CFO Srinivas.
That gets Raju a cool Rs. 20 cr ($ 4 m) every month.
And it remains to be seen how much more is disclosed.
The fact is that Raju siphoned tons of money to buy land across the state and country. Lots of it is "benami" which means that the transaction is done by someone who is a front for the actual owner.
- I saw a some stuff where people are coming out in the media with their support for Raju saying that they owed their life to him. Well you are right in acknowledging your debt to someone, and it is your bad luck that this person is a criminal.
And please do not say that he did not kill anyone and a murderer is worse than a petty thief but remember both are criminals. And Mr R is not a petty thief, he has gypped 1.2 billion dollars (7000 crore rupees) and that is not a small number.
People in this country make 7000 rupees a month !!! and they ge by with that type of wage !
If Satyamites or Rajuites or his villagers are so highly indebted to Mr R I would not trust them in any company and they will be well placed to continue to work in the sinking / floating Satyam. And they can wait for the rising of R.
Well there are people who worship Jack the Ripper too, so this is a small deal ! What ?
- Raju's confession was a fishy one - read it closely and he is just telling you how helpless he was in the face of the tiger he spawned. When I read it I remember I had a big laugh. He glibly mentions how nice he was not to take any money and now we know he did not need to take it legitimately since he was anyway raping and milking the company at the same time.
He sounds oh so noble when he talks about not profiting but what about the land he bought and the money he gave his sons and villagers and his political / business benefactors.
Well he was a very strong force in the state and even got a Golden Peacock to prove it so does the world really believe him.
- Jail in India is a cakewalk for him and his connections seem to be helping keep him away from the Serious Fraud office. If only he can be sent to the US - "maloom padhega aatey daal ka bhav" which means he will realize the cost of cheating.
Monday, January 19, 2009
Email Threats .... various incidents
Jan 12, 2009
Mumbai
Hotel Leela Kempinski received two emails threatening to blow it up. The sender made a ransom demand of $ 130,000.
The email gave no details of the sender or the drop place for the amount and is believed to be a hoax !
Media Report:
Press Trust of India: Five star hotel gets threatening emails; security increased
Mumbai
Hotel Leela Kempinski received two emails threatening to blow it up. The sender made a ransom demand of $ 130,000.
The email gave no details of the sender or the drop place for the amount and is believed to be a hoax !
Media Report:
Press Trust of India: Five star hotel gets threatening emails; security increased
Spear Fishing.... from Ghana to Kochi with Love but unsuccessful !
Location: Kochi, Kerala
Victim: The Metro Film Society (M Gopinathan)
Perpetrators: Unknown from Ghana
Amount: $ 1600 - was demanded but not paid
Incident:
The email account and blog of the Metro Film Society was hacked. A mail sent out purportedly by M Gopinathan saying that he was stuck in Ghana and appealing for $ 1600 to meet immediate expenses with the request that this be sent through MoneyGram / Western Union.
Of course, this was a hoax and (thankfully) no one sent any money.
The Film Society is recreating their blog and setting up a new email address.
Comments:
Organizations tend to use free public email services like gmail / hotmail without any thought about the security of their (official) communication and the security of the same. In addition to the safety / security of the data and the account they have no traceability of the mails sent through the accounts.
Either they must operate mails through their own server (best practice) where they have control or they must go in for paid accounts on the free mail services.
The primary objective is to have control on your data and to ensure the sanctity and security of the same.
Media Reports:
Ghana Business News : Indian Film Society's e-mail hacked in Ghana
Victim: The Metro Film Society (M Gopinathan)
Perpetrators: Unknown from Ghana
Amount: $ 1600 - was demanded but not paid
Incident:
The email account and blog of the Metro Film Society was hacked. A mail sent out purportedly by M Gopinathan saying that he was stuck in Ghana and appealing for $ 1600 to meet immediate expenses with the request that this be sent through MoneyGram / Western Union.
Of course, this was a hoax and (thankfully) no one sent any money.
The Film Society is recreating their blog and setting up a new email address.
Comments:
Organizations tend to use free public email services like gmail / hotmail without any thought about the security of their (official) communication and the security of the same. In addition to the safety / security of the data and the account they have no traceability of the mails sent through the accounts.
Either they must operate mails through their own server (best practice) where they have control or they must go in for paid accounts on the free mail services.
The primary objective is to have control on your data and to ensure the sanctity and security of the same.
Media Reports:
Ghana Business News : Indian Film Society's e-mail hacked in Ghana
Subscribe to:
Posts (Atom)
Posts
