Friday, June 6, 2008

Quote of the day

Quote of the day

Fascism should more appropriately be called Corporatism because it is a merger of State and corporate power.

Benito Mussolini

New IT Term of the day

New IT Term of the day


Pronounced “peep” and short for Protected Extensible Authentication Protocol, a protocol developed jointly by Microsoft, RSA Security and Cisco for transmitting authentication data, including passwords, over 802.11 wireless networks.

PEAP authenticates wireless LAN clients using only server-side digital certificates by creating an encrypted SSL/TLS tunnel between the client and the authentication server. The tunnel then protects the subsequent user authentication exchange.

Hidden messages buried in VoIP chatter

STEGANOGRAPHY : Hidden messages buried in VoIP chatter

By John Leyden

3rd June 2008


Polish researchers have revealed the many ways you can hide messages within the bit stream of Voip phone calls.

If secret policemen didn't like Skype and its IP telephony cousins before, they'll really hate it now.

Burying hidden message in internet phone calls represents the latest evolution of steganography. Steganographic techniques for hiding messages have been around for as long as cryptography and have evolved with technology. Steganography once included messages hidden in wax tablets by the ancient Greeks and invisible ink and microdots on paper. Now it involves concealing messages within digitally transmitted images or sound files.

The advantage of steganography over simply scrambling messages using cryptographic techniques is that potential eavesdroppers don't know what to listen to. Subtle changes to images, the content of spam messages or a little extra noise in voice over IP communications are hard to detect and impossible to decipher without knowing that a message is there and applying appropriate unbundling and deciphering software.

The possibility of dropping hidden messages within the lowest bits of noisy sound files is not new in itself. Wojciech Mazurczyk and Krzysztof Szczypiorski, security researchers at Warsaw University of Technology, Poland, have extended this work to show how steganography techniques might be used to create a covert communications channel within VoIP streams.

In particular the researchers have developed two new techniques that exploit the fact that VoIP systems tolerate packet loss and have built-in redundancy. One approach exploits unused fields in the RTCP (Real-Time Control Protocol) and RTP (Real-Time Transport Protocol) protocols to transmit hidden messages. Another technique used delayed audio packets to hide covert communications. Mazurczyk and Szczypiorski's paper also goes through many other possible techniques for VoIP steganography.

In an experiment the researchers were able to covertly transmit more than 1.3 Mbits of data in one direction during a VoIP call lasting nine minutes, the average time for such calls. Mazurczyk and Szczypiorski found that protocol steganography was by far the quickest way to transmit covert messages.

Law enforcement officials have expressed frustration about the difficulty of deciphering VoIP messages made by suspected terrorists using Skype. Leaked documents suggest German cops have commissioned the development of software to intercept Skype VoIP communications and SSL transmissions.

This difficulties exist because of the cryptography natively employed by Skype without even considering the complicating factor of steganography.

Mazurczyk and Szczypiorski's paper on Steganography of VoIP Streams can be looked at (pdf format) (http://arxiv.org/ftp/arxiv/papers/0805/0805.2938.pdf).

German government backs enhanced

BIG BROTHER : German government backs enhanced surveillance

By Judy Dempsey

June 4, 2008


BERLIN: Despite strong criticism from the opposition and even its own coalition partners, Chancellor Angela Merkel's government agreed Wednesday to give Germany's police forces greater powers to monitor homes, telephones and private computers, maintaining that an enhanced reach would protect citizens from terrorist attacks.

But opposition parties and some Social Democrats who share power with Merkel's conservative bloc criticized the measures in the draft legislation, saying they would further erode privacy rights that they contend have already been undermined, after revelations of recent snooping operations conducted by Deutsche Telekom, one of the country's biggest companies.

Deutsche Telekom had for some time been monitoring calls of its employers, despite federal regulations on strict data protection.

The proposed legislation would for the first time give federal police officers the right to take preventive measures in cases of suspected terrorism.

The bill, for example, calls for video surveillance of private apartments, online computer searches and phone monitoring.

But the nature of the surveillance, which would require the approval of the Bundestag, the lower house of Parliament, has worried many Germans, with some commentators recalling the Nazi past and its vast machinery of spying. They also point to the more recent role of the Stasi, the hated secret police in the once Communist-ruled East Germany, which established a pervasive system of keeping tabs on almost everyone in the country.

The draft law was fashioned after months of intense debate led by Wolfgang Schäuble, the conservative interior minister, who has long wanted the security forces to be given more leeway for surveillance.

Schäuble said Wednesday that, if approved, the law would strengthen the means available to the Federal Crime Office, known as the BKA, to investigate terrorism suspects and fight international crime.

"The threat to our country has made it necessary to give the BKA such rights to counter threats," Schäuble said at a news conference while presenting the so-called BKA law. "It is an important building block for Germany's security architecture."

He also said the draft legislation was in line with the Constitution.

But Sebastian Edathy, a Social Democrat and chairman of the domestic affairs committee in Parliament, told the public broadcaster ZDF that the legislation was "uncharted territory in the law." He said sections of the legislation related to online searches should be limited to four or five years to give lawmakers a chance for evaluation.

"We don't want a spy state," he said. "We want a state that works with tweezers instead of a sledgehammer in cases where we indeed have to protect the state's security concerns."

The opposition Greens party said Schäuble was trying to realize his own agenda by pushing through the tougher measures.

"All of Mr. Schäuble's security fantasies have been pushed through," Claudia Roth, a Greens leader, said in an interview on the commercial television station N24. "We need resistance to that. I don't want us to be a state in which everyone is suspicious."

The pro-business Free Democrats said the security forces could become a "super spying agency." The party's interior affairs expert, Gisela Piltz, said Schäuble's plan would undermine a state that is based on strong constitutional rights and has transparent checks and balances.

Schäuble rejected assertions of excessive state interference.

"The constitutional state works," he said. "The protection of the personal private sphere," he said, "is no lower than in any other part of the world and it is higher than it has ever been at any other time in our history. I'm proud of that, and working for it with great determination."

But Peter Schaar, who heads the federal agency for data protection, challenged the legislation, saying he would lobby Parliament to improve the proposals so that citizens' privacy could be protected.

A poll by the independent Forsa Institute showed that 48 percent of Germans considered storage of citizens' data by the government a necessary means to fight crime, while 46 percent said it was a disproportionate and unnecessary assault on individual freedoms.

Mobile phones expose human habits

MONITORING : Mobile phones expose human habits

By Jonathan Fildes




The whereabouts of more than 100,000 mobile phone users have been tracked in an attempt to build a comprehensive picture of human movements.

The study concludes that humans are creatures of habit, mostly visiting the same few spots time and time again.

Most people also move less than 10km on a regular basis, according to the study published in the journal Nature.

The results could be used to help prevent outbreaks of disease or forecast traffic, the scientists said.

"It would be wonderful if every [mobile] carrier could give universities access to their data because it's so rich," said Dr Marta Gonzalez of Northeastern University, Boston, US, and one of the authors of the paper.

Dr William Webb, head of research and development at the UK telecoms regulator, Ofcom, agreed that mobile phone data was still underexploited.

"This is just the tip of the iceberg," he told BBC News.

Money search

Researchers have previously attempted to map human activity using GPS or surveys, but it is expensive.

One innovative approach tracked the movement of dollar bills in an attempt to reconstruct human movements.

The study used data from the website wheresgeorge.com, which allows anyone to track a dollar bill as it circulates through the economy. The site has so far tracked nearly 130 million notes.

Studies such as this suggested that humans wander in an apparently random fashion, similar to a so-called "Levy flight" pattern displayed by many foraging animals.

However, Dr Gonzalez and her team do not believe this approach gives a complete picture of people's movements.

"The bills pass from one person to another so they can't measure individual behaviour," she explained.

The new work tracked 100,000 individuals selected randomly from a sample of more than six million phone users in a European country.

Each time a participant made or received a call or text message, the location of the mobile base station relaying the data was recorded.

The researchers said they were "not at liberty" to disclose where the information had been collected and said steps had been taken to guarantee the participants' anonymity.

For example, individual phone numbers were disguised as 26 digit security codes.

"Furthermore, we only know the coordinates of the tower routing the communication, hence a user's location is not known within a tower's service area," they wrote.

Each tower serves an area of approximately 3 sq km.

Information was collected for six months. But, according to the researchers, a person's pattern of movement could be seen in just three.

Model behaviour

"The vast majority of people move around over a very short distance - around five to 10km," explained Professor Albert-Laszlo Barabasi, another member of the team.

"Then there were a few that moved a couple of hundred kilometres on a regular basis."

The results showed that most people's movements follow a precise mathematical relationship - known as a power law.

"That was the first surprise," he told BBC News.

The second surprise, he said, was that the patterns of people's movements, over short and long distances, were very similar: people tend to return to the same few places over and over again.

"Why is this good news?" he asked. "If I were to build a model of how everyone moves in society and they were not similar then it would require six billion different models - each person would require a different description."

Now, modellers had a basic rule book to follow, he said.

"This intrinsic similarity between individuals is very exciting and it has practical applications," said Professor Barabasi.

For example, Professor John Cleland of the London School of Hygiene and Tropical Disease (LSHTM) said the study could be of use to people monitoring the spread of contagious diseases.

"Avian flu is the obvious one," he told BBC News. "When an outbreak of mammalian infectious airborne disease hits us, the movement of people is of critical concern."

Dr Gonzalez said that traffic planners had also expressed an interest in the study.

Sensor overload

Although the scale of the latest study is unprecedented, it is not the first time that mobile phone technology has been used to track people's movements.

Scientists at MIT have used mobile phones to help construct a real-time model of traffic in Rome, whilst Microsoft researchers working on Project Lachesis are examining the possibility of mining mobile data to help commuters pick the optimum route to work, for example.

Location data is increasingly used by forensic scientists to identify the movements of criminal suspects.

For example, the technique was used by Italian police to capture Hussain Osman, one of four men jailed for the failed suicide bombings in London on 21 July.

Commercial products also exist, allowing parents to track children or for friends to receive alerts when they are in a similar location.

These types of services and projects will continue to grow, Dr Webb believes, as researchers and businesses find new ways to use the mobile phone networks.

"There are so many sensors that you could conceivably attach to a phone that you could do all kinds of monitoring activities with," he said.

For example, Nokia have put forward an idea to attach sensors to phones that could report back on air quality. The project would allow a large location-specific database to be built very quickly.

Ofcom is also planning to use mobiles to collect data about the quality of wi-fi connections around the UK.

"I am sure there will be tens if not hundreds of these ideas emerging over the next few years," said Dr Webb.

Scam Artist along with Toddler Goes to Jail

419 : Scam Artist along with Toddler Goes to Jail

4 Jun 2008



CHENNAI: Seven-month-old P A Aryan is too young to realise that he is being behind bars for no mistake of his. When his mother Ritu Peter Anderson tried to cheat an NRI after hacking one of her friend's email ID and then impersonating him, Aryan also had to pay the price.

He is now accompanying his mother, Ritu (25) in Puzhal central prison, after she was picked up along with her husband Peter Anderson, her brother P Neville Phillips and an associate, Peter Francis, by the cyber crime cell of CB-CID from Bangalore. The arrests were made on a complaint from S D Paul, a resident of Nilgiris.

Ritu, a graduate in psychology, is a known cyber criminal in Bangalore. She, along with her husband, brother and a broker had been involved in many cheating cases, including hacking and impersonation.

"We picked up all the four after receiving a complaint from Paul, a military store manager in Nilgiris. The complaint, filed on May 16, alleged that some one had hacked into his email ID and had been sending messages to his friends in the address book, requesting a financial assistance of Rs 75,000 for medical treatment for ‘Paul's wife'.

The hacking and impersonation came to light when Franko D'Souza, who is a health officer in Kuwait and a friend of Paul, contacted him to know about his wife's ‘illness.' Paul then lodged a complaint," S Balu, deputy superintendent of police, cyber crime cell said.

The cyber crime cell people then acted swiftly and contacted D'Souza. He has been told to keep in touch with the impersonator through mail. When the officials checked details of the mail, it had a bank account number from Bangalore. The police team then went to Bangalore and tracked the account details.

"We found the account holder to be P Neville Phillips, brother of the main accused, Ritu. Neville had managed to open a bank account using fake address with the help of Peter Francis," Balu said.

Meanwhile, Ritu was in constant touch with D'Souza over email. D'Souza informed Ritu that the money had been sent to the said account. Ritu tried to withdraw the money using the ATM card twice.

"That was our plot. We had asked D'Souza to inform Ritu that money had been sent to her. Ritu was desperate after two attempts at ATM and gave her original address to D'Souza. We then traced her and arrested her. We had earlier picked up the other three," Balu said.

Wednesday, June 4, 2008

Quote of the Day

Quote of the day

The minute you settle for less than you deserve, you get even less than you settled for.

Maureen Dowd

New IT Term of the day

New IT Term of the day


Short for port address translation, a type of network address translation. During PAT, each computer on LAN is translated to the same IP address, but with a different port number assignment.

PAT is also referred to as overloading, port-level multiplexed NAT or single address NAT.

Smart Phones 'Bigger Security Risk' Than Laptops

RISK : Smart Phones 'Bigger Security Risk' Than Laptops

Leo King

June 02, 2008

Computerworld UK


Smart phones are seen as a more of a security risk than laptops and mobile storage devices, according to new research.

Some 94% of senior IT staff fear PDAs present a security risk, just above the 88% who highlighted mobile storage devices as a worry.

Nearly eight in 10 said laptops were an issue. Only four in 10 had encrypted data on their laptops, and the remainder said the information was "not worth" protecting.

The results come from a survey of 300 senior IT staff conducted by endpoint data protection supplier Credant Technologies.

A key danger with PDAs was that over half of IT executives surveyed were "not bothering" to enter a password when they used their phone.

Nine in 10 of the smart phones were being given access to company networks without extra security, even though the phones were individually owned by users. There were no access restrictions being applied to 81% of the phones.

Credant Technologies said smart phones had become "easy pickings" for any opportunists trying to steal them and access information.

Peter Mitteregger, European VP at the company, said: "Companies need to regain control of these devices and the data that they are carrying, or risk finding their investment in securing the enterprise misplaced and woefully inadequate."

What is Giving UK Small Businesses Nightmares?

SCARE : What is Giving UK Small Businesses Nightmares?

Technology Problems & Difficult Clients & Suppliers are Top Anxieties

YouGov/Trend Micro survey suggests small businesses need to be more aware of growing electronic crime threat

2nd June, 2008


Marlow, UK -- A new You Gov survey into British UK small business attitudes to operational business anxieties reveals that technology not working (42% of all respondents) is the number one work issue that causes anxiety, alongside with difficult clients and suppliers (42%) which cause the same level of concern. Heavy workloads (30%), tight deadlines (26%) and long hours (19%) were the next highest ranking issues causing concern.

The survey commissioned by Trend Micro, a global leader in internet content security, also asked small businesses about their anxiety regarding business-related crime. Fear of theft and office break-ins ranked low as issues causing most anxiety (9%) of all respondents ranked this as a top three concern. But there were some regional variations with more than one in ten London respondents (13%) saying business crime was one of their top three concerns. This compared with 3% of Scottish respondents. Anxiety over loss of confidential data was more of a general concern with one in ten of all businesses worried about this; respondents in London and Midlands/Wales registered a slightly higher level of concern (12%).

When asked about electronic crime, the majority of all respondents (83%) said they had not been a victim of electronic crime in the last 12 months. Once again there were some interesting regional anomalies with 18% of Scottish respondents saying they had suffered at least one incident in the last year.

This low rate of reported incidents among small businesses comes as the recorded volume of electronic crime attacks grows and is increasingly targeted at small businesses that do not necessary have the resources or systems to protect themselves. A further worry is that these attacks are hidden and many small businesses may not know when an electronic crime is being committed.

For example, in May 2008 over half a million websites were infected with malicious code. Most of these were small business websites typically made up of old and unsecured coding and running on older or unpatched web server and operating systems. These sites are easy targets for cyber criminals looking to hijack commercial websites for financial gain and identity fraud. Most of the UK businesses affected were sole-traders relying on their web presence for revenue generation.

Paul Burke, SMB Product Marketing Manager - EMEA at Trend Micro says: "Information technology problems top the list of everyday anxieties for small businesses. The survey also suggests that we need to do much more to better inform and help the small business community about the new generation of security threats that are attacking their IT infrastructure silently and with potentially devastating effects to their reputation and finances. Our Worry-Free initiative is geared specifically to provide these businesses with both support and guidance on how to better protect themselves without adding to their IT anxieties and having to become an IT security expert."

While putting into place comprehensive security software is key, Trend Micro suggests a number of tips on how small businesses can protect their assets, their customer information and, most importantly, their reputation:

ü Ensure that all employees use effective passwords, and when possible, stronger authentication technology. Encourage passwords that are comprised of different upper and lower case letter characters and change them frequently

ü Discourage employee downloads from non-trusted sources such as peer-to-peer and video

ü Protect your network; by ensuring that PCs and laptops are protected by firewalls, anti-virus software and web threat protection both within the office network as well as when mobile working

ü Keep all operating systems and software up-to-date, as without updates, your systems will not be well protected against new cyber threats

ü Create and manage back-ups. It is best to store secured copies and use encryption to protect sensitive records about employees, suppliers and customers

ü Maximise encryption. You should protect customer data by encrypting it with passwords or encryption keys

ü Don't leave sensitive data saved on a handheld or mobile device, in case it is stolen or lost

ü Keep in mind that your company will grow, and shop for security solutions that will grow with your business's pace

Credit Card Fraud Rates Increasing

BEWARE : Credit Card Fraud Rates Increasing

By Staff Writers

SC Magazine

2 June 2008


Credit and charge card fraud rates increased in 2007, as more dollars were lost to fraudulent overseas online merchants, according to the Australian Payments Clearing Association (APCA).

According to APCA's newly released payments fraud data, payment card fraud that is debit, credit and charge cards, increased from 23.9 cents in every $1,000 in 2006 to 27.9 cents in 2007.

Credit and charge card fraud (signature permitted and card-not-present) fraud increased from 36.9 cents to 44.5 cents in every $1,000 while debit card fraud dropped from 7.7 cents to 7.1 cents in every $1,000.

The report found the largest component of Australia’s credit and charge card fraud relates to card-not present (CNP) fraud and cross-border fraud activity which includes fraud conducted over the Internet, phone, mail and fax.

APCA’s Chief Executive Officer, Chris Hamilton said Australia’s payment card fraud rate has increased over the last 12 months but remains low by global standards.

“The UK’s payment card fraud rate is the equivalent of $1.18 in every $1,000 as against slightly under 28 cents in Australia,” Hamilton said.

"[However] what the statistics are telling us is that even as today’s technology makes it possible to buy anything from anywhere, it is also making it possible for fraudsters to operate globally," he said.

Hamilton warned: "It’s no surprise that Australian consumers and retailers need to take particular care when not dealing face-to-face.”

Commenting on the data, the Australian Bankers’ Association (ABA) said cheque fraud has declined to very low levels, debit card fraud is also at low levels but credit and charge card fraud is showing an increase.

Around 70 percent of the increase in credit card and charge card fraud has been driven by Australian card holders making purchases overseas via the Internet and telephone, claimed the ABA.

According to David Bell, chief executive at the ABA, customers are increasingly shopping online from overseas retailers and unfortunately some of these outlets may not have strong customer protections in place.

“Fraud prevention remains more than ever a priority for the industry," said APCA’s Hamilton.

HP Opens BIOS Password Security

DANGER : HP Opens BIOS Password Security

Vendor nixes protection with step-by-step reset guide

By John Leyden

2 Jun 2008


HP has come under fire for nullifying BIOS password protection steps on laptops by publishing reset data on its website. UK-based security consultancy SecureTest compared the approach to hiding a front door key under a welcome mat.

Security breaches resulting from stolen laptops have hit the headlines repeatedly over recent months. Full disc encryption is the best approach to making sure data remains secure even if an item of hardware is lost or stolen. But other techniques, such as BIOS password security, still have a role in discouraging casual thieves from bothering to read the data on stolen or 'lost' laptops.

Early BIOS passwords were a product of a more innocent age, but even so password resets typically required technically involved procedures. Initially hardware hacks, such as the opening up the case and applying a parallel loopback connector, were possible. Laptop manufacturers later sharpened up their practices so that better reset processes were applied across the industry.

Laptop BIOS resets typically involve a call to a vendor and going through a challenge-response process before reset codes are handed out. So SecureTest was surprised to discover that HP publishes the reset process for the series of laptop most commonly used in the office on their UK website.

By comparison reseting the BIOS password on a Toshiba laptop involves a visit to a Toshiba dealer, the only parties authorised to obtain reset codes.

"HP might choose to defend itself by saying that its 'bundled security tools' provide a much greater degree of protection than the BIOS, but in reality security is about in-depth defence. Each layer of the security onion needs to be as impenetrable as possible," Ken Munro, a director of SecureTest, explained.

"So it frankly baffles us as to why the likes of HP would publish the reset process if the BIOS password isn’t intended to be used. It’s like hiding your key under the mat and leaving a note to that effect for passing burglars to see," he added.

We put these concerns to HP on Friday. We're yet to hear anything substantive back but will update this story if we do.

Although full disc encryption is the best approach for laptop security other techniques still have their place, according to Munro.

"Full disc encryption is the right thing for laptop security, but vendors often forget to mention the ATA-3 (or ‘drivelock’) standard that effectively ‘locks’ the hard drive to the BIOS.

"Unless this password has been entered, the laptop is rendered unbootable and the hard disc unreadable, even if it is removed and mounted in another machine. ATA-3 appears vulnerable only to a very prolonged brute force crack, rather like regular encryption," he said.

Monday, June 2, 2008

Quote of the day

Quote of the day

The most brilliant propagandist technique will yield no success unless one fundamental principle is borne in mind constantly...it must confine itself to a few points and repeat them over and over.

Joseph Goebbels, Nazi Propaganda Minister

New IT Term of the day

New IT Term of the day

password cracking

The process of attempting to guess or crack passwords to gain access to a computer system or network. Crackers will generally use a variety of tools, scripts, or software to crack a system password. The goal of the cracker is to ideally obtain the password for root (UNIX) or system and administrator (Windows, NT). Password cracks work by comparing every encrypted dictionary word against the entries in system password file until a match is found.

Educating Managers On Computer Fraud Cut Crime

RESEARCH : Educating Managers On Computer Fraud Cut Crime


May 27, 2008


Shalini Kesar, a computer scientist at Southern Utah University in Cedar City, has devised an antifraud strategy for business. Writing in the International Journal of Business Information Systems from Inderscience Publishers, he suggests that managers should be made aware of security issues and send out cues to junior staff that they have this knowledge.

Combating digital fraud within any organizations is a growing problem for management. Researchers in this field and security practitioners have recently begun to emphasize the need to take into account the "social" aspects of information security. They also emphasize that a lack of communication at the wider organizational level is often associated with computer fraud.

"Computer fraud can result from incompetence, ignorance, negligence in the use of Information Technology or deliberate misappropriation by individuals," says Kesar. This results in the destruction of not only the main information systems but also backup systems, causing damages up to hundreds and thousands of dollars.

Kesar points out that reported cases of computer fraud only represent a tip of a potentially large iceberg. Anecdotal evidence suggests that employees pose one of the greatest threats because they are in a better position than "outsiders" to engage in computer fraud, Kesar adds.

Opportunistic computer fraud could be minimized, however, he says simply by raising managers' awareness and knowledge of how organizational structure can affect the effectiveness of security measures. Kesar uses the case of a well-known serious fraud that took place at an international bank together with the business theory of management theorist Henry Mintzberg to demonstrate how security breaches might be avoided by educating management.

"Lack of awareness of social and technical issues among managers largely manifest themselves in a failure to implement even the most basic safeguards and controls," the researchers conclude, "Concomitantly, if management ignores wider organizational structural issues then this too increases the likelihood of a potential offender committing computer fraud."

These two main insights point to Kesar's seemingly obvious solution, which simply involves teaching management and then subtly communicating management's new-found knowledge to employees.

More credit card frauds traced to India

FRAUDS : More credit card frauds traced to India

Prasun Sonwalkar in London


May 31, 2008


More cases of international credit card fraud with links to India have come to light in Britain, even as authorities refused to rate the problem from Indian cities as very high.

In a latest incident, a British journalist discovered that money was withdrawn from his bank account in Chennai this week, while nearly 500 others in Bournemouth suffered the same fate.

British security officials have been grappling with card-cloning, by which card details are surreptitiously recorded during transactions at petrol pumps and supermarkets, and emailed across the globe for illegal withdrawals from ATM machines.

In the last one year, several cases have come to light when British consumers found that money was withdrawn from their accounts from Mumbai, Chennai and other parts of India.

Petrol pumps have been the most vulnerable to such scams. In Bournemouth, south England, Gavin Haines, a feature writer for the Daily Echo, a leading local newspaper, was alerted by his bank after money was withdrawn from his account in Chennai last Saturday, Sunday and Monday.

"I can't afford to lose 400 pounds on a weekend. It was my only bank account at the time and they didn't have access to money. I've now got to go through the claims process," he said.

However, Mark Bowerman, an official of the Association of Payment and Clearing Services (APACS), the UK trade association for institutions delivering payment services, told PTI: "India is not in our top ten list for this type of fraud".

The list is headed by the United States, and followed by Italy, Australia, France and Spain. Apart from Haines, nearly 500 people have complained of similar withdrawals overseas in scams apparently linked to the Malthurst West View Service petrol station in Bournemouth.

The location was raided by the local police this week. Among the countries from which the attempts have been made to withdraw money are Malaysia, Egypt, Canada, Portugal, Australia, China, India, the Philippines, Ghana, the USA, the Netherlands and Taiwan.

In 2007, the police received more than 200 similar complaints about the Murco service station in Southbourne Grove, Bournemouth. Three men were arrested but were later released without charge. The garage is under new management.

Card-cloning, also known as skimming, involves retrieving card details and pins (personal identification numbers) to withdraw money fraudulently from people's bank accounts.

In spring last year, thousands of motorists were hit in a skimming scam involving garages across England. The Sri Lankan government claimed the money was being used to fund Tamil terrorist activity on the island. Officers from the cheque and card unit of the Dorset Police's economic crime unit are liaising with APACS to investigate the latest allegations.

Mandy White, a resident of Charminster, said that nearly 2,000 pounds had been taken out of her partner's account in 19 transactions in the Philippines on Sunday. APACS spokeswoman Jemma Smith said customers' details were often sold over the Internet at the touch of a button.

She added: "Under the UK banking code, if you are the innocent victim, you can expect to get your money back".

Duped of Rs 20 lakh, she tries same on others

RELAY RACE : Duped of Rs 20 lakh, she tries same on others

Express News Service

May 31, 2008


Pune : The city police on Friday arrested 52-year-old Flora Akkavan of Dhanlaxmi society in Dhanori who duped two persons of Rs 5 lakh. She claimed the crime was committed to make good about Rs 20 lakh she lost to a group of online fraudsters based outside India who promised to make her richer by $ 10 million (about Rs four crore) in double quick time.

The police have seized 30 bundles of ‘black-and-green paper’ having size similar to that of a 100-dollar note and a diplomat’s bag that Flora had got from the fraudsters. Each bundle carries a label — United States of America $ 50,000. Police Inspector Bhanupratap Barge of crime branch who busted the racket said that the fraud had its roots in Nigeria and Thailand.

Barge said that Flora claimed she had received a fraudulent email sometime prior to April 2007 saying that former Philippines President Asteda wanted to secretly transfer $ 120 million to a bank account in USA and assured to pay her $ 10 million.

Flora said she got another email asking her to pay $ 8,000 (about Rs 4.5 lakh) for opening an account in Crew Bank in USA. She was then told that $ 120 million had been transferred to her Crew Bank account. A few days later, she got an email that $ 110 million had been transferred to Asteda’s account while the remaining $ 10 million was being given to her as promised.

Flora was again asked to pay $ 8000 for transferring the money from USA to India via Thailand. Flora gave this money to a foreigner at Hotel Ambassador in Mumbai. Then in November 2007, she was called to Delhi to collect her kickback money of $ 10 million.

She got the parcel containing a diplomat’s box with bundles of green and black paper. The foreign national who gave the parcel said that these were US dollars coated with green and black colour and demonstrated how the currency could regain its original shape by washing away the coating on the notes with a chemical.

The fraudster said they would send the chemical to her soon and left. Police said that Flora spent about Rs 20 lakh in the process but never got the chemical. Still hopeful of getting her money, she approached Pradeep Baldev Rajput (22), a real estate agent in Wadgaon Sheri.

Flora told him that she has sold three software packages in USA for Rs 17 crore and that the money has already landed in India via ‘a secret channel’ route. She also took Rajput to a cyber café to show the demonstration of notes are converted to dollars by washing with a chemical on a website - doilrich007.

Flora said a Swiss Bank manager would be coming to India with the chemical and lured Rajput to invest Rs 50,000 for purchasing the chemical, saying he would be paid back Rs 2.5 lakh in one month. Later, she managed to extract Rs 1 lakh from Rajput and about Rs 3.5 lakh from his friend Anil Vasant Upshant with the same promise.

As months passed, Rajput realised that Flora was cheating him and his friend and lodged a complaint with the crime branch. A team led by inspector Barge arrested Flora and the case has been transferred to Vishrantwadi police station for investigations.

The police have recovered an Iranian passport from Flora as she was married to an Iranian national. While the foreigners who cheated Flora remain unidentified, police suspect that she has cheated more persons like Rajput.

One arrested for database theft in Ahmedabad

ARREST : One arrested for database theft in Ahmedabad

30 May 2008



Ahmedabad, PTI: A city-based IT firm owner Maulik Dave was arrested yesterday by the city crime branch based on a complaint filed by the representative of the US-based firm in India, police said.

Police have arrested an IT firm owner for allegedly stealing database from a US-based company and selling it to other company.

A city-based IT firm owner Maulik Dave was arrested yesterday by the city crime branch based on a complaint filed by the representative of the US-based firm in India, police said.

"We have been following Dave's activity after we received a complaint from a US-based firm which said important official data were stolen from their database," ACP, Crime Branch, Usha Rada said.

"Dave had worked with the US-based firm on some IT project and had access to their database. The company has alleged that Dave had stolen data from their server and sold it to some other US-based company," Rada said.

According to sources, the data, which contained personal details of clients of the US-based firm, could be worth lakhs of rupees.

Sources also said that Dave, who used to operate from his home in the Vejalpur area of the city, was not alone and had an accomplice who is yet to be traced.

Dave was produced before a city court today. The court has sent him to three days police custody.

Further action in the case will depend on outcome of the interrogation, police added.

This Day in History

Thanks for your Visit