Identity Theft..and More

by David Bilinsky

♫ I’d rather steal than foot the bill, I’d rather die
I’d rather steal than pay the bill, I’d rather lie ♫

Words and music by Vaux, “Identity Theft”

Yesterday was an eye-opening day for me. Someone apparently hacked into my Twitter account and started sending out spam tweets in my name. On the scale of the range of identity theft, this was rather low – as it was solved by changing my Twitter password to something VERY strong and sending out apologies to those who unfortunately, received the spam tweets. But like a vaccine, it inoculated me to go out and strengthen all the passwords on the myriad of web sites that I visit in order to try to prevent any further occurrences.

But then I read a news article that made my blood run cold. TECHWORLD (among other sites) are posting articles on the new URLzone Trojan. The latest development of bank account malware is more than just stealthy:

“It rewrites bank pages so that the victims don’t know that their accounts have been emptied, and it also has a sophisticated command-and-control interface that lets the bad guys pre-set what percentage of the account balance they want to clear out.”

This is scary stuff…someone can gain your identity credentials, install the URLzone trojan and use it to withdraw money from your account (keeping within the actual balance at all time). Then it covers its tracks when you go to check your bank statement (provided you use the same infected machine to check your bank balance online).

Worse yet, it detects when the security researchers go looking for it and diverts them onto false leads by transferring money not to the fraudsters but rather to innocent people.

TECHWORLD went on to say: “According to Finjan, URLzone is a botnet that targets computer users in Western Europe. It has hijacked about 6,400 computer users last month and was clearing about €12,000 (£11,074) per day.”

I shudder to think about what would happen if a lawyer’s trust account became targeted by the URLzone trojan, since there are no shortage of people out there who would rather steal than foot the bill.

Comments

keith

October 30th, 2009 at 8:18 pm

Be careful when hiring freelance programmers, don’t give out your main hosting login details they might be tempted to access your other sites and information. They are crooks who are good at the guessing game and might guess your twitter account and other accounts login details..

Most Recent Comments

Sushil K. Jain on Book Review: Fundamental Principles of Canadian Unjust Enrichment:

Interesting to see a new text on unjust enrichment, as I’m currently researching a neglected angle: whether small nonprofit organizations… more »
Geoffrey on Ontario v Doe: The 30 Hour Lawsuit:

Excellent comment. Does this episode also point to the speed that can be achieved if both parties are willing to… more »
Verna Milner on RECLAIM: L Is for Learning:

Excellent article. Psychology Today writes, "[c]ultural humility can be defined as a lifelong process of self-reflection, self-critique, and commitment to… more »
Robert McKay on Ye Olde Law Publishing:

Thank you, David, for taking the time and trouble to read the piece. Much appreciated. more »

+ -

The RECO-iPro Matter: Governance Lessons From a Regulatory Mishap

The Shared Secret: Does Your Consent Violate Your Family’s Privacy?

Mass Client Communication Has Changed Completely. Too Bad Many Professionals Are Still Using the 2016 Playbook

Why? the Details of the Alberta Regulated Professions Neutrality Act

Mediators Are Human Too

The Legal Profession’s Weakening Grip on Law Society Governance

Identity Theft..and More

Comments