Identity Theft

I came across an interesting pump and dump stock-trading scheme.

Overseas hackers broke into customer accounts at two online stock brokerages, TD Ameritrade and E-Trade. The attacks were launched by identity thieves in Eastern Europe and Asia. They used keylogging software driven by Trojan Horses. Yet another reason to be careful when using a Windows PC.

The hackers bought shares in little-traded stocks which drove the prices up. They then sold the shares for a profit. The losses were estimated at $22 million USD.

Such events always make the news. However, most identity theft occurs through traditional means so keep your personal documents secure and, when you dispose of them, use a shredder.

Despite incidents such as the $22 million in losses suffered by E-Trade Financial Corp. and TD Ameritrade Holding Corp. from online identity fraudsters, the problem of online identity theft is vastly hyped when compared with its more prevalent off-line equivalent, according to one analyst group.

The two leading online stock brokerages have admitted in recent days that overseas hackers used software to steal personal customer data to access and create trading accounts as part of a stock-fraud scheme.

While keylogging software, phishing e-mails that impersonate official bank messages and hackers who break into customer databases may dominate headlines, more than 90% of identity fraud starts off conventionally, with stolen bank statements, misplaced passwords or other similar means, according to Javelin Strategy & Research.

“An insignificant portion of identity fraud actually starts with the Internet,” said James Van Dyke, president of Javelin, who pointed out that many firms still rely on simple security questions such as one’s mother’s maiden name. “The Internet always grabs the headlines, but it is individuals who are close to the victims, such as family and friends, that are doing most of it,” he said.

Via.