U.S. Postal Service Cracks Down On Cyberscams - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Business & Finance

U.S. Postal Service Cracks Down On Cyberscams

With new and increasingly inventive cyberscams surfacing every week, the Postal Inspection Service's workload isn't likely to get any lighter.

When you think about the U.S. Postal Service, you don't normally envision a crack team of globe-trotting agents who bust international Web fraud syndicates and bring cybercriminals to justice. Actually, that's a lot of what the Postal Service's Postal Inspection Service does, in conjunction with other law enforcement agencies.

And with new and increasingly inventive cyberscams surfacing every week, the Postal Inspection Service's workload isn't likely to get any lighter.

Standing before a packed auditorium Monday at Gartner's IT security conference, Greg Crabb, U.S. postal inspector program manager for the organization's international affairs group, explained that the Postal Inspection Service gets involved in information security crimes when those crimes involve use of the U.S. Postal Service to commit fraud, which is more often than you'd think.

"Every one of you living in the United States has a mailbox in front of your house," Crabb said. "I protect that mailbox." Incidentally, the U.S. Postal Service handles 668 million pieces of mail daily.

Just last week, a film producer in Tampa, Fla., was indicted on 10 counts, including several counts for transporting obscene matter via the Internet and through the U.S. postal system. There were also reports to the American Kennel Club and the Council of Better Business Bureaus of a scammer posing as a breeder of puppies who either sends out e-mails or puts up ads offering free or inexpensive puppies. Those responding to the solicitation have paid hundreds or thousands of dollars but received no pooch in return.

Crabb on Monday outlined several different types of criminal schemes he's investigated as a member of the Postal Inspection Service, which was formed in 1909.

In one scheme, a criminal poses as a merchant and steals money and/or payment card information from someone attempting to make a purchase via the Web. Or, as with the now-infamous Nigerian money laundering scams, the criminal can simply ask for money outright. Crabb said he's been chasing a cybercriminal named Vladuz, who has repeatedly gained unauthorized access to areas of eBay's network in order to hijack established accounts and hold auctions for products he doesn't plan to deliver. Thousands of U.S. victims have sent Western Union transactions to France, Germany, the United Kingdom, and Romania, in the hopes of purchasing items from Vladuz, Crabb said. Vladuz has even posted messages on eBay's internal forums and infiltrated servers that administer employee e-mail. "We've been chasing him for some time," Crabb added.

In another type of cyber scam, a cybercrook will sell software to unsuspecting victims. When those victims download the software onto their computers, malware is installed to help the criminal later turn that computer into a bot, which could then be used to launch distributed denial-of-service or some other type of cyberattack. In one example, Crabb traced this sort of activity to Bangkok, Thailand, where in May 2003 he helped arrest Maksym Kovalchuk, a Ukrainian man, on charges of criminal copyright infringement, trafficking in counterfeit goods, and money laundering. Kovalchuk was already a known cybercriminal, having in October 2001 launched the first phishing attack that used eBay as bait to trap its victims.

"Basically, he pioneered phishing by sending out eBay and PayPal spoofs," Crabb said.

In still another variation on cybercrime under the postal inspector's jurisdiction, international criminals buy goods using stolen or fraudulent payment cards and have the goods sent to accomplices in the United States, who then ship the merchandise to the person committing the fraud. In one such operation, a Ukrainian man named Malinkas Silinkas ran a reshipping scam against a U.S. company's e-commerce operations, having ill-gotten merchandise shipped to a U.S. address and then on to his base of operations in Lithuania. Crabb said that when Silinkas was arrested, law enforcement found more than 50,000 fraudulent IDs in his possession.

These are just some of the cases Crabb was able to discuss. For him, even largest cybercrimes are old hat. "I've seen so many TJX's it's not even funny," he said in reference to the cyberattack on the parent company of T.J. Maxx that resulted in the theft of 45 million credit and debit card numbers.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
Commentary
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
Commentary
Diversity in IT: The Business and Moral Reasons
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  6/20/2019
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll