Archive for the ‘fraud’ Category

Unless you want your payment card data skimmed, avoid these commerce sites

May 8th, 2019
Unless you want your payment card data skimmed, avoid these commerce sites

Enlarge (credit: Mighty Travels / Flickr)

More than 100 e-commerce sites around the world are infected with malicious code designed to surreptitiously skim payment card data from visitors after they make purchases, researchers reported on Wednesday. Among those infected are US-based websites that sell dental equipment, baby merchandise, and mountain bikes.

In total, researchers with China-based Netlab 360 found 105 websites that executed card-skimming JavaScript hosted on the malicious domain magento-analytics[.]com. While the domain returns a 403 error to browsers that try to visit it, a host of magento-analytics[.]com URLs host code that’s designed to extract the name, number, expiration date, and CVV of payment cards that are used to make purchases. The e-commerce sites are infected when the attackers add links that cause the malicious JavaScript to be executed.

One of the infected sites identified by Netlab 360 is ilybean[.]com, an Orlando, Florida, business that sells baby beanies. As the screenshot below shows, the site executes JavaScript hosted at magento-analytics[.]com.

Read 9 remaining paragraphs | Comments

Posted in Biz & IT, eCommerce, fraud, JavaScript, payment card skimming | Comments (0)

FTC hits predatory scientific publisher with a $50 million fine

April 2nd, 2019
Image of the FTC logo.

Enlarge (credit: Wikimedia Commons)

It used to be that publishing a scientific journal was a significant undertaking, requiring infrastructures for peer review, printing, and distribution, and the costs were often defrayed by charging authors for the honor of publishing. Now, it's possible to simply convert submissions to PDFs and throw them online. With those barriers gone, science quickly became plagued by predatory publishers who decided to eliminate peer review as well. Instead, they simply published anything from people who have the money to cover the publication fees.

The profits of these "predatory publishers" come from a mixture of genuine scientists who are unwary, people who want to pad their publication records, and fringe scientists who just want to see their ideas in the literature regardless of their lack of merit. All of them can end up putting misinformation into the scientific record and confusing a public that generally doesn't even know about the existence of predatory publishers.

Now, the Federal Trade Commission has won a summary judgement that just might cause some predatory publishers to step back from their business model. An India-based predatory publisher has been hit with a $50 million dollar judgement for deceptive business practices, along with permanent injunctions against most of the activities that made it money.

Read 11 remaining paragraphs | Comments

Posted in fraud, Policy, predatory journals, science, Scientific publishing | Comments (0)

A new rash of highly covert card-skimming malware infects ecommerce sites

March 14th, 2019
A new rash of highly covert card-skimming malware infects ecommerce sites

Enlarge (credit: Daniel Foster / Flickr)

The rash of e-commerce sites infected with card-skimming malware is showing no signs of abating. Researchers on Thursday revealed that seven sites—each with more than 50,000 collective visitors per month—have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as soon as visitors make a purchase.

One of those sites, UK sporting goods outlet, had been infected since November and had only removed the malware in the past 24 hours, researchers with security firm Group-IB told Ars. The remaining six sites—,,,,, and—remained infected at the time this post was being reported. Ars sent messages seeking comment to all seven sites but has yet to receive a response from any of them.

Group-IB has dubbed the JavaScript sniffer GMO after the gmo[.]il domain it uses to send pilfered data from infected sites, all of which run the Magento e-commerce Web platform. The researchers said the domain was registered last May and that the malware has been active since then. To conceal itself, GMO compresses the skimmer into a tiny space that’s highly obfuscated and remains dormant when it detects the Firebug or Google Developer Tools running on a visitor’s computer. GMO was manually injected into all seven sites, an indication that it is still relatively fledgling.

Read 7 remaining paragraphs | Comments

Posted in Biz & IT, eCommerce, fraud, magecart, payment card skimming | Comments (0)

3 men cop to $21 million vishing and smishing scheme

March 11th, 2019
Handcuffs on a nondescript blue background.

Enlarge (credit: Klaus with K)

Three Romainian citizens have pleaded guilty to carrying out a scheme that used recorded messages and cellphone texts to trick thousands of people into revealing their social security numbers and bank account information, federal authorities said.

The "vishing" and "smishing" scams are variations of phishing that use voicemails and SMS messages instead of email, federal prosecutors in Atlanta, Ga., said on Friday. From 2011 to 2014, the three Romanians compromised computers located in the US and installed interactive voice response and bulk emailing software on them. The hacked computers initiated thousands of phone calls and text messages that tricked recipients into disclosing personal information including account numbers, PINs, and social security numbers.

"When a victim received a telephone call, the recipient would be greeted by a recorded message falsely claiming to be a bank," federal prosecutors said. "The interactive voice-response software would then prompt the victim to enter their PII. When a victim received a text message, the message purported to be from a bank and directed the recipient to call a telephone number hosted by a compromised Voice Over Internet Protocol server. When the victim called the telephone number, they were prompted by the interactive voice response software to enter their PII."

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, fraud, personally identifiable information, phishin, Smishing, vishing | Comments (0)

Shkreli directing notorious pharma co. from prison. It’s still losing millions

March 7th, 2019
Martin Shkreli, former CEO of Turing, smirked his way through a Congressional hearing.

Enlarge / Martin Shkreli, former CEO of Turing, smirked his way through a Congressional hearing. (credit: CSPAN)

Armed with a contraband phone, an incarcerated Martin Shkreli is plotting a comeback with his notorious pharmaceutical company, according to a report by The Wall Street Journal. So far, however, the company is still losing millions of dollars.

Shkreli is just 16 months into a seven-year prison sentence over securities-fraud charges. He landed in jail last year for running what federal prosecutors described as a Ponzi-like scheme that duped investors of his hedge funds. According to prosecutors, the fund siphoned millions from a pharmaceutical company he founded, called Retrophin.

But Ponzi-siphoning isn’t what made Shkreli infamous. He gained notoriety in 2015 when another pharmaceutical company he founded, Turing Pharmaceuticals, bought the rights to a decades-old anti-parasitic drug, Daraprim, and abruptly increased its price from $13.50 a pill to $750 a pill. The rise brought a windfall of profits for Turing, as well as widespread condemnation and increased scrutiny on the pharmaceutical industry’s drug-pricing tactics as a whole.

Read 6 remaining paragraphs | Comments

Posted in daraprim, drug pricing, fraud, Pharmaceutical industry, Phoenixus, Policy, science, Shkreli, Turing | Comments (0)

Here’s what the Sacklers didn’t want you to see in the OxyContin lawsuit

February 3rd, 2019
Here’s what the Sacklers didn’t want you to see in the OxyContin lawsuit

Enlarge (credit: Getty | Pureradiancephoto)

Earlier this month, Ars reported on a lawsuit filed by the Commonwealth of Massachusetts against OxyContin maker Purdue Pharma, members of its board, and the mega-rich, secretive family behind it all, the Sacklers. The court filings were the first to allege that the Sacklers—previously known mostly for their philanthropy—were in fact directly behind the aggressive tactics that Purdue used to drive sales of its highly addictive opioid pain killer, which allegedly helped to ignite the current opioid epidemic. Those same sales tactics were found to be deceptive and fraudulent by federal prosecutors in 2007.

Massachusetts' allegations painted a grim image of greed and callousness on the part of the family—for example, Richard Sackler's suggestion to consider patients who became addicted to their powerful drugs "reckless criminals" to protect sales and profits. But the version of the lawsuit released didn't have the full picture. Parts of the nearly 300-page complaint were redacted at the request of Purdue and the Sacklers.

That's not the case anymore. On Monday, January 28, a Massachusetts judge ruled that the lawsuit could be released in full, and the state's attorney general's office did so on Thursday. The newly revealed portions don't dramatically change the loathsome portrait the allegations paint of the affluent family. However, there are some interesting new pieces of information, and Ars has gone ahead and plucked them out.

Read 5 remaining paragraphs | Comments

Posted in addiction, drug abuse, fraud, lawsuit, Massachusetts, opioid, oxycontin, Policy, prescription drugs, sacklers, science | Comments (0)

Insys exec allegedly gave lap dance to doctor while pushing deadly opioid

January 30th, 2019
Former Regional Director Sunrise Lee, a defendant in the Insys trial, exits the John Joseph Moakley United States Courthouse in Boston on January 29, 2019. (Photo by Matthew J. Lee/The Boston Globe via Getty Images)

Enlarge / Former Regional Director Sunrise Lee, a defendant in the Insys trial, exits the John Joseph Moakley United States Courthouse in Boston on January 29, 2019. (Photo by Matthew J. Lee/The Boston Globe via Getty Images) (credit: Getty Images/Boston Globe)

A former regional sales director for Insys Therapeutics allegedly gave a lap dance to a doctor as the company was pushing him to prescribe its deadly opioid painkiller to patients. That’s according to multiple reports of testimony given Tuesday from a former Insys colleague in a federal court in Boston.

The testimony is part of a federal racketeering trial getting underway this week against Insys founder John Kapoor and four former executives, including the sales director, Sunrise Lee. Federal prosecutors allege that the Insys executives used bribes and kickbacks to get doctors to prescribe the company’s powerful and addictive fentanyl spray, called Subsys—which was intended only for cancer patients experiencing pain that’s not alleviated by other medications (aka “breakthrough pain”). The former executives are also accused of misleading and defrauding health insurance companies that ended up covering the drug for patients who did not need it. A congressional investigation in 2017 concluded that Insys sales representatives bluntly lied and tricked insurers to do that—and the investigators released the tapes to prove it.

Two additional former Insys executives—former Insys CEO and President Michael Babich and former Vice President of Sales Alec Burlakoff—were also charged in the case but have pleaded guilty and are cooperating with prosecutors.

Read 7 remaining paragraphs | Comments

Posted in fentanyl, fraud, healthcare fraud, insys, lap dances, opioid, Pharmaceutical industry, Policy, racketeering, science | Comments (0)

Microsoft’s fonts catch out another fraudster—this time in Canada

January 15th, 2019
The Calibri font. Don't use this if you're forging anything written before 2007.

Enlarge / The Calibri font. Don't use this if you're forging anything written before 2007. (credit: Peter Bright)

You'd think that people forging documents would have learned by now. Canadian Gerald McGoey was judged to have falsified documents in an attempt to protect certain assets from bankruptcy proceedings, because—and stop me if you've heard this before—the documents used Microsoft's modern "C" fonts, which didn't become widely available until 2007. This would have been fine, were it not for the minor detail that the documents were dated 2004 and 1995. Whoops.

McGoey was CEO of Look Communications when it collapsed and left him bankrupt. The company was liquidated, and McGoey was ordered to replay $5.6 million to creditors. McGoey claimed that the assets in question—homes, in this case—were held in trust by his wife and three children and hence beyond the reach of the courts. To prove this, he presented two signed documents. Unfortunately for him, he'd created the documents using typefaces that didn't exist at the time of the documents' purported creation.

The first trust document was dated 1995 and used the Cambria font. The second, dated to 2004, used Calibri. Cambria was designed in 2004, while Calibri was between 2002 and 2004. But neither became widespread until 2007, when they were bundled with Windows Vista and Office 2007. That software included seven different fonts with names beginning with "C"—the "C fonts"—that were optimized for ClearType antialiasing. With their release, Microsoft changed Word's default font from the venerable Times New Roman to Calibri. Using the new fonts instantly betrays that a document wasn't written any time prior to 2007.

Read 2 remaining paragraphs | Comments

Posted in fonts, fraud, microsoft, office, Tech, Windows | Comments (0)

Why aren’t chip credit cards stopping “card present” fraud in the US?

November 15th, 2018
woman inserting a chip card into a terminal

Enlarge / Chip cards help prevent fraud but only if you use them. (credit: Patrick T. Fallon/Bloomberg via Getty Images)

A security analysis firm called Gemini Advisory recently posted a report saying that credit card fraud is actually on the rise in the US. That's surprising, because the US is three years out from a big chip-based card rollout. Chip-based cards were supposed to limit card fraud in the US, which was out of control compared to similar fraud in countries that already used EMV (the name of the chip card standard).

Chip cards work by creating a unique code for each transaction, and (ideally) require a customer to enter a PIN to verify that they want to make the purchase. This doesn't make it impossible to steal information from chip-based cards, but it does make it much harder to reuse a stolen card. By contrast, using a magnetic stripe to swipe a card simply offers all the relevant information to the merchant's card reader, which is much easier for a bad actor to steal.

Gemini Advisory now says that 60 million credit and debit card numbers were stolen in the US in the past 12 months, and most of those were chip-based cards.

Read 9 remaining paragraphs | Comments

Posted in ATM, Banking, Biz & IT, chip cards, EMV, fraud | Comments (0)