Crooks hijack online brokerage accounts Spyware used to steal account details then liquidate, manipulate stocks, SEC says. October 13 2006: 3:14 PM EDT WASHINGTON (Reuters) -- High-tech crooks are hijacking online brokerage accounts using spyware and operating from remote locations, sometimes in Eastern Europe, U.S. market regulators said on Friday. The computer "incursions" are a growing problem, said Walter Ricciardi, deputy enforcement director at the U.S. Securities and Exchange Commission. "It's something we're very concerned about," he said in remarks at a legal conference in Washington. About 25 percent of U.S. retail stock trades are made by online investors through roughly 10 million online accounts, according to brokerages regulator NASD. Companies such as Ameritrade (down $0.04 to $16.96, Charts), Charles Schwab Corp. (down $0.14 to $17.59, Charts), and E*TRADE Financial Corp (down $0.20 to $22.86, Charts). offer the accounts. Crooks will load a victim's computer or a public PC with a spy program to monitor a user's activities and capture vital information, such as account numbers and passwords. The program then e-mails the stolen information back to the thief, who can use it to open victim accounts. Once inside, the thief may sell off an account's portfolio and take the proceeds. Or electronically hijacked accounts may be used for "pump-and-dump" schemes to manipulate stock prices for profit, Ricciardi said. Public computers in such places as Internet cafes and hotel rooms are especially vulnerable to incursions. But home computers may also be hit as spyware can be imported simply by opening an e-mail attachment, said John Stark, chief of the SEC's Office of Internet Enforcement. Incursion scams under SEC investigation are far-flung. "We're seeing these frauds in offshore entities and persons, including those located in Eastern Europe," Stark said. The SEC is working to track down the hackers and to educate online investors, he said. Steps to fight incursions include securing an online account by changing passwords frequently and never using an unfamiliar computer to enter an account number or password. To fight a similar problem, U.S. banks are exploring new online banking security technologies since a study showed identity theft via online banking is a fast-growing crime.
This explains many of the p&d's I have witnessed over the last 6 months. Between the Eurotrash and the Nigerian scammers, they make our thieves look 'almost 'clean by comparison.
Best is NEVER to use your trading computer for anything else except for trading. If you absolutely need to use the same computer for browsing then get one of the Kubuntu live CD's and boot from that after you have finished trading for the day. That does not access the hard disk so nothing can be installed. You can go one step further and that is make a backup immediately after installing your software and software updates. Then whenever you have accessed anything else than your trading account and MicroSoft for the updates you do a restore. The other thing to do is to never share the email address used for your broker with anyone else. Means that you need to have multiple email accounts and the one that you use for all your contacts is a "public" one like gmail, hotmail, yahoo etc. (and access those only from the Kubuntu environment) Further do not use wireless acess in a public place for accessing your broker. Some simple precautions can keep you reasonable safe. Maria
Somebody has made some really terrible trades using my account lately! I'm outraged! I'll sue! No WAY I traded that crummy. J/k. It was me. But PLEASE, everybody, get the hardware key devices. Run firewalls and antivirus. Get and use a router if you can. Make sure your firewall software blocks OUTGOING messages too! Be safe. Let's shut down these crooks.
I learned last year to run my spyware and anti-virus all the time. I had an "E-Gold" account for some on-line payments that I was doing. I got a trojan on my personal machine that was "Keylogging". Lost $500 out of my account and it was sent to some one in "Whatever-istan" Eastern block mafia I suppose... I now change passwords every couple days on any financial and e-mail account. Get a free random Password generator, plus use a firewall that will tell me if my machine was trying to send out a file or e-mail by itself. I recommend everyone change passwords at least once a week. And run a complete virus scan before you make ANY account logins, for the day.
yeah....the sec.....never goes after the real crooks....wallstreet....Goldman Sachs has been loaded with crooks for decades.....its like taking candy from children......they do things like pump Bidu on their IPO tour.....the stocks climbs to 114....the next morning they release a 5:00 am press release saying Bidu worth exactly 27.00 a share.....I guess we know what side of the trade they were on.....pumping & dumping.....that`s a crime? Not if your former employees include....the govenor of new jersey, head of nyse, treasury head, etc.