ID theft from spyware - does IB and other brokers do anything to prevent this?

Discussion in 'Networking and Security' started by aeliodon, Nov 13, 2006.

  1. mccrok


    I think the IB solution is a dongle that plugs into a USB port. Theirs is probably fine, but I bought one of these:

    It can be used for many password-protected sites. I believe the IB (and others) solution is for their site only. I could be wrong about that, but I don't think so.

    I haven't yet installed the ID Vault dongle on my machine, but I'll give a trip report when I can.
    #11     Nov 16, 2006
  2. gwb-trading


    First, keep in mind that you are responsible for keeping your computer free of viruses, trojans, and other threats not your broker. Currently many brokerage firms in the US are covering financially situations in which customer online accounts are compromised; usually by the use of implanted key-stroke loggers on the victim's computer. In the long term, I do not expect that brokerage firms will continue to cover their customer's losses due to this type of fraud that primarily reflects the customer's lack of common sense and failure to implement standard online security measures.

    Most brokerage firms are offering USB devices that perform two factor authentication for high worth clients. I expect this will become more prevalent in the industry.

    I would urge active traders to use a different computer for general web-browsing / email / games / etc. then for their trading brokerage account access. This will enhance the safety of your financial accounts.

    For more information on computer security; please see the information at:

    - Greg
    #12     Nov 27, 2006
  3. Does this attachment stay plugged into your USB port at all times, or just when you want to access a protected site?


    #13     Nov 28, 2006
  4. mccrok


    I've now had this thing up and running for about a week, so my experience is limited, but so far I like it. I have three password protected sites loaded onto it so far, and it seems to work well.

    I keep it plugged into my USB port at all times so far, but it doesn't have to be there unless I want access to a protected site. when I log in I get a little popup message in the corner of my screen that it is there and loaded.

    Supposedly, I should be able to unplug it and take it to work with me to use on my work computer, or to an internet cafe, or wherever. I'll give that a shot today.

    One issue I'd like to see addressed is browser access. So far, this dongle only works with Microsoft IE. I use Firefox for all my other internet activity, so I'd like to be able to launch my protected sites in Firefox as well, but not possible at this point. Not a big deal really for me, but still.....


    I use Interactivebrokers. Right now, this product is iffy with them just because of the separate login for every section of IB's site. The ID Vault has a pre-populated list of available brokerages the dongle works with. IB wasn't on the list when I installed the software. I reported this to them and within a business day or so it had been added, but the login is for the web trader, not tws. An obvious thing for them to do, but not useful for most of us on IB I suspect. I will send them an email explaining this today, so hopefully it will be resolved soon. They'll likely have to create a separate login for every section.
    #14     Nov 28, 2006
  5. gbos


    If I understood correctly this dongle doesn’t produce the changing token key some online platforms require in order to login. For example with an online platform supporting a token key generator input, how do you enter the initialization seed to your ID vault dongle?

    I think this dongle just stores your constant password into the chip. In that case you are not protected because the exchange of info between the dongle and the Internet Explorer can be intercepted by a Trojan running on the pc.
    #15     Nov 28, 2006
  6. jllm03


    Very simple, people......
    Your computer is your responsibility..not any broker.
    If you want to trade as a REAL business you need to act like it.

    Install a current anti-virus software.
    (Scan your machine before the market opens.)

    Have a Firewall installed, and I'm not talking the Window XP firewall. This can notify you if your machine is trying to send out a data file or e-mail with all your activity. (from experience)

    Randomly Change your log-in passwords.(every couple days).

    And just like if it was your nice boat, car, or motorcycle, clean up your machine when you are done for the day.

    I had a PayPal account emptied out a couple years ago because I did not take these pre-cautions...and they told me the same thing.."Sorry for your loss..but it is not our responsibility"
    #16     Nov 28, 2006
  7. gbos


    I agree that taking measures will eliminate 95% of the problem. I also have firewall, antivirus, anti-spyware software installed and chose strong passwords for my login process. I even have coded a custom made application that reads what processes are open on memory and compare these with a list of allowed to running processes. But even all these measures are not enough if malicious code is somehow installed in the pc. Unfortunately, a properly designed rootkit can evade detection by all these measures.
    #17     Nov 29, 2006
  8. KK70


    Some bad guys identified, hope they are extradited and locked away......

    Student accused in stock scheme

    The SEC says the man, 21, hijacked online accounts to drive up stock prices, then sold.
    By Scott Barancik
    Published January 26, 2007

    Federal authorities are hunting for a 21-year-old Tampa student who allegedly cleared more than $80,000 last summer by hacking into online trading accounts and using the stolen funds to conduct a pump-and-dump scheme.

    In a lawsuit filed Thursday, securities regulators accused Aleksey Kamardin of buying over-the-counter stocks via his own eTrade account and then quickly reselling them after unnamed partners pumped up the prices using victims' hijacked accounts. Seventeen penny stocks were targeted.

    Kamardin needed just three hours on Aug. 18 to double his investment in one stock: St. Petersburg aircraft developer Cyber Defense Systems Inc.

    "It's a total surprise," Cyber Defense CEO Billy Robinson said Thursday. "We never heard anything until now."

    Little is known about Kamardin, a U.S. citizen who narrowly escaped an FBI raid at his friend's Clipper Cove Apartments home several months ago and is believed to have fled to Russia. Kamardin's name was not listed in student databases at the University of South Florida or University of Tampa. Attempts to reach FBI and Securities and Exchange Commission officials Thursday were unsuccessful.

    But Kamardin's alleged scheme bore a strong resemblance to one the SEC disclosed in December. Both cases involved at least some Russian nationals - Thursday's suit says that an unnamed, Russian-born roommate of Kamardin's was a participant - and in both cases, illegal proceeds were wired to an account in the Baltics. Kamardin's former Tampa roommate could not be reached.

    A review of Kamardin's alleged Cyber Defense trades demonstrates the efficiency of his method.

    In the typical pump-and-dump scheme, a conspirator buys shares of a target company's stock, distributes falsely positive information about the company via spam and other media i.e. Microsoft Corp. to buy XYZ Inc. for $10-billion, waits for the share price to skyrocket, and then sells his stake. Under Kamardin's alleged scam, however, the "pumping" is achieved by illegally accessing strangers' online trading accounts and using the funds within them to buy the target stock.

    The Cyber Defense case shows Kamardin allegedly bought 39,000 shares of Cyber stock one morning for prices ranging from 36 cents to 40 cents per share, used stolen accounts to push the price as high as 85 cents, and then sold all 39,000 shares at 73 cents apiece.

    The three-hour profit: nearly $13,500.

    "That's a good price," CEO Robinson said jokingly. "I wish it had stayed there."

    Though fewer than 90,000 shares of Cyber Defense stock trade per day on average, nearly 1-million traded on Aug. 18. Despite the intraday highs, the stock price had fallen back to 32 cents per share by day's end.

    Times staff researcher Angie Holan contributed to this report. Scott Barancik can be reached at or (727)893-8751.

    $13,500 in three hours

    The SEC alleges that Aleksey Kamardin of Tampa made $13,499.19 in just over three hours on Aug. 18 by trading in St. Petersburg-based Cyber Defense Systems Inc. (CYDF). Officials say he used four hijacked brokerage accounts to drive up the stock price to a 52-week high. Here's how it was done:

    10:04 a.m. to 10:41 a.m.: Kamardin purchases 39,000 shares of CYDF at prices ranging from 36 cents to 40 cents per share.

    12:23 p.m. to 1:20 p.m.: A total of 67,406 shares of CYDF are purchased in a hijacked eTrade account.

    12:28 p.m. to 1:31 p.m.: A total of 75,000 shares of CYDF are purchased in two hijacked TD Ameritrade accounts.

    12:39 p.m. to 1:11 p.m.: A total of 44,900 CYDF shares are purchased in a hijacked Schwab account.

    1:12 p.m.: Kamardin sells all 39,000 of his CYDF shares for 73 cents per share, realizing a $13,499.19 profit.

    Source: Securities and Exchange Commission
    #18     Jan 30, 2007
  9. HotTip


    Does identity theft mostly occur using keyloggers, and can I defend against them just by using password encryptors where all I do is copy/paste onto the broker's password field so that I don't have to manually type it in? That defense seems so rudimentary. I would think that sophisticated hackers could figure out a way to track what's passed to the broker's server as a login ID and password without reading the keystrokes, unless SSL completely negates that possibility.

    Any thoughts?
    #19     Feb 7, 2007