parla dove sono quelli che imbrogliano su ebay e come evitare le truffe.
mi dispiace che sono rumeni.
Parla inoltre del rappresentante E-bay che è andato in Ramnicu-Valcea per trovare i hacker che girano ogni anno milioni di euro.
http://zdarova.it/ingegneria/hacker-rompres.jpg
By Ian Wylie
This small industrial center in the foothills of the Carpathian
Mountains is not Albena Spasova’s favorite destination. Driving the
twisting highway makes her ill. Once she arrives, danger lurks.
U.S. Secret Service agents escort her, for her safety. Over the
last two years, they have kept watch on dozens of trips, some lasting
weeks, others months, as she has spent long days foraging through
case files with local police and long nights holed up in one of the
town’s few hotels, with her windows locked. “You don’t know who to trust there. You can’t use the hotel phone
line. When you step outside, you can spot the local hackers in their
cars, circling around,” said Spasova, 33. “The Secret Service agents
always book my accommodation and make sure I’m in a room next to them.” Ramnicu Valcea is an improbable capital of anything, but this
obscure town is a global center of Internet and credit card fraud.
And Spasova is an accomplished online fraud buster, helping to take
down cyber-crime gangs across Romania. She isn’t an FBI agent,
though, nor a Romanian police officer. Spasova works for EBay Inc. No one, it turns out, does Internet auction fraud like the
Romanians. Bulgarians specialize in intellectual property theft;
Ukraine is a leader in online credit card crime; the Russians have a
profitable niche in Internet dating fraud. But when it comes to online auctions, particularly for big-ticket
items such as cars that can yield $5,000 a scam, Romanians own the
game. Romanian police estimate that cyber-crime is now a
multimillion-dollar national industry, as important to organized
criminals here as drug smuggling or human trafficking. The Internet Crime Complaint Center, a partnership between the FBI
and the National White Collar Crime Center, ranks Romania fifth in
its table of naughty nations. But most experts agree that doesn’t
give Romanian criminals their due. Much of the cash being made on
auction fraud reported as originating in the U.S., Canada, Britain,
Spain or Italy is actually being picked up in those countries by
Romanian money mules. An EBay fraud ring busted last year in Chicago,
for example, has been traced to Pitesti, Romania. EBay, which doesn’t even operate a site in Romania, won’t talk
dollar figures but acknowledges that the country is the No. 1 source
of “professional fraud.” On a November 2006 visit to the Romanian
capital, Bucharest, FBI Director Robert Mueller said the vast
majority of Internet fraud committed on “one prominent U.S. online
auction website is connected to Romania or Romanians.” That poses a problem for EBay. The San Jose-based auction giant
has built its popularity and staked its reputation on self-policing
feedback. Its system depends on buyers and sellers trusting one
another – to send money and to deliver the goods. Yet EBay users are
the daily targets of phishing scams, spoof e-mails and fake listing
attacks. Such schemes don’t cost EBay any money. But some of its
customers pay dearly. And they expect EBay to do something about it. “The fraudsters need to know we’re coming after them,” said Rob
Chesnut, Spasova’s boss and a former federal prosecutor who set up
EBay’s Trust and Safety division. “EBay doesn’t have a product. We
are in the trust business: making people feel comfortable doing
business with someone they don’t know,” he said. “If the bad guys
have no fear of prosecution, they will continue to try to defraud
users. So there has to be a cost to trying.”Computer experts Romania is a grim place in more ways than one. Former pro-Nazi
regime, then Soviet outpost, then weird Communist dictatorship and
now developing nation: Per-capita income here is just one-third the
European Union average. Fearing a flood of cheap labor, most European
countries have barred or restricted Romanians from job hunting in
their countries. The country is dotted with shuttered factories, such as the
Aerofina plant on the outskirts of Bucharest, opposite a potholed
parking lot. This plant once built missile launchers and ejector
seats for the Romanian air force’s MiG-15s. These days, though, there’s something different going on here.
Spread across the factory’s dimly lighted third floor, 30 young
Softwin computer programmers tap softly at their keyboards, tuning up
the antivirus engines that power BitDefender, a software package
starting at $25 that detects new computer viruses and releases
programs to fight them. In the last two years, BitDefender has been named a “Best Buy” by
PC World magazine and garnered other kudos from Consumer Reports and
the website TopTenReviews. IBM was impressed enough that it recently
inked a deal to integrate BitDefender’s anti-spyware and anti-virus
smarts into its own virus prevention system. Surprisingly, Romania has more than its fair share of homegrown
computer security talent. Besides Softwin, the Bucharest firm GeCAD
provided the technology for Microsoft’s Windows Live OneCare
anti-virus engine. Another half a dozen independent anti-virus
companies, among them AxelSoft, Avira and Provision, are active in
the capital; 11 more have been bought by foreign firms in the last
four years. Why here? “The respect for math is inside every family, even
simple families, who are very proud to say their children are good at
mathematics,” said Radu Gologan, a senior research scientist at the
Institute of Mathematics in downtown Bucharest. And the country has years of experience with computers. In the
1980s, Romania was considered a Soviet satellite state, but dictator
Nicolae Ceausescu hated bowing to the Russians. He refused to buy
computers from Moscow, demanding that Romania build its own. While
the Bulgarians built personal computers, Romania specialized in
minicomputers such as the Felix C, based on Honeywell Bull’s C11. Florin Talpes, now a local entrepreneur, learned the art of
reverse engineering at the Institute for Technology, Computing and Informatics. “We would get hold of a minicomputer … and take it apart,
reverse-engineering the operating system, the networking software,
the hardware,” Talpes said. “We developed a deep understanding, to
the level of bits, of computing architecture, processing and software
applications. We did it so that we could design a better operating
system, better software, better hardware.” Forced to learn every bit of American silicon, every line of code,
a generation of Romanians developed an aptitude for delving into the
innards of machine code, using reverse engineering to deconstruct,
anticipate and destroy viruses. But if you’re good at fixing the problems, you’re also good at
creating them. If you can stop viruses or Internet fraud, you’re also
in a position to make them happen.‘Second chance’ scams A classic Romanian scam is the “second chance auction.” The mark:
an EBay user who has narrowly lost an auction. The scammers can see
that the user was prepared to spend, say, $145 on a particular item.
They will then try to guess the user’s e-mail address so that they
can make contact off the EBay platform to offer a second chance to
buy the item. Users commonly have the same e-mail address as their
EBay user name, so the scammers may send out 50 e-mail messages using
an EBay user name and the most common domain names such as Gmail,
Hotmail and Yahoo. The Romanian scammers then cook up elaborate stories to persuade
their victims to send money via unrecoverable methods such as Western
Union – even instructing people not to tell Western Union the
payment is for an EBay transaction, claiming Western Union will
charge them an EBay surcharge of 10% (it doesn’t), and instead to say
they’re sending money to their Romanian cousin. FBI Special Agent Gary Dickson, who works out of the U.S. Embassy
in Bucharast helping EBay and other Internet companies chase down
online auction and credit card fraudsters, says Romanian criminals
are getting smarter. “These gangs are very professional and take pains to avoid being
detected,” Dickson said. “They are highly organized and
compartmentalized and use lots of middlemen. Everyone has a different
job to do, and they communicate in different ways to avoid being
intercepted. The whole operation is run just like a business.” A typical gang might have a “copy and paste” department,
responsible purely for e-mailing pre-written scripts in reply to
questions from EBay bidders. Some workers might create or buy
phishing or escrow websites; another acquires fraudulent credit card
details; others get fake IDs for couriers. The gang might hire a
dozen students via online job boards, renting them an apartment where
they do nothing but copy and paste e-mails. After maybe three months,
this “factory” will disband as the gang moves elsewhere. It’s old-style fraud using high-tech tools. Romanian scammers are
fond of using prepaid wireless modems that make it easier for them to
avoid being traced. Some gangs also set up their own Internet service
providers to escape or delay detection.EBay’s crime fighters Spasova – backed up by an EBay developer, analyst and data
administrator – began hunting down Romanian fraudsters for the
online auctioneer in 2005. The first time she traveled to Ramnicu
Valcea, she found just two law enforcement officers trying to clear a
backlog of more than 200 EBay cases, armed with one 9-year-old
computer and no Internet connection. To go online, the police had to
use the same Internet cafes frequented by the fraudsters. “There are a lot of scammers in Romania who believe they are
untouchable, immune,” EBay’s Chesnut says. “They’re sitting in their
apartments in Ramnicu Valcea feeling like, ‘There’s no way EBay is
going to get me.’ ” But Spasova knew the situation wasn’t hopeless – if local
authorities could get more training and technical help. Spasova, Bulgarian by birth, was educated at a Bucharest
university and worked for the American Bar Assn. after the fall of
communism in the region, promoting law reform in Moldova and
Bulgaria. By the end of the 1990s, she was helping the association
train law enforcement officers, judges and prosecutors to counter
money laundering and the emerging threat of cyber-crime. “Even in 2001, I was meeting judges who thought cyber-crime was
someone stealing a computer,” she says. To give the Romanian police a fighting chance, EBay has donated
computers, digital cameras and Internet connections. In her first 12
months on the job, Spasova established relationships with law
enforcement officers in 24 of Romania’s 42 districts and with local ISPs. After she had won their confidence, Spasova and her small team
began working cases with local police, matching evidence with data
from EBay’s Fraud Investigation Team database, such as the Internet
protocol addresses, which are unique to each computer, used when a
fraudulent auction was posted – the sort of information that could
help police pinpoint the scammers’ location and begin surveillance.
Through Spasova, the U.S. Secret Service also pitched in, donating
forensic software and providing intelligence on fraud networks from
its field agents. But moving cases from the investigative to the judicial stage is
another challenge. Spasova has been educating Romanian prosecutors
too, explaining the nuances of phishing and other ways in which EBay
accounts are compromised “so that when a prosecutor goes to a judge,
he can use layman’s language rather than terms the judge will not be
familiar with.” In the last two years, Spasova and her colleagues have trained
hundreds of prosecutors and a magistrate from each province on
dealing with cyber-crime. Virgil Spiridon, chief of the Romania national police’s 4-year-old
cyber-crime unit, rattles off some of the headway his team of 10
investigators has been making. “Last year, 115 people were arrested and 831 crimes identified by
police,” Spiridon reads from his notebook. “We pressed charges
against 61 people, identified 65 organized groups and 28 cases have
been sent to the courts.” He pauses and looks up. “But we are running to keep up.” Most of the arrests to date have been of low-level couriers and
money mules – the bagmen, not the brains at the top, the FBI’s
Dickson said. Likewise, Spasova acknowledges the mammoth task that
still lies ahead of the chronically understaffed and underfunded
Romanian police. “In Ramnicu Valcea, police raided a local Internet cafe and
arrested kids doing fraud,” she says. “But two hours later, they
returned and found others had taken their place.” There are cultural and structural obstacles too. Under Romanian
law, for example, victims of Internet fraud must send police a signed
complaint and be represented at the hearing, which makes pressing a
case on behalf of an American EBay customer nearly impossible. “The judicial process can take forever,” Spasova says. “Because
the victims aren’t present, there is no sense of immediacy. It’s hard
to know who to trust when the mothers and fathers of fraudsters know
the mother and father of the judge or local politicians.” Romania has taught EBay a lesson: the importance of “addressing a
problem region before we have a problem,” said Matt Henley, senior
manager of EBay’s Technical Investigations and Analysis Group, who
has spent time with Spasova in Romania. Henley says EBay is now alert
to threats from “regions we weren’t paying attention to” and, thanks
to Romania, has a ready-to-deploy government-relations-in-a-box
program it can take anywhere in the world. Spasova has a new assignment from EBay: persuading Interpol,
Europol and law enforcement agencies across Europe to communicate
directly with one another and EBay on cyber-crime issues. But her
jaunts to Ramnicu Valcea will continue. “Even though these frauds are not happening on our platform, we’re
not showing a loss, and there are no victims in court … we’re
sending out a message that someone is taking care of this,” she says.