Recover Lost Documents

Two Nigerians and a Frenchman were sentenced to prison recently for defrauding people out of more than $1.2 million in a massive e-mail scam, the U.S. Department of Justice said.

Jeremy Kirk stated in his report for the IDG News Service that Nnamdi Chizuba Anisiobi of Nigeria was sentenced to 87 months in prison, while Anthony Friday Ehis, of France, and Kesandu Egwuonwu, of Nigeria, were sentenced to 57 months.

The DOJ said that all three pleaded guilty to one count of conspiracy, eight counts of wire fraud and one count of mail fraud.

The three men executed so-called advance fee frauds in which victims were told their help was needed for charity money distribution. In exchange, victims were promised that they would get a commission that would go to their choice of a charity, the DOJ said.

In one instance of the scam, people were sent an e-mail supposedly from someone suffering from terminal throat cancer who needed help distributing $55 million in charity funds. The victims were told they would receive a 20 percent commission that would go to a charity of their choosing for their efforts.

The DOJ said that the scam appeared to be legitimate because the scammers sent photos of the supposed throat cancer victim, along with other phony documents that seemingly confirmed the $55 million funds.

Because of the prevalence of advance fee frauds, the Advance Fee Fraud Coalition was formed in late 2008 to educate the public about the frauds as well as bring about closer cooperation between police officials and the industry.

According to Google, during the second half of March, spam returned to the levels last seen just prior to the late 2008 takedown of McColo, a hosting service that was infamous for providing supposedly foolproof services to cybercrooks who wanted to keep their servers running at all costs.

Robert McMillan stated in his report for the IDG News Service that when McColo was taken offline, it had a tremendous effect on the world’s junk e-mail. Spam levels lowered by half when the company’s upstream Internet service providers, Global Crossing and Hurricane Electric, refused to service the ISP.

Amanda Kleha, a Google spokeswoman, stated that spammers have seemingly rallied following McColo’s takedown and that overall spam volume growth during the first quarter of 2009 was the strongest it’s been since the beginning of 2008. Kleha stated that spam has shown an increase of an average of 1.2 percent per day.

Kleha said that spammers seem to be building more powerful botnets to deliver their unwanted mail and they also appear to be taking steps to avoid making their ISPs the kind of obvious target that McColo was.

Richard Cox, CIO of anti-spam organization Spamhus, stated in an e-mail interview that cybercriminals are building new botnets, like Conflicker, which are designed to be extremely difficult to take down.

Kleha added that spammers, unfortunately, appear to be here to stay.

A New Zealand engineering student deliberately deleted critical information from his employer’s computer backup system, which cost the company hundreds of thousands of dollars in lost business and data recovery.

Leigh Van Der Stoep stated in a report for the Sunday Star Times that Gareth Pert nearly crippled Hamilton business Progressive Hydraulics through his vindictive actions, expressed Rodney Sharp, the company’s director.

The specialist engineering company hired on Pert while he was working on the completion of his degree at Waikato University two years ago. At that time, the company’s annual turnover was $1.5 million.

Pert pleaded guilty to unauthorized access of a system and intentional damage.

Police said that the data deleted was worth more than $150,000, but the true cost is unable to be calculated because of delayed or lost projects and time spent on recovery efforts.

Sharp stated that Pert tricked him into handing over a backup file containing information about international patents, critical data on projects and five years’ worth of engineering drawings.

The file was kept off-site but Pert told Sharp that he needed to fix a file that was corrupt. Pert then wiped it out, as well as two other backups in two fire safes that were on the premises.

Specialists in computer forensics could recover only 40% of the lost data.

Sharp stated that Pert’s motivation was that he believed he was more valuable than he was getting paid. Sharp confronted Pert when it was discovered that he was doctoring his timesheets and, later, Pert wiped out the backups and never returned to work.

The company has recovered from the setback, but Sharp cautions that others should not be too trusting. Sharp believes that electronic data is worth more than people think, and it’s not until you lose it that you realize its importance to your business.

Researchers from a U.K.-based security firm found a Web site that was used as a stash house for data from 160,000 infected computers before it was recently shut down.

Jordan Robertson stated in a report for The Associated Press that the Web site that security firm Prevx found, which was operating on a server in the Ukraine, was still online for nearly a month after security researchers alerted the Internet service provider and officials in law enforcement. The site was taking in data from 5,000 newly infected computers with each day.

The victims in the Prevx find consisted mostly of everyday people handing over their passwords for Facebook and bank sites, along with their personal notes and other e-mail communications. But more crucial information is also there, such as Social Security numbers and other account information from one bank’s infected computer.

Caches of stolen data like these are hidden throughout the Web, commonly locked away inside password-protected sites or servers that are very heavily fortified. Researchers at Prevx were able to get into the site because it was protected with poor encryption.

This find, unfortunately, illustrates how even inexperienced cybercriminals can take up limitless amounts of information through massive “botnets,” which are armies of infected computers formed by spreading a computer virus that controls compromised machines to send out spam or relay passwords, for example.

The botnet Prevx found was only taking data, though Prevx stated that it could have been upgraded to do other things.

Some victims had an immense amount of sensitive data. An infected computer at a bank in Georgia exposed customer details and credentials for the bank’s wire-transfer system.

Government computers were also affected, including one in Texas that revealed Web site logins for one of the government’s health care providers, and another in North Carolina that disclosed access to an agency’s human resources system.

Prevx said it alerted the site’s Internet provider, the FBI and U.K. authorities about the breach it uncovered. The company also notified the affected bank, Metro City Bank, which is based in Doraville, Georgia. Prevx stated that the bank has removed the infected computer.

The bank said in a statement that it is letting customers know of the incident and is investigating it. State officials in North Carolina and Texas did not comment on the breaches there. The FBI also did not provide a comment on the breaches.