By Jeremy Grant in Washington
Oct 14, 2006
Hackers based in eastern Europe are looting online brokerage accounts in
the US in increasing numbers, US regulators said on Friday, a sign that
a new type of cyber-fraud is hitting the financial services industry.
The Securities and Exchange Commission said it had received a surge in
the number of complaints about online account break-ins by hackers "in
the last few months".
John Stark, chief of the regulator's office of internal enforcement in
existence since 1998 said: "We have had more investigations in this area
than we've ever had before."
Asked why the phenomenon had grown, he told the Financial Times: "It's
easier with all the spyware and keystroke logging programmes have become
easier to use, and more ubiquitous. More and more people are doing
things online as well."
In one typical scheme, hackers will use internet spyware to get hold of
an account holder's user name and password, logging on to an online
brokerage account and selling all the securities in it, he said.
The money is then wired out through intermediaries recruited by the
fraudsters who then open ordinary bank accounts, through which the money
Alternatively, in a scheme called a "pump", the hacker breaks into an
online account after buying up a basket of small, listed companies,
liquidates all the securities in the account and uses the proceeds to
buy the same companies online in the hope of driving the stocks' prices
"If they succeed in the pump then they wire that money offshore," Mr
Ameritrade, one of the largest online brokerages, earlier this year
offered to re-imburse customers if their online accounts had been
Mr Stark said many such "intrusions" were being orchestrated from
outside the US, especially eastern Europe, Russia and the Ukraine.
The SEC was working with enforcement authorities in those countries. But
he said the offshore locations of the fraudsters made tackling such
"The challenge is that when the money's been laundered and moved through
anonymous wiring services it becomes tougher. But we do have some
investigations going and we expect to bring some cases."
Copyright The Financial Times Ltd. All rights reserved.
Visit the InfoSec News store!