East European Hackers Invade Online Brokerage Accounts

Using spyware loaded on public computers in internet cafes or hotels or attached to email messages to potential victims, hi-tech crooks, operating from remote locations, have been able to enter online brokerage accounts in the U.S. and either sell off the contents and take the proceeds or manipulate stock prices, according to regulators at the Securities and Exchange Commission (SEC), Reuters reports. “We’re seeing these frauds in offshore entities and persons, including those located in Eastern Europe,” said the agency’s chief of internal enforcement, John Stark, and the SEC is engaged in far-flung investigations.

Stark said that the recent surge in complaints to the SEC could be explained in part because “It’s easier and with all the spyware, and keystroke logging programs have become easier to use and more ubiquitous. More and more people are doing things online as well.”

The SEC is investigating both the online transactions and associated money-laundering activities of the hackers. In one scheme, Stark said, according to the Australian, spyware loaded on a victim’s computer, or a public computer, will email a brokerage account holder’s user name and password back to the hacker who will log on to the account and sell all the securities in it. The money is then wired out to various individuals, recruited by the hacker, who open bank accounts through which the money is laundered.

Another scheme, called “pump and dump,” according to Walter Ricciardi, deputy enforcement director for the SEC, involves the hacker purchasing stock in small companies held in the brokerage account, entering the brokerage account and liquidating these holdings, then using the proceeds to buy them for the hacker’s account, hoping to drive the price up. The proceeds from this scheme are wired to offshore accounts, Stark said.

European IT security professionals said they were more afraid of hackers than their mothers-in-law, with 70 percent identifying identity management as their biggest concern, according to a survey of delegates to the RSA Conference Europe, to be held this month in Nice. Web viruses were considered a greater threat than email viruses by 68 percent of the survey’s respondents. Mobile phone viruses were considered the least significant threat.

Online investors make about 25 percent of retail stock trades in the U.S. from approximately 10 million accounts, according to brokerage regulator NASD, Reuters says.

The SEC is working to track down the hackers and to educate online investors, Stark says,. Investors should never use an unfamiliar computer to access an account and should change passwords frequently.

You may like these other stories...

Accounting group pushes back against retirement age scrutinyMichael Rapoport of the Wall Street Journal reported that the American Institute of CPAs (AICPA) on Monday pushed back against federal regulators who are again...
There's still time to take advantage of last-minute, tax-saving moves for dependency exemptions. For 2014, there are bigger dependency exemptions, as well as rules that, in some cases, are dauntingly complex.The 2014...
Tesco accounting probe finds “inappropriate behavior” by staff – reportsClare Hutchison of Reuters wrote on Sunday that an investigation into a 250 million-pound ($402 million) profit overstatement at...

Already a member? log in here.

Upcoming CPE Webinars

Oct 22This webinar will include discussions of important issues in AU-C 800, Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks.
Oct 23Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.
Oct 30Many Excel users have a love-hate relationship with workbook links.
Nov 5Join CPA thought leader and peer reviewer Rob Cameron and learn ways to improve the outcome of your peer reviews while maximizing the value of your engagement workflow.