East European Hackers Invade Online Brokerage Accounts

Using spyware loaded on public computers in internet cafes or hotels or attached to email messages to potential victims, hi-tech crooks, operating from remote locations, have been able to enter online brokerage accounts in the U.S. and either sell off the contents and take the proceeds or manipulate stock prices, according to regulators at the Securities and Exchange Commission (SEC), Reuters reports. “We’re seeing these frauds in offshore entities and persons, including those located in Eastern Europe,” said the agency’s chief of internal enforcement, John Stark, and the SEC is engaged in far-flung investigations.

Stark said that the recent surge in complaints to the SEC could be explained in part because “It’s easier and with all the spyware, and keystroke logging programs have become easier to use and more ubiquitous. More and more people are doing things online as well.”

The SEC is investigating both the online transactions and associated money-laundering activities of the hackers. In one scheme, Stark said, according to the Australian, spyware loaded on a victim’s computer, or a public computer, will email a brokerage account holder’s user name and password back to the hacker who will log on to the account and sell all the securities in it. The money is then wired out to various individuals, recruited by the hacker, who open bank accounts through which the money is laundered.

Another scheme, called “pump and dump,” according to Walter Ricciardi, deputy enforcement director for the SEC, involves the hacker purchasing stock in small companies held in the brokerage account, entering the brokerage account and liquidating these holdings, then using the proceeds to buy them for the hacker’s account, hoping to drive the price up. The proceeds from this scheme are wired to offshore accounts, Stark said.

European IT security professionals said they were more afraid of hackers than their mothers-in-law, with 70 percent identifying identity management as their biggest concern, according to a survey of delegates to the RSA Conference Europe, to be held this month in Nice. Web viruses were considered a greater threat than email viruses by 68 percent of the survey’s respondents. Mobile phone viruses were considered the least significant threat.

Online investors make about 25 percent of retail stock trades in the U.S. from approximately 10 million accounts, according to brokerage regulator NASD, Reuters says.

The SEC is working to track down the hackers and to educate online investors, Stark says,. Investors should never use an unfamiliar computer to access an account and should change passwords frequently.

You may like these other stories...

The IRS requires most freelancers and other self-employed individuals to use the cash method of accounting, under which income isn't counted until cash, a check, or an e-payment is received, and expenses aren't...
Ernst & Young 2013 audit deficiency rate 49%, regulators sayMichael Rapoport of the Wall Street Journal reported on Thursday that the Public Company Accounting Oversight Board (PCAOB) found deficiencies in 28 of the...
Some of your clients may get away to business conventions from time to time. It gives them a chance to rub shoulders with colleagues, catch up on the latest developments, and fine-tune their skills. And, when the meetings or...

Already a member? log in here.

Upcoming CPE Webinars

Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 10
Transfer your knowledge and experience to prepare your team for the challenges and opportunities of an accounting career.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.
Sep 24
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.