Category Archives: Theft

Hospitality Industry Information Security: British Courts Jail Operators Of World's Largest Internet Crime "Forum" Which Provided "Hacking Software" And Credit Card Theft Instructions

The site contained manuals such as “14 ways of hacking credit cards” and “running cards on eBay” and information on staying anonymous. It sold hacking software and instructions on how to manufacture crystal meth and explosives.

Nicholas Webber, who masterminded the criminal website Ghostmarket.net, has been jailed for five years.

Three teenagers who founded and operated one of the world’s largest English-language internet crime forums, described in court as “Crimebook”, have been sentenced to up to five years in custody. Police estimate that losses from the thousands of credit details traded over the site, Gh0stMarket.net, amount to £16.2m. The web forum, which had 8,000 members worldwide, has been linked to hundreds of thousands of pounds of registered losses on 65,000 bank accounts.

Nicholas Webber, the site’s owner and founder, was arrested in October 2009 with the site’s administrator, Ryan Thomas, after trying to pay a £1,000 hotel bill using stolen card details. They were then 18 and 17. Webber was jailed for five years on Wednesday and Thomas for four years.

After seizing Webber’s laptop, police discovered details of 100,000 stolen credit cards and a trail back to the Gh0stMarket website. Webber and Thomas jumped bail that December, fleeing to Majorca, but were rearrested when they flew back to Gatwick airport on 31 January 2010.

Southwark crown court was told how public-school-educated Webber, the son of a former Guernsey politician, was using an offshore bank account in Costa Rica to process funds from the frauds. After his initial arrest, Webber threatened on a forum to blow up the head of the police e-crimes unit in retaliation, and used his hacking skills to trace officers’ addresses.

For more:  http://www.guardian.co.uk/uk/2011/mar/02/ghostmarket-web-scam-teenagers

Comments Off on Hospitality Industry Information Security: British Courts Jail Operators Of World's Largest Internet Crime "Forum" Which Provided "Hacking Software" And Credit Card Theft Instructions

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Technology, Theft

Hospitality Industry Internet Risks: Hotel Management Must Train Employees To "Check Security Software And Certifications On Websites" To Prevent Downloading Internet Viruses

“These Internet scammers are very sophisticated…They’ll send an e-mail that looks like eBay or PayPal, asking for your information. The attorney general speaks often about Internet safety, and he encourages consumers to check the security software and certifications on websites and never store their personal information there. We have an identity theft protection tool on our website, www.Ag.ky.gov…”

Every website you visit tags your computer with a tracking device called a “cookie.” Your every move online — e-mail, downloads, credit-card purchases — is stored on your own computer’s hard drive as a digital footprint, even though you religiously delete and empty your recycle bin.

(A woman) was digitally minding her own business and was accosted by a phony website phishing for her personal information — something all too common on the Internet. As technology insidiously pervades every aspect of life, personal privacy becomes more endangered and difficult to maintain. Erik Eckel, a managing partner at Louisville Geek and Berg’s computer service tech, called her problem “one of the biggest trends we’ve seen.

Users will click on a link on someone’s Facebook page, or travel to a site that’s infected and they receive a pop-up window saying, ‘You’re infected. You want to go ahead and license the software? Only $39.95.’ The pop-up won’t go away, people buy it and then an illegitimate user has their credit-card number.” And then there are hackers, like David Kernel, now serving a yearlong sentence at the Ashland Federal Correctional Institution in Kentucky for invading Republican vice presidential candidate Sarah Palin’s private e-mail account during the 2008 election and sharing her password and telephone number.

Even Kentucky Attorney General Jack Conway was a victim of identity theft, weeks after announcing a special unit on cybercrime.

For more:  http://www.courier-journal.com/article/20110222/FEATURES/302220033/With-latest-Web-perils-it-s-wise-to-be-paranoid?odyssey=tab%7Cmostpopular%7Ctext%7CFEATURES

Comments Off on Hospitality Industry Internet Risks: Hotel Management Must Train Employees To "Check Security Software And Certifications On Websites" To Prevent Downloading Internet Viruses

Filed under Crime, Guest Issues, Labor Issues, Management And Ownership, Risk Management, Technology, Theft

Hotel Industry Security Risks: Importance Of Security Cameras And Securely-Locked Doors Seen In Robbery And Assault Of Louisiana Hotel Guests

It’s believed the two men by-passed the front desk and slipped into the hotel through the back door as someone else was leaving. Security cameras show they went directly to the elevator and proceeded to the 6th floor.

The Sleep Inn Hotel in Kenner is where police say three guests were terrorized inside their 6th floor hotel room. Security cameras are posted in all public areas of the hotel.

That’s how detectives obtained pictures of the men they say robbed the victims at gunpoint and took off. “We know there was some property taken but we don’t have a whole lot of information about that right now,” says McInnis.

WGNO Reporter, Darian Trotter says, “The fact that there were other guests on the 6th floor, but no other robberies reported, leads investigators to believe the victims may have been targeted.”

Lt. McInnis says he showed the victims pictures from security cameras. “They said these are the two individuals who burst into the room carrying firearms and robbed us,” McInnis says. He says the victims had never seen the gunmen before, and therefore did not know their names or any information that might help police identify them.

For more:  http://www.neworleans.com/news/local-news/559140.html

Comments Off on Hotel Industry Security Risks: Importance Of Security Cameras And Securely-Locked Doors Seen In Robbery And Assault Of Louisiana Hotel Guests

Filed under Crime, Guest Issues, Insurance, Liability, Maintenance, Management And Ownership, Risk Management, Theft

Hotel Industry Theft Risks: Hotel Management Must Make Valet Parking Areas Secure From Thieves Who Hide In Vehicles

Police said a casino surveillance video shows a man handing his Hummer over to the valet. The valet parked the Hummer in the casino’s secured lot without knowing there were three men hiding inside the vehicle. The men had access to all the cars parked in the lot, police said.

 Three Cadillac Escalades were stolen from a secured valet parking lot Saturday at Detroit’s MGM Casino Hotel, police said. The video shows the men stealing the Escalades.

When hotel customers asked the valet employees to retrieve their vehicles, the drivers were puzzled to find that the Escalades had disappeared from the parking lot. It may sound like a clever crime, but this same type of theft was acted out in an episode of the TV show “Las Vegas.” The episode was re-run last week. The men could have been copying the fictional thieves.

For more:  http://www.clickondetroit.com/news/26439694/detail.html#

Comments Off on Hotel Industry Theft Risks: Hotel Management Must Make Valet Parking Areas Secure From Thieves Who Hide In Vehicles

Filed under Crime, Insurance, Liability, Risk Management, Theft

Hospitality Industry Internet Security Risks: Hotels Can Offer Wireless Internet With WPA2 (Wi-Fi Protected Access 2) To Offer Guests Greatest Wireless Security

IS WIRELESS INTERNET IN HOTELS SAFE?

  • The short answer is: No. Wi-Fi was born to be convenient, not secure. Unsecured, unprotected wireless is everywhere. When a device connects to unprotected Wi-Fi, all the data stored on that device is available to a hacker with the proper sniffing tools.
  • The longer answer is: It depends on what kind of wireless that is provided.
  • Free, unsecured Wi-Fi is the least secure. Any Wi-Fi connection, whether in public, at home, or in the office, that is shared with anyone with any wireless device, lacks encryption of the data packets streaming from the connected devices.
  • A simple Firefox add-on called Firesheep can allow anyone with a Firefox browser to sniff out other devices using the same Internet connection, and to spy on their browser activity. Even if the victim’s login is encrypted, once they visit an unencrypted site, their data becomes vulnerable.
  • Wi-Fi with a WEP encryption is slightly more secure. Wired Equivalent Privacy was introduced in 1997 and is the original version of wireless network security. But WEP has been cracked, hacked, and decimated.
  • Wi-Fi with a WPA encryption is better. Wi-Fi Protected Access is a certification program that was created in response to several serious weaknesses researchers found in WEP, the previous system. WPA and WPA2 are tougher to crack, but not impossible.
  • Mobile Broadband has a degree of encryption that has been cracked, but the necessary hardware isn’t widely deployed by criminals. Researchers have demonstrated how the system can be hacked, but it’s still more secure than other options.
  • WPA2 Wireless Internet IS THE MOST SECURE 

For more:  http://advice.cio.com/robertsiciliano/14923/hacking_wireless_for_identity_theft

Comments Off on Hospitality Industry Internet Security Risks: Hotels Can Offer Wireless Internet With WPA2 (Wi-Fi Protected Access 2) To Offer Guests Greatest Wireless Security

Filed under Guest Issues, Management And Ownership, Risk Management, Technology, Theft

Hospitality Industry Information Security Risk: Study Finds Indentity Fraud Increased by 12% In 2009 To $54 Billion

Javelin Strategy & Research, a group that does studies on identity theft and fraud, released its 2010 Identity Fraud Survey Report toward the beginning of the year. It found that the top two types of personal identification being compromised in a data breach were:
  • Victim’s full name (63%)
  • Physical address (37 percent).
  • Social Security numbers being compromised in data breaches decreased from 38 percent in 2008 to 32 percent in 2009.

It also reported that the number of identity fraud victims in the United States had increased by 12 percent to 11.1 million adults in 2009, the annual fraud amount increased by 12.5 percent to $54 billion.

But the study also found that an increasing number of consumers are fighting back against identity theft and taking necessary precautions to preserve their personal information.

The average fraud resolution time dropped 30 percent to 21 hours, and nearly half of all victims were reported to have filed police reports that ended up doubling the reported arrests, tripling the prosecutions, and doubling the percentage of convictions in 2009.

“The 2010 Identity Fraud Survey Report shows that fraud increased for the second straight year and is at the highest rate since Javelin began this report in 2003,” said James Van Dyke, president and founder of Javelin Strategy & Research.

“The good news is consumers are getting more aggressive in monitoring, detecting and preventing fraud with the help of technology and partnerships with financial institutions, government agencies and resolution services.”

Javelin researchers believe the increase in fraud is due in part to the economic downturn, when historically fraud increases.

Robert Siciliano, a researcher with McAfee Inc., identified the top 10 riskiest places for people to lose their Social Security numbers, with colleges and universities coming in at number one. Banking and financial institutions were second and hospitals were third.

According to identitytheftlabs.com, younger adults and small business owners tend to be the victims of identity theft because they often engage in “risky activities” that can lead to them being victimized more frequently.

Read more: The Daily Home – Fight back against identity theft

2 Comments

Filed under Guest Issues, Liability, Management And Ownership, Risk Management, Theft

Hospitality Industry Identity Theft: Las Vegas Hotel Industry Is Target Of Cybercriminals Who “Skim Wireless Transmissions” And Intercept Credit Card Data And PIN Numbers On Low-Cost/High Tech Devices

Law enforcement officers learned last week how easy it is to have one’s identity stolen when a cybercrimes expert powered a $30 machine and intercepted some of the wireless transmissions coming from their smart phones as they sat in a UNLV conference room.

“It’s absolutely an arms race,” said Feffer, who also investigates cybercrime for the Los Angeles County district attorney’s office. “You see vulnerabilities in software exploited by criminals. Then you see the software companies patch those vulnerabilities and then the criminals develop new ones. That’s why you have to make sure everything is up-to-date and currently patched. What was good last year is by no means safe this year.”

As cybercriminals seek new ways to outsmart police and the public, crime-fighting agencies are increasingly turning to cyber-experts to show them the latest high-tech equipment used in identity theft scams.

One of those experts is Justin Feffer, who conducts seminars for identity theft detectives nationwide on behalf of the FBI and LifeLock, an Arizona company that specializes in identity theft protection.

“It’s absolutely an arms race,” said Feffer, who also investigates cybercrime for the Los Angeles County district attorney’s office. “You see vulnerabilities in software exploited by criminals. Then you see the software companies patch those vulnerabilities and then the criminals develop new ones. That’s why you have to make sure everything is up-to-date and currently patched. What was good last year is by no means safe this year.”

That’s the reason nearly 100 officers from Metro Police, North Las Vegas, Henderson, the state Gaming Control Board and other agencies attended the conference.

It included a demonstration of skimming devices that criminals use to steal credit and debit card information, including PIN numbers, from card-swiping machines that have become increasingly present at Las Vegas restaurants and retail outlets.

Speaking outside the conference room, LifeLock spokesman Mike Prusinski emphasized the importance of training. “Most of the individuals in that room have absolutely no idea what a skimming device looks like or what the wiring looks like. We’re opening their eyes to these things.”

The interview took place outside the room because the FBI and LifeLock don’t want the public — including the media — to know what law enforcement is learning about the tricks of identity thieves.

Nevada has been a hotbed of identity theft for years. The state last year ranked fifth in the nation with 106 complaints per 100,000 residents — 2,802 complaints total — that were fielded by the Federal Trade Commission. That’s down from 130.2 complaints per 100,000 residents in 2005, when Nevada ranked second. The agency did not explain why the numbers for Nevada are down.

The FTC data paint only a partial picture of the problem because many victims file complaints only with police instead of also with the commission. But the number of identity theft crime reports filed with Metro from January through Nov. 13 — 2,063 — is down from the 2,440 filed during the same period in 2009.

For more:  http://www.lasvegassun.com/news/2010/dec/15/pickpockets-strike-through-ether/

2 Comments

Filed under Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Hospitality Industry Credit Card Risks: Hotel Owners And Management Must Store “Credit Card And Guest Receipts” In Secure Locations To Prevent Identity Theft

“… (the defendents) found boxes of monthly credit card receipts from previous hotel guests. Box by box, they and others lifted them from the hotel, officials allege…”

The receipts, officials say, helped the men manufacture counterfeit credit cards in document “boiler rooms” and card “chop shops,” which they then used to buy $300,000 worth of merchandise in Texas, Oklahoma and Louisiana.

The merchandise, which included tow trailers, televisions, all-terrain vehicles and tires, then was resold or pawned.

The hotel didn’t learn of the thefts until August 2008, and since then, federal investigators have learned at least 17,000 receipts were stolen in what they say is San Antonio’s largest identity theft case.

Details had remained sketchy until the ringleader, Ruben “Hollywood” Costello, 36, recently pleaded guilty to ID theft fraud conspiracy, access device fraud, and conspiracy to launder money, and documents in the case were unsealed.

They identify Jones, 34, as his partner in the crimes and name him and Flaharty, 31, as two people who helped take the records from the Emily Morgan.

They also reveal Costello used a network of associates, methamphetamine addicts and others to maintain the scheme, and used an Elmendorf trucking company he ran, RD&N Hauling, to launder the money.

The cardholders never realized their credit card accounts had been compromised until months, even years, after they stayed at the hotel. But the damage made it hard for some of them to get loans and left lingering headaches in trying to straight things out, officials said.“When you look at these types of crimes, you may think the victim is the vendor or the credit card companies,” Assistant U.S. Attorney Tom McHugh said. “What we see is that the person whose identity is stolen, his problems may go on for years.”

For more:  http://www.mysanantonio.com/news/local_news/article/Ringleader-pleads-in-S-A-s-largest-ID-theft-case-859510.php

Comments Off on Hospitality Industry Credit Card Risks: Hotel Owners And Management Must Store “Credit Card And Guest Receipts” In Secure Locations To Prevent Identity Theft

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Hotel Industry Cyber-Crime Risks: Hotels Are #1 Target For Credit Card Data Theft As Centralized Processing And Economic Downturn Delay Encryption Software Upgrades

 “Because of the downturn in the economy, a lot of industries have stopped upgrading their software,” he said. “So they’re very open for being hacked at any point.”
A recent study shows the hotel industry is especially open for being hacked.
 
“The main reason is they’re such a central hub for where people run their cards,” Jones said.

 
Recent studies show hackers steal credit card data from hotels more than any other industry. 

“It’s not if it’s going to happen, it’s when it’s going to happen,” said John Sileo, a Denver resident who had his credit card information stolen on a recent business trip. “The Driskill Hotel had an entire database of customer information stolen. Mine was one of them.”

“Because of the downturn in the economy, a lot of industries have stopped upgrading their software,” he said. “So they’re very open for being hacked at any point.”

A recent study shows the hotel industry is especially open for being hacked.

Ryan Jones, a data-security consultant with Trustwave, has been watching a steady increase in hotel hacking.

Trustwave found that out of all the hacking cases they investigated last year, 38 percent involved hotels, well ahead of financial services (banks) at 19 percent and retail at 14 percent.

Destination Hotels and Resorts, headquartered in Englewood, is just one of the major chains that got hacked.

This summer, they told guests at 21 hotels across the country that their credit cards might be compromised.”Because of the downturn in the economy, a lot of industries have stopped upgrading their software,” he said. “So they’re very open for being hacked at any point.”

A recent study shows the hotel industry is especially open for being hacked.

Ryan Jones, a data-security consultant with Trustwave, has been watching a steady increase in hotel hacking.

“The main reason is they’re such a central hub for where people run their cards,” Jones said.

Trustwave found that out of all the hacking cases they investigated last year, 38 percent involved hotels, well ahead of financial services (banks) at 19 percent and retail at 14 percent.

Destination Hotels and Resorts, headquartered in Englewood, is just one of the major chains that got hacked.

This summer, they told guests at 21 hotels across the country that their credit cards might be compromised.

For more:  http://www.thedenverchannel.com/money/25881609/detail.html

Comments Off on Hotel Industry Cyber-Crime Risks: Hotels Are #1 Target For Credit Card Data Theft As Centralized Processing And Economic Downturn Delay Encryption Software Upgrades

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Risk Management, Theft

Hotel Industry Guest Security Management: Hotel In Sweden Launches First Pilot Of Mobile Phone-Enabled “Keyless Entry And Check-In/Check-Out” Technology Using “Near Field Communication (NFC)” (Video)

[youtube=http://www.youtube.com/watch?v=YqeCNEvs4Xg&feature=player_embedded]

 NFC, Near Field Communication, is a short-range wireless communication technology standard that enables the exchange of data between devices over up to a 10 cm distance. Applications include contactless transactions such as payment and transit ticketing, keys, data transfers including electronic business cards, and access to online digital content.

A world’s first pilot is starting at the Clarion Hotel Stockholm in Sweden. ASSA ABLOY, Choice Hotels Scandinavia, TeliaSonera, VingCard Elsafe and Venyon, a fully owned subsidiary of Giesecke & Devrient, have joined forces to replace hotel room keys with NFC-enabled mobile phones. The technology makes it possible for hotel guests to check-in and out using their mobile phones. 

The goal of the pilot is to get feedback from guests and employees using the NFC phones for a variety of services. Guests will be able to check in to the hotel and receive the hotel room key directly onto their mobile phones before arriving at the hotel. Guests can also access other services via their mobile, and on departure, the check-out process using the phone promises to be easy and stress-free.

The technology also increases security. If a mobile phone is lost, the access credentials can be revoked remotely and then reissued. This makes it impossible for unauthorized people to use a lost or stolen NFC mobile phone.

For more:  http://www.hoteltechresource.com/article49844.html

4 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Theft