Subscribe
About

Scorpions bust online fraudsters

By Leon Engelbrecht, ITWeb senior writer
Johannesburg, 10 Apr 2007

A former IT insider will spend the next three years in prison after being stung by the Scorpions last month. In what the Scorpions describe as a South African first, the man was caught raiding the pockets of Standard Bank account-holders.

"The Directorate of Special Operations carried out a sting operation where the suspect was caught red-handed at OR Tambo International Airport, where the person was arrested [while] using Internet facilities," says Scorpions spokesman Tlali Tlali.

"The suspect had accessed accounts of three clients belonging to one of the commercial banks."

Media reports last week suggested the accounts were those of Standard Bank clients. The accounts were still open on the man`s laptop when he was arrested.

The man, said to be in his 30s, was arrested at an airport hotspot on 6 March. He was convicted on 3 April, after a plea bargain, and jailed for eight years, five of them suspended.

Tlali says two other people were also arrested and have since been convicted, but no details were immediately available. Tlali says more arrests regarding online banking fraud and theft are expected. Law enforcers are, therefore, reluctant to confirm the identities of the crooks lest it impede an ongoing investigation.

Hacking spree

He adds the value of the theft, had it succeeded, would have been about R1.3 million. "We have by and large uncovered their recipe. We have conducted investigations over a period of time and we have searched about 50 premises where we were able to pick up leads. Three people have been convicted," he adds.

All three are serving jail-time for fraud and money laundering, the latter an offence under the Prevention of Organised Crime Act.

The Star reported on Thursday that the syndicate is believed to be behind the spate of hacking attacks on clients of all the major banks. The paper described the 30-something man as a Kempton Park "IT expert", who owns a top-of-the-range Porsche. It adds he began a life of cyber crime in December 2005 when approached by members of an online fraud syndicate who gave him account details.

His first successful hack was a First National Bank client on 24 December 2005. Using sophisticated software and hardware key-loggers to glean people`s sensitive login details, he was able to transfer R9.8 million from an individual`s bank account into multiple accounts he had set up. After that successful attack, he continued to pillage numerous other online accounts.

In December last year, Standard Bank discovered the man was trying to gain access to customers` accounts. A sting operation was then put in place.

Related stories:
Co-operation, paradigm shift thinking will overcome `phishing` menace
Phishing attempts on the rise
UK banks tackle Internet fraud

Share