FBI warns of surge in wire-transfer fraud via spoofed emails

A computer keyboard is seen in this picture illustration taken in Bordeaux, Southwestern France, August 22, 2016. REUTERS/Regis Duvignau

By Alastair Sharp

(Reuters) – Attempts at cyber wire fraud globally, via emails purporting to be from trusted business associates, surged in the last seven months of 2016, the U.S. Federal Bureau of Investigation said in a warning to businesses.

Fraudsters sought to steal $5.3 billion through schemes known as business email compromise from October 2013 through December, the FBI said in a report released Thursday by its Internet Crime Complaint Center.(http://bit.ly/2qAEVBE)

The figure is up sharply from the FBI’s previous report which said thieves attempted to steal $3.1 billion from October 2013 through May 2016, according to a survey of cases from law enforcement agencies around the world.

The number of business-email compromise cases, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments, almost doubled from May to December of last year, rising to 40,203 from 22,143, the FBI said.

The survey does not track how much money was actually lost to criminals.

Robert Holmes, who studies business email compromise for security firm Proofpoint Inc <PFPT.O>, estimated the incidents collated by the FBI represent just 20 percent of the total, and that total actual losses could be as much as double the figures reported by the FBI.

The losses are growing as scammers become more sophisticated, delving deeper into corporate finance departments to find susceptible targets, he said.

“This is not a volume play; it’s a carefully researched play,” he said.

The United States is by far the biggest target market, though fraudsters have started to expand in other developed countries, including Australia, Britain, France and Germany, Holmes said.

The FBI has said that about one in four U.S. victims respond by wiring money to fraudsters. In some of those cases, authorities have been able to identify the crimes in time to help victims recover the funds from banks before the criminals pulled them out of the system.

The U.S. Department of Justice said in March that it had charged a Lithuanian man with orchestrating a fraudulent email scheme that had tricked agents and employees of two U.S.-based internet companies into wiring more than $100 million to overseas bank accounts.

Fraudsters have also used spoofed emails to trick corporate workers into releasing sensitive data, including wage and tax reports, according to the advisory.

(Reporting by Alastair Sharp in Toronto; Editing by Bernadette Baum and Lisa Shumaker)

‘Straw hat bandit’ arrested in 11 Pennsylvania bank robberies

A man the FBI identified as Richard Boyle, of Doylestown, Pennsylvania, known as the "Straw Hat Bandit," is pictured in this undated handout still image from video. FBI/Handout via REUTERS

By Joseph Ax

NEW YORK (Reuters) – A Pennsylvania bank robber who earned the nickname “straw hat bandit” for wearing colorful head wear during heists was arrested on Thursday for a string of 11 robberies, authorities said.

Richard Boyle, 57, was expected to appear in federal court on Thursday on charges that he robbed the banks in suburban Pennsylvania between 2012 and 2016.

Boyle previously served three years in prison after pleading guilty in 2008 to robbing eight banks in Pennsylvania and was released in August 2011.

U.S. authorities said Boyle made off with approximately $500,000 during his latest crime spree and used his aerial photography business to launder a portion of the proceeds.

Boyle concealed his face using a pillowcase, a bandana or a mask and sported numerous hats, including a straw hat, a bucket hat and a baseball cap, according to authorities.

Boyle was already in state prison on a probation violation and was transferred to federal custody for his court appearance.

(Reporting by Joseph Ax; Editing by Cynthia Osterman)

Cyber attack hits 1,200 InterContinental hotels in United States

The Logo of a Holiday Inn Hotel is pictured in Paris, France, August 8, 2016. REUTERS/Jacky Naegelen

By Alastair Sharp

TORONTO (Reuters) – Global hotel chain InterContinental Hotels Group Plc <IHG.L> said 1,200 of its franchised hotels in the United States, including Holiday Inn and Crowne Plaza, were victims of a three-month cyber attack that sought to steal customer payment card data.

The company declined to say how many payment cards were stolen in the attack, the latest in a hacking spree on prominent hospitality companies including Hyatt Hotels Corp <H.N>, Hilton, and Starwood Hotels, now owned by Marriott International Inc <MAR.O>.

The breach lasted from September 29 to December 29, InterContinental spokesman Neil Hirsch said on Wednesday. He declined to say if losses were covered by insurance or what financial impact the hacking might have on the hotels that were compromised, which also included Hotel Indigo, Candlewood Suites and Staybridge Suites properties.

The malware searched for track data stored on magnetic stripes, which includes name, card number, expiration date and internal verification code, the company said.

Hotel operators have become popular targets because they are easier to breach than other businesses that store credit card numbers as they have limited knowledge in defending themselves against hackers, said Itay Glick, chief executive of Israeli cyber-security company Votiro. “They don’t have massive data centers like banks which have very secure systems to protect themselves,” said Glick.

InterContinental declined to say how many franchised properties it has in the United States, which is part of its business unit in the Americas with 3,633 such properties.

In February, InterContinental said it had been victim of a cyber attack, but at that time said that only 12 of its 286 managed properties in the Americas were infected with malware.

Plaque commemorating Thai revolution removed, prompting outcry

A new plaque is seen in place of a previous plaque, which had gone missing, at the Royal plaza in Bangkok, Thailand, April 15, 2017. REUTERS/Matthew Tostevin

BANGKOK (Reuters) – A plaque commemorating a 1932 coup in Thailand that saw absolute monarchy abolished and democracy established has gone missing, police in Bangkok said on Saturday, prompting outcry from pro-democracy activists.

The 1932 coup, also known as the Siamese Revolution, was a crucial turning point in Thai history and ended nearly seven centuries of absolute monarchy, paving the way for political and social reforms.

Since then, Thailand has gone through a shaky experiment with democracy and has witnessed a succession of political protests and coups.

Thailand has been governed by a junta since the latest coup, 2014, which saw the military overthrow a democratically elected government.

The plaque, which was embedded in a square in central Bangkok, was removed and replaced with a new one which highlights the importance of the monarchy.

“It is good to worship the Buddhist trinity, the state, one’s own family, and to be faithful to one’s monarch and allow oneself to be the engine that brings prosperity to the state,” the new plaque reads.

Police in the Dusit district where the plaque was located said they were not sure who removed it and were investigating.

Ultra-royalist groups had previously threatened to remove the plaque.

Activists said that the plaque’s removal was a bid by royalist conservatives to rewrite history.

“This is another attempt to alter the history of democracy in this country,” Than Rittiphan, a member of the student-led New Democracy Movement which has protested against military rule, told Reuters.

“It is nothing more than fascist rhetoric aimed at brainwashing the next generation,” he said.

The government, led by Prime Minister Prayuth Chan-ocha, a former army chief and staunch royalist, has stepped up prosecution of critics of the monarchy under a harsh royal insult law.

Rights groups say sensitivity over any activity deemed as anti-monarchy has grown since King Maha Vajiralongkorn ascended the throne following the death of his father, King Bhumibol Adulyadej, last year.

Last week, the government announced a ban on all online interaction with three critics of the junta who live abroad.

King Vajiralongkorn signed a military-backed constitution into law this month, a step toward an election next year that the junta has said will restore democracy.

The new constitution is the 20th since the end of absolute monarchy and critics say it will give the military sway over politics for years to come.

(Reporting by Cod Satrusayang and Matthew Tostevin; Editing by Amy Sawitta Lefevre and Robert Birsel)

Secret Service says laptop stolen from agent’s car in New York

FILE PHOTO: The Trump Tower logo is pictured in New York, U.S., May 23, 2016. REUTERS/Carlo Allegri/File Photo

WASHINGTON (Reuters) – The U.S. Secret Service said on Friday a laptop was stolen from an agent’s car in New York City but that such agency-issued computers contain multiple layers of security and are not permitted to contain classified information.

The agency said in a statement that it was withholding additional comment while an investigation continues.

ABC News, citing law enforcement sources, said the laptop contained floor plans for Trump Tower, details on the criminal investigation of Hillary Clinton’s use of a private email server and other national security information.

The New York Daily News, citing police sources, said authorities had been searching for the laptop since it was stolen on Thursday morning from the agent’s vehicle in the New York City borough of Brooklyn.

Some items stolen with the laptop, including coins and a black bag with the Secret Service insignia on it, were later recovered, the newspaper reported.

CBS News, also citing law enforcement sources, said that some of the documents on the computer included important files on Pope Francis.

The agent also told investigators that while nothing about the White House or foreign leaders is stored on the laptop, the information there could compromise national security, the Daily News reported.

“There’s data on there that’s highly sensitive,” a police source told the newspaper, adding: “They’re scrambling like mad.”

Separately CNN, citing an unnamed U.S. Secret Service source, reported on Friday that a California man who scaled the White House fence last week was on the property’s south grounds for at least 15 minutes before he was captured.

(Reporting by Eric Walsh; Editing by Tom Brown)

16 Weapons Stolen from Central Massachusetts Army Reserve Center

An Army Reserve Center located in Worcester, Massachusetts reported that 16 weapons were stolen over the weekend.

Local police are cooperating with federal and state authorities to find out how the break-in happened as well as search for the man who stole the weapons, according to CNN. The theft occurred sometime between Saturday at 6 p.m. and Sunday at 1 a.m., according to City Manager Edward Augustus.

The FBI identified the weapons that were stolen: ten 9mm M-11 pistols and six 5.56 M-4 rifles. And while the FBI says there is no indication that the theft of tied to any sort of terrorism, it’s still a concern to officials.

“I’m especially concerned about it — separate and apart from anything that has to do with terrorism — I’m just concerned by the fact that some really high caliber weapons were stolen from a military facility in the first place,” Massachusetts Gov. Charlie Baker told reporters Monday.

The Worcester City Manager told the Washington Post that precautions were being taken. Additional police officers would be stationed throughout the city until further notice.

CBS Boston reported that surveillance footage caught a little bit of the man and his car. Police are looking for a light-skinned man who is about 5’7” to 5’10” tall and has a stocky build. At the time of the theft, he was wearing a white t-shirt and a dark vest. The man’s car was a newer model, dark colored BMW hatchback with sport rims.

Anyone who may have information regarding the theft can send an anonymous text to 274637, or you can call the Worcester Police Department at (508) 799-8651.

Russian Man Admits Global Hacking Scheme

A Russian man has admitted his role in a hacking scheme that sold record amounts of stolen credit and debit card numbers.

Vladimir Drinkman admitted that he had a major role in stealing 160 million credit and debit card numbers.  U.S. Attorney Paul Fishman said the hacking and data breach is the largest ever prosecuted in America.

Drinkman pleaded guilty to charges of conspiracy involving wire fraud and unauthorized access to protected computers. The 34-year-old will be sentenced in January and faces up to 35 years in federal prison after which he will be deported.

He also will face millions of dollars in fines.

Drinkman told the court that from 2005 to 2012 he worked with others on a scheme that sent malware to corporate computers to obtain personal information.  The malware would then delete itself so corporations could not tell they had been breached.

Some of the companies impacted where 7-Eleven, Dow Jones and NASDAQ.

Drinkman was arrested in the Netherlands in 2012 and brought to the U.S. for trial.  One of his co-conspirators, Dmitriy Smilianets, is in federal custody awaiting trial.  Three other co-conspirators are still on the run.

Baby Jesus Replaced With Pig’s Head

A Massachusetts church was in shock Christmas Day to find that someone had stolen the baby Jesus from their nativity scene and replaced it with the severed head of a pig.

Police say that the vandals struck the nativity scene outside Scared Hearts Church in Haverhill, Massachusetts during the early morning hours of Christmas.

Police are investigating the incident on what they called a “busy, well lit street.”

Brenda Burns, a resident of Haverhill, took the baby Jesus from her family’s nativity scene and went to the church to replace the stolen one.

In addition to the stolen Jesus in Haverhill, a second Jesus was stolen in nearby Greenfield.  That baby Jesus was imported from Italy and worth over $3,000.  The thieves also caused significant damage to the manger in the display.

Police Officer Shows Grace To Grandmother Caught Stealing Eggs

An Alabama police officer says he just wants to encourage those in his community to feed the hungry after media caught wind of his act of generosity toward a woman who was caught stealing eggs to feed her grandchildren.

Tarrant officer William Stacy was called to a Dollar General store on December 6th after 47-year-old Helen Johnson was discovered with eggs on her pocket.  Johnson said she had gone into the store with $1.25 to buy eggs and found the eggs were $1.75.

She placed three eggs in her pocket and was caught by store personnel.

The officer discovered that Johnson’s two grandchildren, ages 3 and 1, had not eaten since two days earlier.

Officer Stacy said that unlike many other times when he’s called to the scene of a shoplifting crime, this seemed like the case of a woman who was desperate to help her grandchildren.

“She started crying,” Stacy told reporters. “She said, ‘I need help. I need help, Officer Stacy, I need to put food in my babies’ stomachs.’ That’s what got me. That’s what hit me the hardest. I told her [to] park on the side of the parking lot. I ran in, bought the carton of eggs, came back outside, handed them to her and she got very emotional, very apologetic.”

A customer in the store caught the incident on camera and uploaded it to the web.  In that time, the family has received SUV loads of food from a local food bank and other officers in the area.

“I don’t see myself as a hero,” Stacy stated. “I’m not a big fan of cameras and the spotlight. I just want to do my job, do it the right way, and spend time with friends and family.”

ISIS Training Pilots To Fly Stolen Jets

ISIS reportedly has captured three fighter jets and is training former Iraqi military pilots to fly them.

The Syrian Observatory for Human Rights said the planes were taken when the terrorists captured the al-Jarrah airport east of Aleppo.  The pilots have been making training flights around the airport in preparation for attacks on western aircraft that has been targeting terrorist strongholds.

“They have trainers, Iraqi officers who were pilots before for (former Iraqi president) Saddam Hussein,” Rami Abdulrahman of the SOHR told Reuters.  “People saw the flights, they went up many times from the airport and they are flying in the skies outside the airport and coming back.”

U.S. Central Command would not confirm the reports of the ISIS pilots.

“We’re not aware of (Islamic State) conducting any flight operations in Syria or elsewhere,” U.S. Central Command spokesman Colonel Patrick Ryder said.  “We continue to keep a close eye on (Islamic State) activity in Syria and Iraq and will continue to conduct strikes against their equipment, facilities, fighters and centres of gravity, wherever they may be.”

Social media accounts connected to ISIS have shown captured aircraft.