Using crypto against Phishing, Spoofing and Spamming...

[Ian Grigg]

Enzo Michelangeli wrote:
> Can someone explain me how the "phishermen" escape identification and
> prosecution? Gaining online access to someone's account allows, at most,
> to execute wire transfers to other bank accounts: but in these days
> anonymous accounts are not exactly easy to get in any country, and anyway
> any bank large enough to be part of the SWIFT network would cooperate in
> the resolution of obviously criminal cases.

In practice something like this:  Most of the
money is wired through to some stolen account,
and then moved out of the system to another system.
This might be a foreign account, or it might be a non-
bank such as a broker/dealer (E*Trade is being hit at
the moment, it seems) or it might be a digital gold
currency.  From there, it is moved once or twice more,
than back to the country where the phisher is.  This
might be the US or Russia, or anywhere else, but those
two countries seem to be quite big on this (maybe we
should blame Reagan :-) )

A couple of things:  it is very hard, but not impossible
to reverse a SWIFT style international wire.  I've seen
it done once, so I know it is not impossible.  If the
cash has gone, then reversing it doesn't make sense.

Also, phishing
isn't exactly a recognised and obvious criminal case.
Any particular instance might be, but getting to that
determination might take months.  Further, opening
accounts for anonymous purposes is still rather easy
in many countries, the chief perpertrator of this being
the USA.  Finally, every attempt to make money less like
money (by closing off easy accounts, for example) results
in what some call "unintended consequences" - the money
goes elsewhere.

iang


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com