Stories

Vigilance

by Bryan Steven Follins

The Information Security Research Project

 

This is an article in a series on victims of identity theft.

 

April 4, 2007

 

            Reverend Henry Salditos is a native of the Philippines. He has been the pastor of St. James the Apostle Roman Catholic Church in Las Vegas, Nevada, for just under a year.

            On October 30, 2006, Salditos just happened to be checking his bank account online when he noticed a strange occurrence. Thirty thousand dollars, his entire life’s savings, had been moved from his savings account to his checking account, without his permission. 

            “Somebody made an illegal transfer of the money from my savings to my checking account in one day,” said Salditos.  “I called my sister and asked her to help tell me what to do. She told me to call the bank to get them to help me. I immediately called the bank.”

            He was in the bank the next day to get help. His bank is Washington Mutual. They helped him. Salditos was fortunate because he frequently checked his account.

He spotted the transaction while it was in the process of clearing. Needless to say, he saved his money.

            The experience left Salditos shaken.

            “I almost had a heart attack,” he explained. “Maybe someone from inside the bank did it.  I do not know how they were able to move the money from the savings account to the checking account. These guys are smart, stealing without people checking their accounts.  What about older people who don’t check their accounts?”

            The perpetrators were never found. Salditos, or anyone else, could never figure out what the thief or thieves were trying to do with the money. 

            Then about a month or two later, something else happened. Salditos says a man contacted him from Palestine. He said the man had gotten his email account, including the password, which was posted in a chat room online. A short time later Salditos got a phone bill where someone was using his Yahoo Instant Messenger phone service.  He immediately changed his email and Instant Messenger accounts. Salditos thinks all three incidents were related but he could not prove it.  The experiences left him unnerved. He did not even want to go on camera for this interview.

            “I stopped my banking online,” he said.

            When asked if he was familiar with identity theft laws, or laws requiring a bank to protect his personal information, he responded:

            “Well, I don’t think so. I’m new in America, so I really don’t know what’s out there.”

            His saving grace was that he was vigilant.

 

Copyright 2007 The Information Security Research Project.

           

J and Geeta Allen

Las Vegas, NV--On May 28, 2007, the Allens checked a transaction receipt received from Silver State Credit Union in Las Vegas, NV. They found that the receipt had their entire joint checking account number printed on it. Also,  the entire checking account number of the other transacting party (who is a Silver State member) was recorded on the receipt. -------BSF 

 

Using Google Language Tools to Access Blocked Websites

By ???

Disclaimer: These instructions are not intended for malicious use. They are intended to show the vulnerabilities of network filters. Below are instructions of how to exploit a weak network filter.

1. Go to www.google.com.
2. Click the link to the right of the search box that says, "Language Tools".
3. In the "Translate a web page" search box, type the URL of the website you are trying to access.
4. Change the settings to "Translate Spanish to English".
5. Click Translate.
6. Since none of the content was in Spanish, the text will show unaltered in English. Links are clickable and the site is navigable.

If your organization uses a network filter that can be exploited using the steps above, it should be reconsidered.