Once upon a time, when you wanted to rob a bank, you put on a nice suit, a fedora, loaded up your favorite Tommy Gun, and walked right in to the establishment. Not only were these old-timey bank robbers slick in the style department, but they didn’t even hide who they were. Even after a high-speed chase, these guys would make it back to some safe-house and live their lives as if nothing happened. Granted, they were always looking over their shoulders and would find themselves in and out of the slammer, but secrecy, disguise, and fraud really wasn’t the way they went about getting large sums of money in a relatively short time.
Fast-forward to today; If you went into a bank with guns blazing, a silent alarm would have the police there in a very short time, and they probably wouldn’t hesitate to take an armed criminal out with their own artillery. It’s a much more risky venture than it used to be. Unfortunately, the Internet is now a thing and it’s opened up a whole new avenue of theft since the days of firing a few shells in a bank in the middle of the day. Thieves now have the anonymity that the Internet provides, making fraud exponentially easier than it once would have been. If someone can’t see you, how do they know you aren’t a Nigerian prince that needs a few hundred bucks after an issue with his bank? After all, he is promising thousands more as interest!
The Internet has also made hacking a computer system much easier. A savvy user can get in and out of a bank’s system, move some money from one account to a bank account they have access to, and never even get noticed. Some hacking geniuses will just go into the system of banks or credit card companies, steal the account numbers, pin numbers, and other personal information. They then either use this financial information themselves, or sell it to interested individuals who know more about how to exploit it.
Like any scam, some of these online heists are more successful than others. Let’s take a look at some of the most damaging online scams of all time.
10. Russian Criminal Organization Steals Personal Information
It was reported in August of 2014 that an unknown Russian criminal organization has stolen around 1.2 billion usernames and passwords. The attack wasn’t localized to one country; it was global and targeted nearly 420,000 different websites. The type of sites ranged from small websites to the sites of Fortune 500 companies. Fortunately, it appears the criminal organization has used the information to help distribute spam as opposed to selling the information to parties that may be interested in using the information for identity theft or other more direct financial scams.
9. The Sumitomo Mitsui Bank Robbery
Fortunately for the Japanese Sumitomo Mitsui Bank offices in London, this heist wasn’t seen through to its end.
In 2004, a group of hackers had used a type of spyware known as keyloggers to steal account numbers and passwords from the bank. They had acquired around $420 million that they planned to distribute over ten different bank accounts. Luckily, law enforcement caught on to the scam and captured an Israeli man named Yeron Belondi attempting to deposit $27 million of the loot into a bank account in Israel. Other arrests followed.
8. Global Crime Ring Steals $45 Million Using Prepaid Credit Cards
A global crime ring had been buying prepaid credit cards, hacking banks across the globe to increase the value on the cards, and then hired petty criminals to use the cards at ATM machines across the world to withdraw the available cash on the cards. Eight individuals were arrested in New York attempting to extract $2.7 million from the ATM machines at two different banks. As police dug deeper into the ring, they found that other members of the ring had made off with nearly $45 million from various spots across the globe. Eight criminals were apprehended in the heist.
7. Swedish Bank Robbed With Trojan Virus
Over the course of a year, customers of Nordea banks in Sweden were sent phishing emails containing Trojan viruses. The viruses were keyloggers that recorded all the keystrokes made by the bank customers. When the customers banked online, the criminals were able to get a record of the username and password the customers typed in. When the customers put in their information, they would get an error message saying the site was down. This message alerted the criminals that the information was entered, and they then used that info on Nordea bank sites. The criminals made away with nearly 8 million Swedish krona, which translates to around $943,000.00.
6. A Single User Steals over $3 million
Another user, known as “Soldier”, used a malware toolkit called SpyEye to steal nearly $17,000 a day. This one user managed to infiltrate the computers of 3,500 banking customers across three banks. The banks targeted were Chase, Wells Fargo, and Bank of America. In a period of only six months, Soldier had managed to amass $3.2 million in stolen money. Soldier passed the money through two people before it was sent to be processed by another group of people who he had conned into thinking they were processing the cash for a legitimate company.
5. $1.3 Million Stolen in Bitcoins
Bitcoin is a form of digital currency that allows people to make online transactions without the need of a central bank. Of course, there are places online where people store this digital currency, you know, kind of like a bank. A company where people can store their Bitcoins known as inputs.io had been infiltrated with some compromised emails and a flaw in the host server. The thief was able to get away with 4100 BTC, which comes out to about $1.3 million dollars.
Bitcoins are very hard to trace, so it’s unlikely a Bitcoin thief will ever get caught.
4. Massive Identity Theft in Arizona
This addition is more than likely not one heist or any one organization working together, but it’s interesting to note that per capita, Arizona is hit the hardest by online identity theft. For every 100,000 citizens in Arizona, 149 have had their identities stolen. The typical reason: fraudulent tax returns.
There is a practice among some modern thieves to take the personal information of their victims and file their tax returns before the victim does. The pay-off is only in the four figures, but enough of these add up to quite a nice payday, as a thief of this variety is usually stealing a very large amount of information.
3. A Very Young Global Crime Ring Nearly Steals Over $200 Million
Over the course of two years, the FBI followed the movements of and collected evidence against a global crime ring that would have made out with $205 million. The criminals had the information of 411,000 credit card users, and compromised the security of 47 companies, educational institutions, and government organizations. The oldest high profile member of this ring was only 22 years old, with other high profile members being teenagers. One of the youngest members, Mir Islam AKA JoshTheGod, was discovered to also be a member of a huge credit card trading/hacking ring known as UGNazi.
A total of 28 individuals were arrested in the ring.
2. 94 Million Marhall’s and TJ Maxx Credit Cards Exposed
In December of 2006, the online presence of TJX companies, a retailer that owns stores like TJ Maxx, Marshall’s, and HomeGoods, had a security breach that exposed the information of 94 million customer credit cards. The operation led to the apprehension and 40 year prison sentence of a legendary hacker known as Albert Gonzalez, who was said to have been working with 11 other individuals.
Why was it so easy to get this much information from TJX?
Their network didn’t have any firewalls.
1. Heartland Payment Systems Hack
Heartland Payment Systems is a company that handles the credit card transactions for both large and small businesses alike. This makes them a prime target for tech thieves looking to acquire credit card information. The amount of cards compromised in here is mind-blowing. If only a single dollar was stolen from every card, the thieves could have walked away with $134 million. You read that right. 134 million cards were exposed through this hack. Once again, SpyWare was used to infiltrate the system, even after Heartland was told by security analysts that their system could be easily compromised.
The ringleader of this operation was Albert Gonzalez, the same man responsible for the TJX breach.