Non-TechFranklin, Andrews, Kramer & Edelstein

Previous 10 Next 10 
From: scion8/2/2011 6:17:21 PM
   of 10613
SEC Charges Biopharmaceutical Company and Executives with Securities Fraud


Washington, D.C., Aug. 2, 2011 — The Securities and Exchange Commission has charged a California-based biopharmaceutical company, three shareholder companies, and four senior executives for fraudulently misleading investors about the regulatory status of the company’s sole product. Three of the executives were additionally charged with insider trading.

Additional Materials
Litigation Release No. 22057

SEC Complaint

The SEC alleges that Immunosyn Corporation misleadingly stated in various public filings from 2006 to 2010 that its controlling shareholder – Argyll Biotechnologies LLC – either planned to commence or had commenced the U.S. regulatory approval process for human clinical trials for SF-1019, a drug derived from goat blood that was intended to treat a variety of ailments. The public filings failed to disclose that the U.S. Food and Drug Administration (FDA) had already twice issued clinical holds on drug applications for SF-1019, prohibiting clinical trials from occurring. The SEC alleges that Immunosyn also misleadingly stated that the regulatory approval process in Europe for human clinical trials for SF-1019 was imminent or underway, when in fact Argyll never submitted an application in Europe to conduct human clinical trials.

According to the SEC’s complaint filed in federal court in Chicago on August 1, Immunosyn’s CFO Douglas McClain Jr., Argyll’s Chief Scientific Officer Douglas McClain Sr., and Argyll’s CEO James Miceli engaged in insider trading by raising approximately $20 million from their sale of Immunosyn shares while knowing that misrepresentations were being made about the regulatory status of SF-1019. They sold most of these shares through Argyll and two other shareholders named in the SEC’s enforcement action: Argyll Equities, which McClain Jr. and Miceli jointly owned, and an offshore entity Padmore Holdings Ltd., which McClain Jr., McClain Sr., and Miceli jointly owned. Immunosyn’s CEO Stephen D. Ferrone also is charged by the SEC in the securities fraud scheme.

“These executives routinely authorized public filings that told investors a story about the status of the company’s prized drug that was far different from the behind-the-scenes reality,” said Merri Jo Gillette, Regional Director of the SEC’s Chicago Regional Office. “Three of these executives went one step further to illegally profit from their tall tales by selling their company stock and reaping more than $20 million while repeatedly misleading investors about the drug.”

For example, according to the SEC’s complaint, McClain Sr. made misstatements about the regulatory approval status of SF-1019 in a video on Immunosyn’s website and in a 2008 presentation in which he sold Immunosyn stock he owned through Padmore to patients at a Texas holistic clinic, some of whom were terminally ill. The SEC alleges that McClain Sr. raised approximately $300,000 from these patients, but never gave them the shares they bought.

The SEC’s complaint seeks a final judgment permanently enjoining the defendants from future violations of the antifraud provisions of the federal securities laws, ordering each defendant to disgorge all ill-gotten gains plus prejudgment interest and pay financial penalties, and barring Ferrone, McClain Jr., McClain Sr. and Miceli from serving as an officer or director of a public company.

Tracy Lo, Eric Phillips and John Kustusch of the SEC’s Chicago Regional Office conducted the SEC’s investigation. The SEC’s litigation will be handled by Ms. Lo and Mr. Phillips.

The SEC acknowledges the assistance of the U.S. Food and Drug Administration.

# # #

For more information about this enforcement action, contact:

Robert J. Burson
Senior Associate Regional Director
SEC Chicago Regional Office
(312) 353-7428

Share RecommendKeepReplyMark as Last Read

From: scion8/3/2011 9:18:56 AM
   of 10613
State actor seen behind "enormous" wave of cyber attacks

By Jim Finkle
BOSTON | Wed Aug 3, 2011 2:02pm BST

(Reuters) - Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organizations including the United Nations, governments and companies around the world.

Security company McAfee, which uncovered the intrusions, said it believed there was one "state actor" behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China.

The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.

In the case of the United Nations, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years, and quietly combed through reams of secret data, according to McAfee.

"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," McAfee's vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.

"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat."

McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a "command and control" server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

It dubbed the attacks "Operation Shady RAT" and said the earliest breaches date back to mid-2006, though there might have been other intrusions. (RAT stands for "remote access tool," a type of software that hackers and security experts use to access computer networks from afar).

Some of the attacks lasted just a month, but the longest -- on the Olympic Committee of an unidentified Asian nation -- went on and off for 28 months, according to McAfee.

"Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors," Alperovitch told Reuters.

"This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."


Alperovitch said that McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world. He declined to give more details.

Jim Lewis, a cyber expert with the Center for Strategic and International Studies, said it was very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.

McAfee, acquired by Intel Corp this year, would not comment on whether China was responsible.

There was no comment from China on the report.

In Taiwan, an official of the Criminal Investigation Bureau, which has a cyber crime unit, said he had no knowledge of the McAfee report but added there had been no cases in recent years of hacking of government websites.

An official from the Japanese trade ministry's information security policy team said it was difficult to determine whether a specific government lay behind a cyber attack "although we see which countries the attacks originate from."

A team put together to investigate hacking was "finalizing some guidelines. We aim to raise the security level as a whole and build a partnership between private sector organizations where information can be shared to prevent such attacks."


Vijay Mukhi, a cyber-expert based in India, says some South Asian governments were highly vulnerable to hacking from China.

"I'm not surprised because that's what China does, they are gradually dominating the cyberworld," he said. "I would call it child's play (for a hacker to get access to Indian government data) ... I would say we're in the stone age."

An Indian telecommunications ministry official declined to say whether he was aware of the hacking on the government.

The UN said it was aware of the report, and had started an investigation to ascertain if there was an intrusion.

McAfee released the report to coincide with the start of the Black Hat conference in Las Vegas, an annual meeting of security professionals who promote security and fight cyber crime.

(Additional reporting from Tom Miles in Geneva, Jack Kim in Seoul and James Pomfret in New Delhi, editing by Tiffany Wu, Martin Howell, Ron Popeski and Ed Lane)

Share RecommendKeepReplyMark as Last Read

From: scion8/4/2011 2:46:09 PM
   of 10613
Penalties reach $6M for Sulja Bros. stock scheme

'They were in effect printing money: ' Lawyer

By Brian Cross, The Windsor Star July 25, 2011

The main players in a “pump and dump” stock scheme that portrayed a humble Harrow lumberyard as an international firm with hundreds of millions in Middle East contracts have been hit with more than $6 million in penalties and paybacks.

The recently issued Ontario Securities Commission decision in the Sulja Brothers fraud outlaws brothers Sam and Steven Sulja, Pranab Shah, Tracey Banumas, Petar Vucicevich and a Texan named Andrew DeVries from trading or acquiring stocks or from becoming a director or board member of a publicly traded company for periods ranging from five years for lesser players like Banumas and Shah, to forever for Vucicevich and DeVries. They’ve also been hit with penalties ranging from $5,000 for Banumas and Shah, to $150,000 each for the Suljas, to $775,000 for Vucicevich, to just over $1 million for DeVries.

But the biggest penalty is called a “disgorgement,” a requirement that Colchester resident Vucicevich, DeVries and their companies collectively cough up $5.6 million. That’s the amount they received from investors as a result of their fraudulent activity, the decision states.

The pump and dump penny stock scheme was cooked up to bail out the small lumberyard, now closed, as it struggled in the building slump that began around 2005. Close to 100 news releases were issued, hyping Sulja Brothers as a world player in Middle East construction and cement sales. The OSC investigators said the claims made in the news releases ranged from “gross exaggerations to just plain false.”

Hundreds of investors bought the stock in an electronic over-the-counter market called the Pink Sheets in 2006 and 2007. The stock’s value peaked at 21 cents a share in 2006. Close to 500 million shares were said to be sold.

OSC lawyer Usman Sheikh said 10 to 12 nominee accounts were created. Sulja Brothers shares were transferred into these accounts and then sold to the market once their value was inflated. “What we said is they were in effect printing money,” said Sheik.

Attempts to reach Sam and Steven Sulja and Vucicevich were unsuccessful Friday. During the OSC hearings last year, the Suljas’ lawyer said that the brothers were working menial jobs and that Steven Sulja had lost his house and business.

They portrayed themselves as unsophisticated players who were convinced by Vucicevich to take their company public. They claimed they believed what they were doing was legal and that the company news releases were prepared by Vucicevich.

Vucicevich is also facing criminal charges of fraud laid in 2008 by the RCMP, who also placed restraining orders on 11 properties, most in Colchester, purchased by Vucicevich two years earlier.

Vucicevich insisted last year that “no one walked away with bags full of money,” from the stock scheme. And he claimed DeVries was the mastermind who wrote the news releases.

The OSC decision concludes that “investors across North America were deprived of at least US$5.6 million as a result of the trading scheme directed by” Vucicevich and DeVries. “It is clear that the securities law violations committed by these two respondents are serious and the amount of provide involved is significant.”

The OSC did determine where the investor money went. Vucicevich and his company Kore Canada retained about $3.4 million, DeVries retained US$1.38 million, Banumas retained about $100,000, Shah retained about $200,000, and Sam Sulja retained about $100,000, plus another $350,000 from an account in his father John’s name.

What’s unclear is where all that money ended up. Kathryn Daniels, the OSC’s deputy director of enforcement, said the OSC will go through the civil process of trying to recover the money.

“It’ll be a while before the dust settles on all this,” she said

Share RecommendKeepReplyMark as Last Read

From: scion8/4/2011 3:12:17 PM
   of 10613
SEC Charges Former Professional Baseball Player Doug DeCinces and Three Others with Insider Trading


Washington, D.C., Aug. 4, 2011 — The Securities and Exchange Commission today charged former professional baseball player Doug DeCinces and three others with insider trading ahead of a company buyout. The SEC alleges that DeCinces and his associates made more than $1.7 million in illegal profits when Abbott Park, Ill.-based Abbott Laboratories Inc. announced its plan to purchase Advanced Medical Optics Inc. through a tender offer.

Additional Materials
SEC Complaint

The SEC alleges that DeCinces, who lives in Laguna Beach, Calif., received confidential information about the acquisition from a source at Santa Ana, Calif.-based Advanced Medical Optics. DeCinces immediately began to purchase shares of Advanced Medical Optics in several brokerage accounts, buying more throughout the course of the impending transaction as he received updated information from his source. During this time, DeCinces also illegally tipped three associates who traded on the confidential information – physical therapist Joseph J. Donohue, real estate lawyer Fred Scott Jackson, and businessman Roger A. Wittenbach.

DeCinces agreed to pay $2.5 million to settle the SEC’s charges, and the three others also agreed to settlements.

“Time and again, we see reputable people engaging in insider trading and risking their good names in order to enrich themselves and those around them,” said Daniel M. Hawke, Chief of the SEC Division of Enforcement’s Market Abuse Unit and Director of the Philadelphia Regional Office. “People need to understand that we are watching for suspicious trading activity, and they will pay a heavy price when we catch them insider trading.”

According to the SEC’s complaint filed in U.S. District Court for the Central District of California, DeCinces received the material, nonpublic information from an employee at Advanced Medical Optics. DeCinces knew that his source was under a duty to keep the information confidential. In the weeks preceding the public announcement, DeCinces bought Advanced Medical Optics stock on several occasions, eventually totaling at least 83,700 shares in several brokerage accounts he controlled. Some of these accounts were in his grandchildren’s names. On at least one occasion, DeCinces funded his purchase of shares by liquidating a diverse portfolio of 110 stocks. When a public announcement was made by the companies on Jan. 12, 2009, the stock price for Advanced Medical Optics increased 143 percent, and DeCinces sold all of his shares for $1.2 million in profits.

According to the SEC’s complaint, Donohue was DeCinces’s physical therapist at the time of the illegal trading. He bought 5,000 shares of Advanced Medical Optics stock in December 2008 and January 2009 on the basis of confidential information received from DeCinces about the impending transaction. Donohue made $75,570 when he sold the stock on the same day as the public announcement. DeCinces later asked Donohue whether he had sold his stock and congratulated him.

According to the SEC’s complaint, DeCinces and Jackson shared business and social interests. During a Jan. 8, 2009, breakfast meeting, Jackson used his mobile handheld device to buy 8,500 shares of Advanced Medical Optics stock on the basis of the confidential information that DeCinces communicated to him. Jackson bought additional shares later that day and again the next day, and following the public announcement sold all of his shares for a profit of $140,259.

DeCinces and Wittenbach have been longtime friends, according to the SEC’s complaint. After DeCinces tipped Wittenbach with confidential information about the impending transaction, Wittenbach bought 15,000 shares of Advanced Medical Optics stock on January 8. He also called his sister and recommended that she buy 1,000 shares of the stock, which she did later that day. On the same day of the public announcement, Wittenbach sold all of his shares for a profit of $201,692. He again called his sister and told her to sell her stock, which she did for a profit of $13,214.

Without admitting or denying the SEC’s allegations, DeCinces, Donohue, Jackson, and Wittenbach agreed to settle the charges against them by consenting to the entry of final judgments permanently enjoining them from violating Sections 10(b) and 14(e) of the Exchange Act of 1934 and Rules 10b-5 and 14e-3 thereunder. DeCinces agreed to pay disgorgement of $1,282,691, prejudgment interest of $19,311, and a penalty of $1,197,998 for a total of $2.5 million. Donohue agreed to pay disgorgement of $75,570 and a penalty of $37,785 for a total of $113,355. Jackson agreed to pay disgorgement of $140,259, prejudgment interest of $12,508, and a penalty of $140,259 for a total of $293,026. Wittenbach agreed to pay disgorgement of $201,692, prejudgment interest of $5,768, and a penalty of $214,906 for a total of $422,366. The settlements are subject to final approval by the court.

The SEC’s investigation was conducted by Assistant Regional Director Colleen K. Lynch, Senior Counsel David W. Snyder and Investigator John S. Rymas – members of the Market Abuse Unit in Philadelphia – along with Elaine C. Greenberg, G. Jeffrey Boujoukos, Scott A. Thompson, and Michael J. Rinaldi in the SEC’s Philadelphia Regional Office. The SEC appreciates the assistance of the Financial Industry Regulatory Authority (FINRA). The SEC’s investigation is continuing.

# # #

For more information about this enforcement action, contact:

Daniel M. Hawke, Regional Director and Chief, Market Abuse Unit
Elaine C. Greenberg, Associate Regional Director
Colleen K. Lynch, Assistant Regional Director
SEC’s Philadelphia Regional Office
(215) 597-3100

Share RecommendKeepReplyMark as Last Read

From: scion8/4/2011 8:54:07 PM
   of 10613
Hackers Take $1 Billion a Year from Company Accounts Banks Won’t Indemnify

By Greg Farrell and Michael A. Riley - Aug 4, 2011 5:18 PM ET

Valiena Allison got a call from her bank on a busy morning two years ago about a wire transfer from her company’s account. She told the managers she hadn’t approved the transfer. The problem was, her computer had.

As Allison, chief executive officer of Sterling Heights, Michigan-based Experi-Metal Inc., was to learn, her company computer was approving other transfers as she spoke. During hours of frantic phone calls with her bank, Allison, 45, was unable to stop this cybercrime in progress as transfer followed transfer. By day’s end, $5.2 million was gone.

She turned to her bank, a branch of Comerica Inc. (CMA), to help recover the money for her metal-products firm. It got all but $561,000 of the funds. Then came the surprise: the bank said the loss was Experi-Metal’s problem because it had allowed Allison’s computer to be infected by the hackers.

“At the end of the day, the fraud department at Comerica said: ‘What’s wrong with you? How could you let this happen?’” Allison said.

In increments of a few thousand dollars to a few million per theft, cybercrooks are stealing as much as $1 billion a year from small and mid-sized bank accounts in the U.S. and Europe like Experi-Metal, according to Don Jackson, a security expert at Dell SecureWorks. And account holders are the big losers.

‘Losing More Now’ “I think they’re losing more now than to the James Gang and Bonnie and Clyde and the rest of the famous gangs combined,” said U.S. Senator Sheldon Whitehouse, a Rhode Island Democrat who chaired a Select Committee on Intelligence task force on U.S. cybersecurity in 2010.

Organized criminal gangs, operating mostly out of Eastern Europe, target small companies, school districts and local governments that maintain fat commercial bank accounts protected by rudimentary security measures at community or regional banks. The accounts typically aren’t covered by insurance as individual accounts are.

“If everyone knew their money was at risk in small and medium-sized banks, they would move their accounts to JPMorgan Chase,” said James Woodhill, a venture capitalist who is leading an effort to get smaller banks to upgrade anti-fraud security for their online banking programs.

JPMorgan Chase & Co. (JPM), the second-largest U.S. bank, is the only major U.S. bank that insures commercial deposits against the type of hacking that plagues smaller banks, Woodhill said.

“Chase has invested substantially in fraud prevention and detection capabilities for our clients,” Patrick Linehan, a JPMorgan spokesman, said in an e-mail. “If there is fraud on an account, we work with our clients on a case-by-case basis.”

Smaller Banks Smaller banks as well as many of the victims tend not to make the thefts public, according to interviews with the customers and experts such as Woodhill. As the threat becomes better known, small-business customers and other target entities may shift their business to large, national banks, which can better absorb the losses to maintain customer relations and which have better security policies to protect clients from such crimes.

“It’s frightening for small businesses because they have no clue about this,” said Avivah Litan, an analyst at Stamford, Connecticut-based Gartner Inc., which does computer analysis. “They just don’t have any clue, and everyone expects their bank to protect them. Businesses are not equipped to deal with this problem, and banks are barely equipped.”

Customers used to being made whole when they are victims of credit-card fraud or ATM thefts have had to sue small and medium-size banks to recover losses after being blamed by their branches for permitting the crime, as Allison was.

Law Enforcement The traditional help of law enforcement hasn’t been there either for such customers. In the heyday of bank robberies in the 1930s, the FBI became famous for Tommy-gun shootouts with the bad guys, who were put on the Most Wanted list. In most cases, the identities of the John Dillingers and Pretty Boy Floyds of the 21st Century aren’t known because of online anonymity, and the bureau doesn’t disclose statistics on how much these cybercrooks are stealing.

Victims in the last two years have ranged from Green Ford Sales, a car dealership in Abilene, Kansas, to Golden State Bridge Inc., a construction company in California wine country. No need to use a mask or gun. These criminals can steal millions from the comfort of their homes dressed in their pajamas.

The crime profits can be staggering and the risks minimal. Jackson, the security expert, said three sophisticated gangs each haul in at least $100 million a year. That dwarfs the $43 million taken in all conventional bank heists in the U.S. last year, from stick-ups to burglaries, according to the FBI.

A $100 Million Hit “A $100 million hit on a bank or a series of banks,” Whitehouse said. “That’s a pretty big bank robbery. And it doesn’t even make the press. It just trickles through in FBI tip sheets.”

To law enforcement officials, cybercrime is a new priority. Both the Federal Bureau of Investigation and the U.S. Secret Service, which has jurisdiction over financial crimes, have boosted manpower to combat computer-enabled robberies and have formed partnerships with foreign law-enforcement agencies.

Those efforts have been swamped by the explosion in e- commerce, said Chris Swecker, a former FBI assistant director who advises companies on cybersecurity. As millions of customers have shifted online, criminals have followed, their hacking tools and nimble criminal organizations racing ahead of old- school law enforcement models.

“Through cybercrime, transnational criminal organizations pose a significant threat to financial and trust systems,” including banking, stock markets and credit-card services, according to a National Security Council report issued in July.

National Security Threat Cybercrime has risen to the level of a national security threat, according to the report, citing a “critical shortage of investigators with the knowledge and expertise to analyze the ever increasing amounts of potential digital evidence.”

The banking industry’s reluctance to confront this problem head-on has allowed criminals to reinvest some of their booty to create better, more effective malicious software, known as malware, according to Woodhill.

Malware is what hurt Earl Goossen, business manager for Green Ford Sales, when he logged on to the company’s payroll account at First Bank Kansas at 7:45 a.m. central standard time on Nov. 3, 2010. Just two days earlier he’d used his computer to arrange for the bank to send out the $63,000 payroll to employee accounts. Everything went smoothly at first. Goossen responded to a follow-up e-mail request from First Bank Kansas to okay the payroll, just as he did on the 1st and 15th of every month.

Malicious Software Unbeknownst to Goossen, malicious software had infected the computer with a so-called worm, which had the ability to grab passwords, user names and credit-card data.

Some malware allows hackers thousands of miles away to take remote control of machines it infects, as if they were sitting at the keyboard. This malware is affordable and easy to obtain. A basic version sells for less than $5,000, Jackson said. Many models, licensed like commercial software from Microsoft Corp. and Adobe Systems Inc., even come with tech support, he said.

The worm on Goossen’s machine allowed thieves to log onto the website of the auto dealer’s bank using Goossen’s credentials and set up a second payroll batch for the usual amount for nine non-existent employees. The additional payroll was sent out overnight by First Bank.

The software allowed the hackers to grab Goossen’s e-mail password and banking details. All they had to do was change the notification e-mail address to a name under their control.

Gun-Toting Robbers When an amount like Green Ford’s $63,000 is taken from a bank by gun-toting robbers, the FBI would typically dispatch special agents to cordon off the crime scene and interview witnesses. No agents arrived in Abilene on Nov. 4, and no one at the company was ever interviewed by the bureau about the theft.

Green Ford’s owner, Lease Duckwall, filled out a report with local police, who don’t have a cybercrime unit. The Kansas Bureau of Investigation examined his computer and found nothing of use. Frustrated, Duckwall turned detective, interviewing bank employees, victims of similar crimes and whoever knew anything about cybertheft. In the end, the trail went cold.

Representatives of the FBI and the Secret Service insist they are not overwhelmed.

“I don’t think it’s right to conclude that because there are not a lot of arrests that law enforcement is not doing its job,” said Gordon Snow, the FBI’s assistant director of the cyber division.

Fighting Cybercrime The FBI and Secret Service have increased the number of agents dedicated to fighting cybercrime. Last September, as part of “Operation Trident Beach,” U.S. prosecutors in Manhattan arrested a gang of money mules in connection with a wide-ranging cyberfraud ring that had stolen $70 million from banks and tried to grab another $150 million in the U.S. and Western Europe. No ringleader was arrested, even though five were questioned by police in Ukraine, according to the FBI.

The inability to put handcuffs on suspects in Eastern Europe is a source of frustration for law enforcement, according to representatives of the FBI and Secret Service.

“We can’t let that stop us from continuing to move forward,” said Pablo Martinez, who heads the cybercrime unit at the Secret Service. “You have to go after every target.”

Mules, used by hackers as cutouts, are an obvious target, even the unwitting ones. When thieves stole the money from Duckwall’s dealership, some of the money first went to Shawn Young’s account in upstate New York. Young thought it was a legitimate transaction -- at first.

Assistant Manager Young, 35, was officially an assistant manager for R.E. Company Back Office. He got his job in October through a Careerbuilder website ad that said an Australian office services company was looking to expand into New York state. He was selected to scout locations in the Binghamton area. It did seem odd his new employer never asked for his Social Security number, he said in an interview.

Part of his job was to transfer payments made by some of the company’s U.S.-based clients to various programmers. He corresponded with his boss, Samantha Simons, exclusively through the company’s intranet site.

At 8:45 a.m. on Nov. 3, Young got his first payment-related assignment. He logged into the R.E. Company Back Office intranet site and learned from his supervisors that $4,975 had been deposited into his account at M&T Bank in Endicott, New York. The sender was Green Ford Sales.

Act Quickly His boss said he could keep $145 of the money if he acted quickly. Within 10 minutes, he withdrew the funds and drove to the closest Western Union Co. (WU) office, a few miles away. Young pulled into the Western Union parking lot and his cell phone rang. It was a manager from the M&T Bank branch where he’d made the withdrawal. She said the bank had discovered the wire transfer wasn’t authorized. It was only then that Young realized something might be wrong, he said.

On his way back the bank, his phone rang again. It was Simons, calling from a Syracuse telephone area code to see if there was a problem with the transfer. Young, who had never spoken with his boss, told her he’d been asked to return the funds. In a matter-of-fact manner, Simons said OK and hung up, he said.

After learning from his bank that the wire transfer from Green Ford had been unauthorized, Young tried to log into the R.E. Company Bank Office website, but his access had been terminated.

“I was lucky I did not send the money,” Young said. “I dodged a bullet there.”

Christine Palmer wasn’t as fortunate. In February, the single mother from New Britain, Connecticut who moonlights as the manager of a band, Enemy Remains, applied for a position advertised on

Flexible Gig A woman named “Jennifer” from CS Office Services called to say she had the job, a flexible gig that paid by the assignment and required her to help process transactions.

On March 3, after a few weeks of online training, Palmer woke up to find that $98,000 had been deposited into her account at Bank of America Corp. (BAC) An e-mail instructed her to withdraw $9,000 in cash and wire it to three individuals in the Ukraine via Western Union.

Then, Palmer was to transfer the rest of the funds to a Ukrainian bank account. As a fee, Palmer could keep $1,800 of the total. Before she’d completed the wire transfer, a man with an Eastern European accent called, urging her to speed things up.

“He sounded very concerned, which made me think I was going to lose my job,” Palmer said.

Stolen Funds It wasn’t until a few days later, when Charlotte, North Carolina-based Bank of America halted the wire transfer and told her the funds had been stolen, that Palmer realized CS Office Services didn’t really exist, and that her employers were part of a criminal scheme.

Bank of America closed Palmer’s account and told her she was responsible for paying back the $9,000 she’d wired overseas.

Palmer said she no longer looks for jobs advertised on web sites.

Unwitting money mules aren’t the only ones to have gotten wake-up calls in the new world of bank cybercrime. Customers sometimes find their friendly bank has become an adversary, quoting the fine print of account contracts about who is responsible for what.

On May 7, 2009, cyberthieves hacked into the bank account of Patco Construction Inc., based in Sanford, Maine, and initiated a series of wire transfers totaling $56,594. Some transfers bounced back, causing Ocean Bank to send owner Mark Patterson a routine return notice via the U.S. Postal Service.

Transfer Money Over the next several days, the crooks continued to transfer money out of Patco’s account, removing almost $500,000 before Patterson received the mailed letter from Ocean Bank. The bank eventually recovered a portion of the transfers, leaving Patco with a loss of $345,444, according to Patterson.

Patterson said Ocean Bank rebuffed his attempts to reach a settlement, so in January 2010 he sued. He argued the bank should have done a better job monitoring the company’s bank account. Ocean Bank argued that its protections were “commercially reasonable,” in keeping with general guidance issued by the U.S. banking industry in 2005.

In May, a federal magistrate judge in Portland, Maine, found for Ocean Bank, now known as People’s United Bank, a unit of Bridgeport, Connecticut-based People’s United Financial Inc. (PBCT)

U.S. District Judge D. Brock Hornby in Portland affirmed the magistrate’s decision today.

Infuriated The magistrate’s ruling infuriated Woodhill, who co-founded Authentify, a cybersecurity firm, in 1999. He is trying to change the law governing liability in hacking cases.

“I can’t fathom how one could consider a security procedure that makes it easy for people to steal money from school districts, churches and small businesses to be commercially reasonable,” Woodhill said.

Woodhill faulted banks for downplaying or hiding the scope of bank heists, a posture he attributes to fear of undermining confidence in an online banking system that saves financial institutions tens of millions of dollars a year in transactions that don’t have to be processed by a human teller.

Last year, Woodhill came to the rescue of Karen McCarthy, whose marketing firm was victimized by hackers in February 2010. McCarthy, who made one wire transfer on the same day every month, for $1,000, noticed a problem with her computer on Feb. 10. The screen had turned blue and appeared frozen, while other computers in her firm seemed to function normally.

McCarthy’s Plans In the weeks leading up to the frozen-screen episode, McCarthy had reached an agreement to sell her firm, Little & King. She’d bought out her lease, sold her office equipment and supplies and was preparing to join the new company as an employee, leaving behind the worries of business ownership.

After her computer froze, she printed out statements from Toronto Dominion Bank in preparation for the sale of her company. Over the Feb. 13-15 Presidents Day weekend, she couldn’t figure out discrepancies between recent bank statements and the amount in her company’s checking account. Finally, on the Monday evening, a national holiday, she checked her online banking account and saw five unauthorized wire transfers.

She called TD Bank in a panic. Because of the holiday, she was told no one was available. The next morning she marched into her TD Bank branch, in Massapequa, New York, and asked an assistant manager for help.

Calls Not Returned At first the manager told her the bank would get her money back, she said. Once it became clear the funds were stolen, the bank stopped returning her calls, McCarthy said.

The theft derailed the sale of McCarthy’s company, forcing her to raid her children’s college funds for needed cash. Of the $164,000 stripped from her account, TD Bank recovered almost $95,000, leaving her about $70,000 in the hole -- and without an office or equipment, she said.

When she learned TD Bank was to hold a fraud-prevention seminar on May 13, 2010, in Burlington, Vermont, she hopped on a plane and slipped into the meeting. During the morning presentation, when an expert in wire transactions was talking about ways that small businesses could protect themselves from the dangers posed by cybercriminals, McCarthy raised her hand.

Why wasn’t TD Bank doing a better job protecting its small- business clients, she asked. How had TD Bank allowed $164,000 to be wired out of her account even though she hardly every made wire transfers? As the speaker tried to respond, McCarthy kept peppering him with questions about his bank’s responsibilities to its clients.

Let’s Talk Outside Two bank representatives, including TD Bank’s head of corporate security and investigations, walked over to McCarthy’s table and suggested they continue the subject outside. McCarthy told the head of security it was good to meet him finally, since she’d been calling him for weeks following the robbery and had never gotten through.

Jennifer Morneau, a spokeswoman for TD Bank, confirmed that there was such an incident involving a “woman from Long Island” at one of its anti-fraud seminars, and didn’t have any further information.

“We constantly monitor and assess the security of our systems,” Morneau said in an e-mailed statement. “We also believe that educating our customers is one of the best ways to help them defend against online fraud and identity theft, because even the best security measures can only prevent fraud if customers are also vigilant about employing the necessary safeguards to protect their information.”

Anti-Bank Website With Woodhill’s support, McCarthy started a website she calls and has organized other cybercrime small-business victims across the country. In industry presentations, Woodhill uses her as an example in describing what’s wrong with online banking and the current rules governing the commercial accounts of small businesses.

“If every small-business account holder in America knew what Karen McCarthy had gone through, there would be a run on the banks,” he said.

Last year Woodhill supported a proposed law, introduced by U.S. Senator Chuck Schumer, a New York Democrat, that would have extended protections enjoyed by individual bank depositors to publicly funded entities such as school districts and town governments. Congress adjourned before any vote was taken.

Woodhill is now pushing for a federal law that would require regional and community banks to warn their commercial clients explicitly of the dangers of cyber fraud. He’s hired former Louisiana congressman Billy Tauzin, a Democrat turned Republican who chaired the House Energy & Commerce committee, to represent him.

Bank Opposition The American Banking Association has opposed attempts to extend cyberfraud protection from depositors to small-business clients. Until recently, the association’s position has prevailed.

Then came the Experi-Metal lawsuit brought by Valiena Allison against Dallas-based Comerica. In June, U.S. District Judge Patrick J. Duggan ruled in Detroit in favor of Allison and Experi-Metal, agreeing Comerica’s response to the fraud didn’t meet standards of good faith and fair dealing. Comerica agreed to pay Allison almost the entire amount stolen.

Other cybercrime victims have taken note of this precedent, said Brian Krebs, who has written about the Little & King case and other cyberthefts on his blog (

Village View, an escrow company based in Redondo Beach, California, that was robbed of $465,558 by cyberthieves in March of 2010, sued Professional Business Bank just two weeks after the Experi-Metal decision.

Bank Attitudes The last thing community banks want is to be at odds with their clients, said Doug Johnson, a senior policy analyst for the American Bankers Association.

“Banks don’t like to sue their customers and customers don’t like to sue their banks,” he said. “When disputes occur, it’s best to try to work together for an appropriate result.”

Woodhill said the banking industry is behind the curve on this matter, just as it was in 1978 when it opposed the Electronic Funds Transfer Act, which protects consumer bank deposits from fraud.

“That’s one of the biggest favors Congress ever did for banks, even though they were against it,” he said. “Banks truly do not understand what their own interests are. Corporate lobbyists only play defense.”

Share RecommendKeepReplyMark as Last Read

From: scion8/5/2011 1:45:20 PM
   of 10613
Guardians of Internet Security Are Targets

August 4, 2011

LAS VEGAS — The Web site of ManTech International, a $2.6 billion computer security company that won a major F.B.I. contract, sells its services this way:

“Whether an intrusion is conducted by a skilled outsider with criminal intent, an adolescent hacker seeking a thrill or a disgruntled employee bent on revenge or espionage, the potential risks to the organization are enormous.”

Last Friday, ManTech was that organization.

A band of Internet vigilantes calling itself Anonymous said it had sneaked into ManTech’s computers to demonstrate the company’s insecurity. The group released what it said were internal company documents and, in language that suggested the handiwork of an adolescent hacker seeking a thrill, taunted the company online: “It’s really good to know that you guys are taking care of protecting the United States from so-called cyber threats.”

ManTech is in good company. In recent months, several security firms and consultants have been hit by the very intruders they are hired to keep at bay.

Think of these companies as the new Pinkertons: Instead of taking on 19th-century outlaws in the Wild West, they are hired today to protect corporate and government data, including the most confidential intelligence information, across a vast virtual frontier. The string of embarrassing attacks on them demonstrates how vulnerable everyone is online, including those who are paid to be the protectors.

Many technology professionals who have long warned about such security risks say so-called hacktivist groups like Anonymous, which publicize their attacks to make a point, are the least worrisome of the many potential intruders out there.

“With the rise of hacktivism, now the people who break into you tell you they break into you,” said Jeff Moss, founder of the Black Hat conference, which drew nearly 6,500 technologists, largely security professionals, to Las Vegas this week. “A little bit of public humiliation is going to go a long way in helping the security industry clean up.”

Other times, the attackers are mysterious and more worrying entities, as in the case of the still unknown organization that in March breached the systems of RSA, whose electronic security tokens are used across many industries.

RSA’s parent company, EMC, has said that replacing tokens and cleaning up the mess has cost it roughly $90 million so far this year. Hackers used information obtained in the RSA attack to break into Lockheed Martin, the largest military contractor in the country.

On Wednesday the security company McAfee said it had uncovered a campaign of computer break-ins at 72 organizations and companies worldwide. McAfee called it the handiwork of a nation-state intent on acquiring, among other things, American military designs. Military contractors in the United States made up a disproportionately large share of the companies selected — 12 in all.

Anonymous, for its part, has made it plain that it goes after defense and intelligence contractors to expose their security vulnerabilities, not for financial or strategic gain. Booz Allen Hamilton, a $5.6 billion company based in McLean, Va., that does computer security work for the Defense Department, was hit by the group in early July; the hackers released the e-mail addresses of 90,000 military personnel.

The most notorious breach of a security company came early this year after an executive at HBGary Federal, a relatively small consultant eyeing a government contract, boasted publicly of his ability to unmask the members of Anonymous. In response, hackers made off with a large trove of the company’s e-mail messages and dumped them online, exposing details of its business transactions.

Greg Hoglund, who is the chief executive of HBGary, the parent company that owns a minority stake in HBGary Federal, said that the breach was the result of “a human mistake” and that his firm, along with other security companies, had fortified their systems since then.

“It was a wake-up call for the entire security industry,” Mr. Hoglund said. “It probably needed to happen. I wish I didn’t have to be the sacrificial lamb.”

As unlikely as it may seem, HBGary Federal still has a contract to help an unnamed federal agency sniff out spies inside its organization. And HBGary continues to sell its software, intended to ferret out the circumstances of a network intrusion.

For its part, ManTech posted a vague statement on its site last Friday after the Anonymous attack, saying that it addresses threats to its information systems and pointing out the obvious: “All organizations attract cyber threats in our highly networked world.”

An academic who studies computer security, who declined to be named because he consults for the government, described the Anonymous attacks on security companies in blunt terms: “They’re pulling their pants down publicly.”

The spate of attacks — and the fear of more — could actually end up buoying the fortunes of the global security industry. A nationwide survey of company technology managers, conducted by Forrester Research, found that computer security had increased as a share of the total information technology budget of companies, to 14 percent this year from 8.2 percent in 2007. Of those surveyed this year, 56 percent said it was a high priority to “significantly upgrade.”

“The landscape is more menacing now,” said Eve Maler, principal analyst for security and risk at Forrester. “Even the most experienced practitioners are in the process of upping their game.”

All of the major defense and intelligence contractors have expanded their digital security wings in recent years. They are simply following the money. The business of security for government agencies is growing by an enviable 9 percent a year, according to the research firm Input/Deltek. Federal government contracts alone amount to over $9 billion today and are projected to grow to $13.3 billion by 2015. “Cybersecurity,” Deltek concluded in a recent report, “is somewhat immune to spending and budget cuts.”

For better or worse, said Jonathan L. Zittrain, a Harvard Law School professor, securing the Internet has been largely left to private players — and even government information is increasingly guarded by private companies, whose actions can be difficult to monitor and hold accountable.

“In the absence of larger public order, we’ve seen do-it-yourself approaches: the technologically savvy can configure their own firewalls, and corporations can try to buy security,” he said. “But this can be as figuratively dicey as trying to get and maintain security contractors in Baghdad immediately following the fall of Saddam Hussein.”

Share RecommendKeepReplyMark as Last ReadRead Replies (1)

From: scion8/5/2011 2:55:16 PM
   of 10613
SEC Charges Former Mariner Energy Board Member and Son with Insider Trading


Washington, D.C., Aug. 5, 2011 — The Securities and Exchange Commission today charged a former board member at Mariner Energy Inc. and his son with insider trading on confidential information about the impending takeover of the oil and gas company.

Additional Materials
Litigation Release No. 22063

SEC Complaint

The SEC alleges that H. Clayton Peterson learned details about Mariner Energy’s upcoming acquisition by Houston-based Apache Corporation during various board meetings and tipped his son Drew Clayton Peterson with the nonpublic information. The son, who was a managing director at a Denver-based investment adviser, then purchased Mariner Energy stock for himself, his relatives, his clients, and a close friend. Drew Peterson also tipped several other close friends who traded on the nonpublic information ahead of the April 2010 acquisition announcement. The insider trading by the Petersons and others generated more than $5.2 million in illicit profits.

“Clayton Peterson was entrusted with highly confidential information, and he abused that trust and misused his position and access to make a quick buck for his family,” said Daniel M. Hawke, Chief of the SEC Enforcement Division’s Market Abuse Unit and Director of its Philadelphia Regional Office. “Drew Peterson then gratuitously tipped his friends and traded on this confidential information, leaving a trail of greed for investigators to follow.”

Sanjay Wadhwa, Deputy Chief of the SEC Enforcement Division’s Market Abuse Unit and Associate Director of the New York Regional Office, added, “Shareholders rely on company directors to honor their fiduciary responsibilities and not use confidential information for personal gain. Our enforcement action is a forceful reminder to corporate insiders that they cannot exploit their insider status without risking SEC scrutiny.”

According to the SEC’s complaint filed in federal court in Manhattan, Clayton Peterson served on Mariner Energy's board of directors from 2006 to 2010 and violated his duty to keep Mariner Energy’s discussions with Apache confidential. Peterson explicitly instructed his son to purchase Mariner Energy stock for a family member based on positive news that the company was about to publicly announce. As the April 15 announcement date neared, Peterson was even clearer in discussions with his son, telling him that the company was going to be acquired and would no longer be a public company within a few days. Based on this inside information, Drew Peterson purchased Mariner Energy stock for his own accounts and others. Following the public announcement, Mariner’s share price rose 42 percent. Drew Peterson and his relatives and clients then sold the Mariner stock that he had accumulated for them. Among the close friends who Drew Peterson had tipped was a hedge fund portfolio manager who reaped approximately $5 million in illegal profits for himself, his hedge funds, and his relatives.

The SEC’s complaint charges Clayton Peterson and Drew Peterson with violations of Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder. The complaint seeks a final judgment permanently enjoining them from future violations of the above provisions of the federal securities laws, ordering them to disgorge their ill-gotten gains plus prejudgment interest on a joint and several basis, and ordering them to pay financial penalties. The SEC also seeks to permanently prohibit Clayton Peterson from acting as an officer or director of any publicly registered company.

The SEC’s investigation was conducted by Joseph Sansone and Maureen Lewis — members of the SEC’s Market Abuse Unit in New York — with the substantial assistance of Neil Hendelman of the New York Regional Office and Jay Scoggins, Jeffrey Oraker, Bruce Ketter and Craig Ellis of the Denver Regional Office. The SEC thanks the U.S. Attorney’s Office for the Southern District of New York and the Federal Bureau of Investigation for their assistance in this matter.

The SEC’s investigation is continuing.

# # #

For more information about this enforcement action, contact:

Daniel M. Hawke
Chief, SEC Market Abuse Unit and Director, Philadelphia Regional Office
(215) 597-3191

Sanjay Wadhwa
Deputy Chief, SEC Market Abuse Unit and Associate Director, New York Regional Office
(212) 336-0181

Maureen F. Lewis
Assistant Director, SEC Market Abuse Unit
(212) 336-0125

Share RecommendKeepReplyMark as Last Read

From: scion8/5/2011 3:10:40 PM
   of 10613
Blue Line Jumps 11 Percent

June 7, 2000 | ISSUE 36•21

NEW YORK–Excitement swept the financial world Monday, when a blue line jumped more than 11 percent, passing four black horizontal lines as it rose from 367.22 to 408.85.

Share RecommendKeepReplyMark as Last Read

From: scion8/5/2011 6:06:36 PM
   of 10613
Swordfish Financial, Inc. Prepares to Make Proposal to U.S. Treasury

2011-08-05 16:30 ET - News Release
ROCKWALL, TX -- (MARKET WIRE) -- 08/05/11

Swordfish Financial, Inc. (OTCQB: SWRF) (PINKSHEETS: SWRF) to make proposal to U.S. Treasury to use private cash and assets to solve the current debt obligation problem.

CEO Michael Alexander states, "The answer to the U.S. debt ceiling problem is sitting in U.S. banks. This solution is available now and it doesn't cost the U.S. tax payers a dime."

Alexander says, "Based on the current debt crises and the bleak financial outlook, the timing is perfect to enlist the assistance of the US government in affecting the release of our clients' cash and other accounts held in various U.S. banks. In exchange for such assistance, the owners of these accounts are willing to allow a major portion to be used to the benefit of the U.S. government."

Swordfish Financial, Inc. is in the process of finalizing the proposal and will be seeking the best route for delivery to the appropriate government entities.

About Swordfish Financial, Inc.

Swordfish Financial, Inc. (SFI) is a publicly held diversified financial asset recovery company formed to acquire orphaned assets of high net worth individuals, companies and to originate, fund, source funding for humanitarian and corporate transactions. SFI's main products will be to acquire and provide funding for organizations in the currently underserved humanitarian and eco-friendly markets. SFI provides economical and efficient use of capital while providing a valuable opportunity of loans to and or investment in small and medium sized organizations by providing asset based funding against marketable "income producing and/or marginable" assets. Our funding will enable our organizations to compete more effectively, improve operations and increase shareholder value.

About Peace Through Water

Peace Through Water is an international partnership of Christians whose mission is dedicated to working with children, families and communities to overcome poverty and oppression in remote areas of the world.

Forward-Looking Statements:

This document contains forward-looking statements and information as that term is defined in the Private Securities Litigation Reform Act of 1995, and, therefore, is subject to certain risks and uncertainties. There can be no assurance that the actual results, business conditions, business developments, losses and contingencies and local and foreign factors will not differ materially from those suggested in the forward-looking statements as a result of various factors, including market conditions, competition, advances in technology and other factors.


For Media and PR inquiries, please contact:
Jimmy Davis
Email Contact
(281) 736 - 5296

Share RecommendKeepReplyMark as Last Read

To: scion who wrote (354)8/8/2011 9:13:06 AM
From: scion
   of 10613
Oracle, other companies "punkd" in hacking contest

By Jim Finkle
LAS VEGAS | Mon Aug 8, 2011 5:17am BST

(Reuters) - A weekend contest at the world's largest hacking convention in Las Vegas showed one reason why big corporations seem to be such easy prey for cyber criminals: their workers are poorly trained in security.

Amid a spate of high-profile cyber assaults on targets ranging from Sony Corp to the International Monetary Fund, one would think that many companies would be paying special attention to security these days.

But hackers taking part in the competition on Friday and Saturday found it ridiculously easy in some cases to trick employees at some of the largest U.S. companies to reveal information that can be used in planning cyber attacks against them.

The contestants also managed to get employees to use their corporate computers to browse websites the hackers suggested. Had these been criminal hackers, the websites could have loaded malicious software onto the PCs.

In one case, a contestant pretended to work for a company's IT department and persuaded an employee to give him information on the configuration of her PC, data that could help a hacker decide what type of malware would work best in an attack.

"For me it was a scary call because she was so willing to comply," said Chris Hadnagy, one of the organizers of the contest at the Defcon conference in Las Vegas.

"A lot of this could facilitate serious attacks if used by the right people," Hadnagy said.

Defcon is organized by benevolent hackers, partly to promote research on security vulnerabilities in order to pressure companies to fix them. The contest was sponsored by so-called white-hat hackers to show companies how weak their security is and encourage them to better educate their employees about the risks of hacking.

The company whose employees handed over the most data was Oracle Corp, according to Hadnagy. One of the world's largest software makers, Oracle got its start more than 30 years ago by selling secure databases to the Central Intelligence Agency.

Oracle spokeswoman Deborah Hellinger declined comment.

Other targets included Apple Inc, AT&T Inc, ConAgra Foods Inc, Delta Air Lines Inc, Symantec Corp, Sysco Corp, United Continental Holdings Inc's United Airlines and Verizon Communications Inc.

It was the second year that Defcon held a contest in "social engineering," or the practice where hackers con people into handing over information or taking actions such as downloading malicious software.

Social engineering is frequently used in attacks where the hackers send a "spear phishing" e-mail in which they impersonate a friend of the recipient and ask him or her to open a tainted file or visit a malicious website.

Security experts say spear phishing have led to many hacks over the past year, including ones on U.S. defense contractors, the IMF, EMC Corp's RSA Security division and government agencies around the world.

"It's better whenever you can get data non-confrontationally," said Johnny Long, a consultant who companies hire to hack into their data networks, using tools such as social engineering, to identify weaknesses.

The contestants were charged with obtaining specific information from their targets, including information about how the company backs up and secures its data, wireless network use, and the names of companies that provide on-site security, toner and copier paper.

(Reporting by Jim Finkle, editing by Tiffany Wu, Gary Crosse and Matt Driskill))

Share RecommendKeepReplyMark as Last Read
Previous 10 Next 10 

Copyright © 1995-2018 Knight Sac Media. All rights reserved.Stock quotes are delayed at least 15 minutes - See Terms of Use.