Online Hacking-Insider Job?

[mbay]

Quote from scalpmaster:

What if all these so called 'hacking' is done internally?

While all the attention is diverted by media to outsiders
hacking into the systems, can an insider trade discreetly
using your capital and transfer only the profits slowly
out from like 10 relatively dormant large accts (used by
long term investors,concealing executions on statements)?

What is the turnover rate of employees handling these accts?

27 Oct, Marketwatch.com:

http://www.marketwatch.com/news/story/Story.aspx?guid={FB3B61A9-FB01-4FB8-B454-2A2FC43BDB5C}&siteid=

Regulators say they have seen a particularly strong upswing in theft resulting from two types of scams in the last two months.

Both frauds involve thieves snaring investors' user names and passwords from public computers in places like hotel lobbies or Internet cafes by using keystroke-monitoring "spyware" to grab the information, according to John Reed Stark, the head of the SEC's Office of Internet Enforcement.

One scam involves thieves armed with users' private information liquidating securities and wiring the money to bank accounts, often offshore.

Stark calls the second scam "pump and dump--with a technological twist to it." Again using victims' personal data, hackers steal money to purchase microcap stocks in an effort to drive up their share prices. The shares--already owned by the hackers--are then sold at a profit.
Stark said regulators have "several investigations" ongoing into online investing-related fraud.

It is possible that it could be planned from the inside by employees, but I mean if your a mutlimillion dollar company, I hope management has the sense to install an internal affairs division (employe monitoring, security, etc).

That is still high risk, if you get caught, your going to share a jail cell with buba, it is definately not work the risk if your an employee.

 

[scalpmaster]

Quote from mbay:

It is possible that it could be planned from the inside by employees, but I mean if your a mutlimillion dollar company, I hope management has the sense to install an internal affairs division (employe monitoring, security, etc).

That is still high risk, if you get caught, your going to share a jail cell with buba, it is definately not work the risk if your an employee.

If an employee is only getting an average pay of less than 50k/year, all the more he/she would take the risk of siphoning the millions out from various accts and migrating, sucking pina colada under some coconut tree on some remote island...

 

[scalpmaster]

If online hacking is happening to trading accts,
isn't Internet Banking/wiretransfer another excuse
for funds to be misplaced and blame put on phantom hackers?

Sometimes these hackers who think they are so smart do not understand they are just victims for diversion from the real thing...What are their chances of being sucessful and being
caught?

No wonder one of the gurus from a seminar I attended said it
was safer to hide cash under your bed nowadays than to put it
in the bank

 

[infolode]

Quote from scalpmaster:

If online hacking is happening to trading accts,
isn't Internet Banking/wiretransfer another excuse
for funds to be misplaced and blame put on phantom hackers?

Sometimes these hackers who think they are so smart do not understand they are just victims for diversion from the real thing...What are their chances of being sucessful and being
caught?

No wonder one of the gurus from a seminar I attended said it
was safer to hide cash under your bed nowadays than to put it
in the bank

Do you happen to know this guru's address?

 

[putsncalls]

heres my first post to this site...

Key loggers are all over the the net. go to dos and do a "netstat -a" to see if your machine is connected / sending info out (key logs). I can bet a good percentage of people on this forum will have some.

A firewall will not help as this thing is sending keystrokes OUT to some address.

Eventually I think online brokers will start passing out secure ids that generate a different code every 30 seconds to log in. Sort of like the IB securecomputing thing to transfer funds. Most corporate VPNs do this for a while.

On thing you could do to is install good spyware (not virus scanners or firewall). And not install *any* pirated software.

 

[mbay]

Quote from scalpmaster:

If an employee is only getting an average pay of less than 50k/year, all the more he/she would take the risk of siphoning the millions out from various accts and migrating, sucking pina colada under some coconut tree on some remote island...

I don't think so, if you can think of a plan to abuse your employement for millions, I think you can think of a plan to earn a million too.

Plus, what good is living on a remote island, when you have to look over your shoulder for the rest of your life 24/7.

Imagine if you have a family later on, what are you going to do for protection outside the US let alone in the US.

 

[zdreg]

Quote from bidask:

look here for a tutorial on how to protect your computer from people who have physical access to it.

http://traderanalyst.jamroll.net/modules/news/article.php?storyid=7

the article suggest blocking the cd drive. how do block the computer from booting from the cd drive?

what happens if the hard drive goes down
can you still reboot from a boot cd?

 

[zdreg]

mbay


Registered: Oct 2006
Posts: 45


10-29-06 01:29 AM

Quote from scalpmaster:

If an employee is only getting an average pay of less than 50k/year, all the more he/she would take the risk of siphoning the millions out from various accts and migrating, sucking pina colada under some coconut tree on some remote island...




I don't think so, if you can think of a plan to abuse your employement for millions, I think you can think of a plan to earn a million too.

Plus, what good is living on a remote island, when you have to look over your shoulder for the rest of your life 24/7.

Imagine if you have a family later on, what are you going to do for protection outside the US let alone in the US.




it takes only one person who is in a hurry to prove your remarks wrong.

 

[mbay]

Quote from zdreg:

mbay


Registered: Oct 2006
Posts: 45


10-29-06 01:29 AM

Quote from scalpmaster:

If an employee is only getting an average pay of less than 50k/year, all the more he/she would take the risk of siphoning the millions out from various accts and migrating, sucking pina colada under some coconut tree on some remote island...




I don't think so, if you can think of a plan to abuse your employment for millions, I think you can think of a plan to earn a million too.

Plus, what good is living on a remote island, when you have to look over your shoulder for the rest of your life 24/7.

Imagine if you have a family later on, what are you going to do for protection outside the US let alone in the US.




it takes only one person who is in a hurry to prove your remarks wrong.

ZDREG:

I think your missing the big picture, there will always be rotten apples, but assuming there is good security management protocols in place (we are talking about companies like etrade) and employees understand how high the risk is, most likely it is hackers and not employees.

I am arguing that it is 100% hackers, I am just stating that its most likely hackers rather then employees.

 

[zdreg]

someone working for the co. with computer skills and insight to security procedures has the edge over an outside hacker.