Vulnerabilities / Threats
8/27/2009
05:44 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Identity Theft Ring Ensnared Fed Chairman Bernanke

Identity thieves may have drawn more attention that they wanted when they defrauded the nation's top banker.

For almost two-and-a-half years, an identity theft ring run by a man known as "Big Head" defrauded hundreds of people, including Federal Reserve Chairman Ben Bernanke.

On August 7, 2008, Bernanke's wife Anna had her purse stolen off the back of her chair in a Starbucks in Southeast Washington, D.C.

News of the theft and its relationship to Chairman Bernanke was first reported by Newsweek.

"Identity theft is a serious crime that affects millions of Americans each year," Bernanke said in a statement provided by a Federal Reserve spokesperson. "Our family was but one of 500 separate instances traced to one crime ring. I am grateful for the law enforcement officers who patiently and diligently work to solve and prevent these financial crimes."

On August 13, 2008, according to the affidavit filed by a postal inspector who helped investigate the case, a man named George Lee Reid entered a Bank of America in Hyattsville, Maryland and proceeded with a scheme known as a split deposit transaction.

"The split deposit transaction is a transaction where the co-conspirator first makes a deposit into one victim's account by writing a personal check to that victim account from another identity theft victim's bank account," explains U.S. Postal Inspector William J. Aiello in his affidavit. "The purpose of this deposit is to falsely inflate the victim's account balance and/or identify the specific account number. This deposit would then be followed by a series of counter withdrawals, check-cashing, or electronic withdrawals."

Among other transactions, Reid deposited $900 into the bank account of an identity theft victim identified as "K.N." using a fraudulent check linked to the Bernanke's joint checking account at Wachovia, according to the affidavit. He also cashed two $4500 checks.

Reid was charged in Washington D.C. with identity theft in October, 2008, in connection with the fraud committed against Ben and Anna Bernanke. According to the affidavit, Reid confessed his involvement and said that he had made as much as $50,000 in a single day since beginning this type of fraud in 2006.

Newsweek reports that charges against Reid were subsequently dropped and that there's an outstanding arrest warrant for Reid, whose whereabouts are unknown.

"Big Head," otherwise known as Clyde Austin Gray Jr., a leader of the identity theft ring, pleaded guilty to bank fraud charges in Virginia last month.

A significant break in the investigation occurred in September, 2007, when a dutiful FedEx employee in South Holland, Illinois refused to send a package from Leonardo Darnell Zanders, an alleged member of the identity theft ring, because it violated corporate policy -- the package's return address listed the FedEx facility rather than the sender's address.

"Zanders immediately left the facility leaving the packages behind," the affidavit states. "A supervisor for FedEx opened the packages in accordance with its corporate policies and procedures prior to contacting FedEx security and law enforcement. The packages contained stolen personal checks, identifications, bank cards, credit cards, and other similar documents. The packages also contained counterfeit military identification cards and driver's licenses."

InformationWeek Analytics has published an independent analysis on data-loss prevention. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Tell the sysadmin that we have a situation.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.