{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"近日,一名技術詐騙犯通過欺騙"},{"type":"link","attrs":{"href":"https:\/\/www.cisco.com\/","title":"xxx","type":null},"content":[{"type":"text","text":"思科"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/www.microsoft.com\/zh-cn\/","title":"xxx","type":null},"content":[{"type":"text","text":"微軟"}]},{"type":"text","text":"與聯想提供替換用設備套件的方式,牟利數百萬美元,最終被判入獄服刑七年零八個月,並被責令支付 400 多萬美元的賠償金、沒收 30 多萬美元的財產。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"利用售後漏洞詐騙數百萬"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,31 歲的詐騙犯 Justin David May 盜用硬件序列號、虛假網站與在線身份、社會工程策略以及內部網絡,在短短 12 個月內利用硬件轉換策略騙取近 350 萬美元。其中,微軟共損失 139 臺 Surface 筆記本電腦(價值約 36.4 萬美元),聯想美國分公司損失 193 臺總值 14.3 萬美元的替換硬盤,而 APC(前身爲美國 Power Conversion 公司)則損失多臺不間斷電源裝置。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"May 本人承認犯有 42 項郵件欺詐罪、10 項洗錢罪、3 項以跨州形式運輸欺詐所得罪以及 2 項逃稅罪。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"根據向賓夕法尼亞州聯邦地方法院提交的"},{"type":"link","attrs":{"href":"https:\/\/regmedia.co.uk\/2021\/06\/04\/fraud.pdf","title":"xxx","type":null},"content":[{"type":"text","text":"法庭文件"}]},{"type":"text","text":",在 2016 年 4 月針對思科公司的最大規模詐騙中,May 和他的同夥註冊了與 cisco.com 用戶 ID 極爲相似、看上去合法可信的僞造網絡域名、電子郵件地址以及序列號錄入界面。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在收集到信息之後,他們將序列號提交至思科公司並謊稱自己的套件出了問題,要求網絡巨頭向其發出備用設備。此次案件涉及多臺價值約 21000 美元的思科 Catalyst 3850-48P-E 交換機和數臺思科 ASR 9001 路由器,兩類產品總值超過 10 萬美元。在收貨之後,欺詐分子立即帶着備用設備逃脫,思科公司根本收不到所謂“需要更換的損壞設備”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"聯邦調查局費城分部特工 Michael Driscoll 表示,May 和他的同夥破壞了以誠信爲基礎的消費者保修計劃,他們從中獲利並給多家企業及聯邦政府造成重大損失。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"同樣的騙局也讓微軟和聯想馬失前蹄。法庭文件指出,May 特別擅長挑選那些無法通過遠程連接或者軟件更新實現修復的僞造故障,同時確保這些問題看似必須要更換設備才能解決。此外,May 犯罪團伙還會通過 P 圖修改套件與序列號,用以矇蔽技術支持人員。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在通過 UPS 或者 FedEx 發出替換用的硬件之後,受害者一方根本取不回所謂發生故障的設備。與此同時,May 一夥則轉手將換新產品擺在 eBay 等多個二手網站上出售,快速賺取大量現金。他們還將部分微軟硬件運往新加坡轉售。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"爲何能成功"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在這次詐騙案中,May 團隊的欺詐手法並不算老道。May 會將一部分騙來的錢存進自己的個人賬戶,也兌付過一些硬通貨。聯邦調查局表示,May 曾用贓款買了一款 2017 款的寶馬 Coupe 車型,他本人家中也搜出大量現金。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這場騙局之所以能成功,核心原因在於 May 團伙堅持不懈的申請和爲受騙企業量身定製的索賠信息。May 團伙先後提交了幾百次換貨申請,成功率高得驚人。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以最大的受害者思科爲例,May 個人提交了 267 項虛假保修索賠,而另一個位於德克薩斯州的同夥提交了另外 101 項虛假保修索賠。在這 368 次虛假保修索賠中,May 和他的同夥至少成功了 252 次。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"就微軟而言,May 和一位新加坡的同夥負責向微軟提交了 227 項虛假保修索賠,其中 139 項虛假索賠成功。對於聯想,May 個人提交了至少 216 項單獨的虛假保修索賠,並且每次都聲稱其聯想 ThinkPad 硬盤出現故障,這些虛假的保修索賠有 193 次成功。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“保修政策本來是希望提前更換存在故障的產品,儘量幫助消費者回避業務影響。但這項以誠信爲基礎的計劃卻遭到騙子的非法利用。”代理檢察官 Jennifer Williams 表示,“保修欺詐犯罪在本質上會給提供大量就業崗位的企業造成巨大經濟損失與財務壓力,因此犯罪分子必須入獄服刑,接受因自身行爲帶來的後果。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,在過去很長一段時間裏,聯邦調查局一直在關注這名特拉華州的黑客。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"早年間,中央情報局 (CIA) 製作了一個模擬器來幫助特工做戰鬥訓練。遊戲製作公司 Atomic 後來利用該系統製作了一個電子遊戲。2010 年,在一個遊戲博覽會上,May 正在竊取該價值 600 萬美元的遊戲代碼時被工作人員發現,隨後在逃跑途中被制服。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"由於遊戲公司認爲 May 並非這次盜竊事件的主要策劃者,所以沒有要求對其進行嚴厲制裁。被捕數月後,May 同意法官提出的審前緩刑,緩刑條款包括:必須在學校學習,並在 18 個月內遠離 Xbox Live 遊戲網站。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2013 年,澳大利亞黑客 Dylan Wheeler 團隊的四名成員因盜竊價值超過 1 億美元的 Xbox 遊戲代碼而被當地聯邦檢察官提起指控。團隊成員都對犯罪事實供認不諱。在起訴書中,有一名來自特拉華州的身份不明的代號爲“A”的人協助了這起盜竊案,Wheeler 表示那個人是 May 。當然,May 否認了這些指控,並表示不知道 Wheeler 爲什麼這麼說,但他承認確實認識這些人。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"相關鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/06\/04\/tech_scammer_doj\/","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/06\/04\/tech_scammer_doj\/"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
小小技術“障眼法”,思科、微軟和聯想被騙超350萬美元
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"近日,一名技術詐騙犯通過欺騙"},{"type":"link","attrs":{"href":"https:\/\/www.cisco.com\/","title":"xxx","type":null},"content":[{"type":"text","text":"思科"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/www.microsoft.com\/zh-cn\/","title":"xxx","type":null},"content":[{"type":"text","text":"微軟"}]},{"type":"text","text":"與聯想提供替換用設備套件的方式,牟利數百萬美元,最終被判入獄服刑七年零八個月,並被責令支付 400 多萬美元的賠償金、沒收 30 多萬美元的財產。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"利用售後漏洞詐騙數百萬"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,31 歲的詐騙犯 Justin David May 盜用硬件序列號、虛假網站與在線身份、社會工程策略以及內部網絡,在短短 12 個月內利用硬件轉換策略騙取近 350 萬美元。其中,微軟共損失 139 臺 Surface 筆記本電腦(價值約 36.4 萬美元),聯想美國分公司損失 193 臺總值 14.3 萬美元的替換硬盤,而 APC(前身爲美國 Power Conversion 公司)則損失多臺不間斷電源裝置。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"May 本人承認犯有 42 項郵件欺詐罪、10 項洗錢罪、3 項以跨州形式運輸欺詐所得罪以及 2 項逃稅罪。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"根據向賓夕法尼亞州聯邦地方法院提交的"},{"type":"link","attrs":{"href":"https:\/\/regmedia.co.uk\/2021\/06\/04\/fraud.pdf","title":"xxx","type":null},"content":[{"type":"text","text":"法庭文件"}]},{"type":"text","text":",在 2016 年 4 月針對思科公司的最大規模詐騙中,May 和他的同夥註冊了與 cisco.com 用戶 ID 極爲相似、看上去合法可信的僞造網絡域名、電子郵件地址以及序列號錄入界面。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在收集到信息之後,他們將序列號提交至思科公司並謊稱自己的套件出了問題,要求網絡巨頭向其發出備用設備。此次案件涉及多臺價值約 21000 美元的思科 Catalyst 3850-48P-E 交換機和數臺思科 ASR 9001 路由器,兩類產品總值超過 10 萬美元。在收貨之後,欺詐分子立即帶着備用設備逃脫,思科公司根本收不到所謂“需要更換的損壞設備”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"聯邦調查局費城分部特工 Michael Driscoll 表示,May 和他的同夥破壞了以誠信爲基礎的消費者保修計劃,他們從中獲利並給多家企業及聯邦政府造成重大損失。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"同樣的騙局也讓微軟和聯想馬失前蹄。法庭文件指出,May 特別擅長挑選那些無法通過遠程連接或者軟件更新實現修復的僞造故障,同時確保這些問題看似必須要更換設備才能解決。此外,May 犯罪團伙還會通過 P 圖修改套件與序列號,用以矇蔽技術支持人員。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在通過 UPS 或者 FedEx 發出替換用的硬件之後,受害者一方根本取不回所謂發生故障的設備。與此同時,May 一夥則轉手將換新產品擺在 eBay 等多個二手網站上出售,快速賺取大量現金。他們還將部分微軟硬件運往新加坡轉售。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"爲何能成功"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在這次詐騙案中,May 團隊的欺詐手法並不算老道。May 會將一部分騙來的錢存進自己的個人賬戶,也兌付過一些硬通貨。聯邦調查局表示,May 曾用贓款買了一款 2017 款的寶馬 Coupe 車型,他本人家中也搜出大量現金。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這場騙局之所以能成功,核心原因在於 May 團伙堅持不懈的申請和爲受騙企業量身定製的索賠信息。May 團伙先後提交了幾百次換貨申請,成功率高得驚人。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以最大的受害者思科爲例,May 個人提交了 267 項虛假保修索賠,而另一個位於德克薩斯州的同夥提交了另外 101 項虛假保修索賠。在這 368 次虛假保修索賠中,May 和他的同夥至少成功了 252 次。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"就微軟而言,May 和一位新加坡的同夥負責向微軟提交了 227 項虛假保修索賠,其中 139 項虛假索賠成功。對於聯想,May 個人提交了至少 216 項單獨的虛假保修索賠,並且每次都聲稱其聯想 ThinkPad 硬盤出現故障,這些虛假的保修索賠有 193 次成功。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“保修政策本來是希望提前更換存在故障的產品,儘量幫助消費者回避業務影響。但這項以誠信爲基礎的計劃卻遭到騙子的非法利用。”代理檢察官 Jennifer Williams 表示,“保修欺詐犯罪在本質上會給提供大量就業崗位的企業造成巨大經濟損失與財務壓力,因此犯罪分子必須入獄服刑,接受因自身行爲帶來的後果。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,在過去很長一段時間裏,聯邦調查局一直在關注這名特拉華州的黑客。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"早年間,中央情報局 (CIA) 製作了一個模擬器來幫助特工做戰鬥訓練。遊戲製作公司 Atomic 後來利用該系統製作了一個電子遊戲。2010 年,在一個遊戲博覽會上,May 正在竊取該價值 600 萬美元的遊戲代碼時被工作人員發現,隨後在逃跑途中被制服。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"由於遊戲公司認爲 May 並非這次盜竊事件的主要策劃者,所以沒有要求對其進行嚴厲制裁。被捕數月後,May 同意法官提出的審前緩刑,緩刑條款包括:必須在學校學習,並在 18 個月內遠離 Xbox Live 遊戲網站。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2013 年,澳大利亞黑客 Dylan Wheeler 團隊的四名成員因盜竊價值超過 1 億美元的 Xbox 遊戲代碼而被當地聯邦檢察官提起指控。團隊成員都對犯罪事實供認不諱。在起訴書中,有一名來自特拉華州的身份不明的代號爲“A”的人協助了這起盜竊案,Wheeler 表示那個人是 May 。當然,May 否認了這些指控,並表示不知道 Wheeler 爲什麼這麼說,但他承認確實認識這些人。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"相關鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/06\/04\/tech_scammer_doj\/","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/06\/04\/tech_scammer_doj\/"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章