A security firm uncovers a scam in which $9 million in fake checks were issued using data stolen online.

Hackers believed to be operating out of Russia have figured out a high-tech way to carry out the decidedly low-tech crime of check fraud, a computer security company says -- writing at least $9 million in fakes against more than 1,200 legitimate accounts.

But these hackers got the account information in an unusual way: They broke into three websites that specialize in a little-known type of business -- archiving check images online.

Check counterfeiting is a crime that savvy Internet criminals usually pass up. After all, it's far easier for them to make money by stealing credit cards and online banking passwords.

Retailers and other businesses use the sites to store records of all the checks they write. Check-cashing operations use them to sock away images of checks they receive. And some banks pay them to store images of customers' checks, so the customers can see them when they log in to their online banking accounts.

The criminals downloaded all the images they could find, grabbing bank routing numbers, names and addresses and even signatures of legitimate account holders. They used the information to create their own checks using easy-to-acquire software and printers.

Link:
http://www.pressherald.com/business/hackers-add-new-twist-to-check-counterfeiting_2010-07-28.html