On March 28th USA Today reported on the news that co-founder of Microsoft, Paul Allen, experienced what too many people have been subject to before: identity theft. Sources say that Brandon Lee Price, a U.S. soldier in Pittsburgh, has been charged with changing the address (via phone) on the bank account owned by Allen and attempting to redirect funds to a personal account. With the goal of wiring $15,000 to himself, Price then called Citibank to report a lost debit card and had a replacement sent to his home in Pittsburgh. Although most of actual crime committed happened off-line, as Price then made purchases at a GameStop and Family Dollar store, he is allegedly being charged with both wire fraud and bank fraud.

It’s been an amazing couple of days at MRC already. What is really exciting for me is that e-commerce players are starting to understand that web session behavior is a key component to protecting their sites, customers, and brands. I know that sounds like a marketing pitch, but it actually isn’t. Those of you who know me well will know that what’s important to me is protecting the online environment. The way I see it – each negative experience that happens to a consumer, whether that be an actual experience or just something the consumer reads in the press, impacts the way that person interacts online going forward. And if someone is defrauded when using MerchantABC and then stops using online MerchantXYZ as well, that’s bad for everyone.

Great news about MS, NACHA, and FS-ISAC doing a physical takedown of botnet servers. There is a video that shows some of the actual takedown process. How cool is it to get to see the actual interaction with the criminals?

McAfee has identified a new android app that is actually malware posing as second factor authentication for financial institutions. The app supposedly generates a one time password token on your phone that you can use on the banking website. The tokens that are generated, though, are merely random numbers. The app takes several malicious actions. First, it gathers information about the phone and sends that to the criminal. Second, it obtains the online password for the victim’s bank account and sends that to the criminal. Finally, it steals the contact list (names and phone numbers) from the phone.

Between billions of dollars in economic impact, broadcast rights, ad revenue, and gambling, March Madness is unquestionably big business. The demand for March Madness tickets is surging, and with countless transactions occurring on the various ticketing sides, the opportunity for online fraud is at a peak. According to Michelle L. Corey of the Better Business Beaureau, “Major sporting events like the NCAA tournament almost always inspire scammers to capitalize on the scarcity of tickets and fans’ desire to snap up souvenirs or team jerseys. The BBB advises fans to check out offers with the BBB before plunking down money or giving credit card numbers.”