Folks who don't understand precisely how stolen identities are used -- and a lot of people probably fit that description -- should read this Forbes piece.
The story, which reports on a multi-count indictment unsealed in an Omaha court yesterday, describes how three Indian citizens used stolen identities. In short: The defendants legitimately bought lightly traded stocks. Subsequently, they used stolen passwords to buy large blocks of the same stock. Those purchases drove the price up -- at which point the three sold their own holdings for big profits.
Such "pump and dump" schemes aren't new. The online angle is new -- and frightening. The attention being paid to security in the industry by financial firms, vendors and the government is justified. It's good news that new rules from the Federal Financial Institutions Examination Council (FFIEC) took effect at the beginning of the year. Other regulatory requirements, such as Sarbanes-Oxley and Basel II, will directly or indirectly improve the security of financial transactions.
We hope it's enough. The reality is that the Internet offers clever crooks a new tool chest of ways to defraud. In addition, in the age of the Web, geography is meaningless: The three dependents are alleged to have operated mostly from Thailand and India.
When asked why he robbed banks, the thief Willie Sutton famously answered, "because that's where the money is." Financial services companies should assume that thieves and scoundrels of all sorts, working from every corner of the globe, are thinking exactly the same thing.