CREDIT: Jason Payne, The Province Ryan Purita is a forensic examiner and security specialist with Totally Connected Security Ltd. in Vancouver. He says that people don’t realize how vulnerable their information is to scammers every time they use a bank website or punch in their credit card number.

Major Canadian bank websites are vulnerable to hackers who use them to steal customers’ credit-card numbers and personal information, says one of B.C.’s top cyber-sleuths.

“Most people assume it’s safe,” says Ryan Purita, one of three court-certified forensic computer experts in B.C. “I can only say, it’s horrible.”

Purita works out of an office on Southeast Marine Drive, home to Totally Connected Security Ltd. He works with police cracking computer hard drives in criminal cases ranging from industrial espionage and drugs to child pornography.

“I’ve done audits for banks and found vulnerabilities. I come back a year later and that vulnerability is still there. It hasn’t been fixed. It hasn’t even been looked at.”

Purita is one of only three “EnCase Certified Skilled Examiners” in B.C.

EnCase certification is recognized by Canadian and U.S. courts, by law-enforcement agencies and governments as the top credential in computer forensics.

And he’s an expert when it comes to the cyberspace underworld of hackers and scammers who rip off unsuspecting owners of credit cards and bank accounts.

Purita says that when a major bank’s personal-banking website goes down for “maintenance” in the middle of a business day, it’s a sure sign that someone has compromised the security of the system.

“Do you really think it’s maintenance?” he asked. “Think about that . . . The only time banks go down for maintenance is Sundays at three o’clock in the morning.

“Next time you go to your bank [site] and you can’t log in because ‘the system is currently unavailable,’ think real hard about what’s happening. I can assure you it’s not ‘daily maintenance.'”

To prove his point, Purita takes The Province to the company’s “forensic lab,” where shelves of computers boasting 22,000 gigabytes of memory can crack the most obstinate hard drive.

He logs on to mIRC, an Internet chatroom, and connects to a server called Undernet, where “they trade credit cards like hockey cards.”

He finds a site called CCpower, where 191 people are logged in.

“We’re going to sit here and watch credit cards fly past the screen,” he says. “You’ll get the name, address, credit card number, ‘CVV’ number — that number on the back that’s supposed to be known to only you — phone number, social security number, AOL screen name, password, EBay password. It just screens by.”

He said an experienced user can get 10,000 credit card numbers in a 24-hour-period.

“You’ll get a guy who just hacked into a website and is posting a credit card every minute,” he adds. “It’s mind-boggling.”

Purita logs on to a site called International Agency for the Advancement of Criminal Activity, which boasts things like “the best spyware you can buy on the Internet” and “cards with CVV and full info, SS# lookups.”

“I send him my $50 and I pull up your life,” he says. “I get your credit report, your social insurance, credit card numbers with CVV — all for $50.”

Purita finds someone who’s posted a request “looking for Ebay accounts, scam pages.”

He finds another who’s offering classic, gold and platinum credit cards for the U.S., Canada and Europe, with 95 per cent approval.

“They can also create the actual stripe that you can clone a card with,” he says. “You can run a blank or change an existing credit card to reflect a different account. I take in my card and it’s not taking it out of my account but someone else’s.”

Purita points to someone offering to “cash out banks, Wells Fargo — private message me.”

He says “cashing out” means you give the person a bank account number and the scammer will withdraw it for a percentage.

“If you have a $20,000 credit limit, I give him your account number, he sucks it dry, takes $19,800, and then wires it to a Latvian bank where it’s untraceable,” he adds. “He’ll do it for a small percentage.”

Another scammer guarantees credit cards that are “100-per-cent fresh.”

“What he means is he’s just compromised a website,” says Purita. “This is the underground part of the Internet that most people don’t know about. It’s scary what’s out there.”

Purita insists banks are not interested in stopping credit-card theft.

If someone rips off a credit card, the merchant has to refund the money and pay a “charge-back fee” to the bank, which can be between 50 cents and $25, Purita says.

“The banks make money out of credit-card fraud.”

[email protected]

THE TRAIL YOU’RE LEAVING

Everyone who uses a computer leaves behind a trail of evidence, says digital detective Ryan Purita.

Simple things like driving your car, printing a document or using your camera phone can also give police details of your behaviour, he says.

-Cars: “If you get into an accident, it might record the last speed and how hard you were hitting the brakes.”

–Cellphones: “If you use it as an organizer, it has lots of information you didn’t save which you can’t see. If I was to forensically go through my cellphone, I might be able to pull up a deleted picture or a voice recording or a phone number on a contact list that I deleted.”

-Printers with a hard drive: “They are one of the scariest ones. Our printer broke down. I saw the hard drive and took a look. I was able to pull up documents that were printed on that printer two years ago.”

-Laser printers: “All laser printers embed a code on each page that’s printed. If you put an ultra-violet light on it, you can determine the manufacturer of the printer and where it was sold and you can call them and they have a database of who they sold it to.”

-Computers: “If you click on a file and delete it and go to the recycling bin and empty it, that file is still on the computer. People have no clue of how many trails they leave behind just by clicking on that Explorer to open it up. The time they clicked it, the website they went to, any cookies that they picked up.”

© The Vancouver Province 2005