Internet Thieves Make Big Money Stealing Corporate Info

An innocuous posting appeared on a Houston-based technology company's internal website on a recent Friday afternoon.

A couple of workers saw it, and obeyed instructions to click on a Web link. The posting seemed trustworthy. It was on an employees-only message board. And the link referenced news about a favorite company charity.

By clicking on the link, the workers infected their PCs with a virus that shut down the company's antivirus defenses, says Don Jackson, director of Threat Intelligence at Atlanta-based SecureWorks, who investigated the break-in. As a rule, tech security firms help clients under non-disclosure agreements.

The virus swiftly located - and infected - some 300 other workstation PCs, silently copying the contents of each computer's MyDocuments folder. It transmitted the data across the Internet to a gang of thieves operating out of Turkey.