Saturday, November 29, 2008

Credit card info most sought-after illicit data on online underground economy - - 25 Nov 08

MONTREAL — Stolen credit card information was the most common item for sale and requested in the Internet's underground economy, with its potential worth estimated at billions of dollars, according to a recent one-year survey by cyber-security firm Symantec Inc.

Credit card information may be in such demand among online thieves because using fraudulent credit card data for online purchases is relatively easy, Symantec said in its report on the global black market.

"The average credit limit was around US$4,000," Symantec spokesman Marc Fossi said of each card obtained this way.

"If they were to max them out using that $4,000 average, that would make US$5.3 billion."

The price of each credit card number ranged from between 50 cents to US$12, said Fossi. The prices were based on supply and demand and buying in bulk, he said, adding the price tag per credit card number would apply if someone were buying 1,000 and wanted to ensure multiple spending opportunities.

"Another reason why they do this in bulk is between the time that the card is stolen and the time that one of these guys buys the card, that card may have been reported as being stolen. It may not longer be valid or it may have been maxed out."

Symantec, producer of the widely used Norton Antivirus software, surveyed cybercrime activity between July 1, 2007, and June 30, 2008. Most of the activity was in North America.

It defines cybercrime as any crime that's committed using a computer, network or hardware device.

Credit card information made up 31 per cent of the items advertised for sale and 24 per cent of items that were requested, said Fossi, executive editor of Symantec's Report on the Underground Economy.

Banking information was the second-most common information for sale on the online underground economy and it was the third-most requested.

"For bank account credentials, Symantec estimates that the value based on their use would be worth US$1.7 billion," the report said.

RCMP Cpl. Louis Robertson said the theft of credit cards and banking information is a profitable business for thieves.

"We are looking at a $500-million identity fraud problem in Canada yearly," said Robertson of the Anti-Fraud Call Centre in North Bay, Ont.

"That $500 million is the tip of the iceberg and it's very possible that your identity was compromised last year and you don't know that," he said.

Unfortunately, thieves are usually able to catch up to technology and consumers need to pay attention to who is handling their cards, how they're being handled and how they store sensitive information, Robertson said.

Two of the most common platforms for the online underground economy, where goods such as credit card numbers and banking information are bought and sold, are Web-based forums and the more anonymous Internet Relay Chat servers, the study says.

Users can run a software program on their computers to connect to one of these IRC servers and join a channel where real-time discussion groups populated with people using nicknames buy and sell fraudulent goods and services.

Fossi said that using IRC servers are gaining popularity because they're "more fly-by-night" and a channel can be shut down and users can move to another one, making the activity less visible than on websites.

"Typical advertisements on underground channels list the available items, prices and other details such as payment options, contract information and qualifier," he said.

Credit card information for sale in cyberspace is generally obtained through so-called "phishing" websites that pose as legitimate businesses and convince people to give up financial information, malicious code put on computers through viruses or trojans, cards that are physically skimmed when paying for a purchase, or illegally from a retailer.

Symantec estimated the value of the goods it saw advertised on underground economy servers at more than US$276 million for the reporting period and that 46 per cent of these servers were in North America run by organized rings of thieves and individuals

No comments: