Hi-tech thieves who specialise in card fraud have a credit line in excess of $5bn (£3.35bn), research suggests.
Security firm Symantec calculated the figure to quantify the scale of fraud it found during a year-long look at the net's underground economy.
Credit card numbers were the most popular item on sale and made up 31% of all the goods on offer.
Coming in second were bank details which made up 20% of the items being offered on criminal chat channels.
The $5.3bn figure was reached by multiplying the average amount of fraud perpetrated on a stolen card, $350 (£234), by the many millions Symantec observed being offered for sale.
Similarly, the report said, if hi-tech thieves plundered all the bank accounts offered for sale they could net up to $1.7bn.
Closed accounts
Symantec said it was likely that many of the cards offered for sale were invalid or cancelled and bank accounts closed but it added: "These figures are indicative of the value of the underground economy and the potential worth of the market."
Credit card numbers have proved so popular among hi-tech thieves because they are easy to obtain and use for fraudulent purposes.
Many of the methods favoured by cyber criminals, such as phishing schemes, database attacks and magnetic strip skimmers, are designed to steal credit card information, it said.
The existence of a ready market for any stolen data and the growing use of credit cards also helped maintain their popularity, it said.
"High frequency use and the range of available methods for capturing credit card data would generate more opportunities for theft and compromise and, thus, lead to an increased supply on underground economy servers," said the report.
The price card thieves can expect for the numbers they offer for sale also varied by the country of origin. US card numbers were the cheapest because they were so ubiquitous - 74% of all cards offered for sale were from the US.
By contrast numbers from cards issued in Europe and the Middle East commanded a premium because they were relatively rare.
MOST POPULAR ITEMS
1) Credit card information - 31%
2) Financial accounts - 20%
3)Spam and phishing information - 19%
4) Withdrawal service - 7%
5) Identity theft information - 7%
6) Server accounts - 5%
7) Compromised computers - 4%
8) Website accounts - 3%
9) Malicious applications - 2%
10) Retail accounts - 1%
Criminal alliances
The year-long look at the underground economy confirmed to Symantec how serious and organised cyber thieves have become.
Via the covert chat channels and invitation-only discussion forums hi-tech thieves form loose alliances, contact those who specialise in one technique or find individuals who can extract cash from particular credit cards or financial institutions.
Russian and Eastern European gangs seem to be among the most well-organised and, said the report, have the ability to mass-produce credit and debit cards. By contrast thieves in the US are much more loosely aligned.
But, it said, all the criminals were happy to work together to steal money from credit cards and bank accounts. This was because card numbers stolen in one country can only be "cashed out" in their home nation - necessitating contact across borders.
"Symantec research indicates that there is a certain amount of collaboration and organisation occurring on these forums, especially at the administrative level," it said.
"Moreover, considerable evidence exists that organised crime is involved in many cases."
No comments:
Post a Comment