Gaffan says these credit card numbers and data are almost never obtained by criminals as a result of legitimate online card use. More often the fraudsters get them through offline credit card number thefts in places like restaurants, when computer tapes are stolen or lost, or using "pharming" sites, which mimic a genuine bank site and dupe cardholders into entering precious private information. Another source of credit card data are the very common "phishing" scams, in which an e-mail that looks like it's from a bank prompts someone to hand over personal data.
Also available on TalkCash is access to hijacked home broadband computers - many of them in the United States - which can be used to host various kinds of criminal exploits, including phishing e-mails and pharming sites.
RSA's Einav says there are about a dozen marketplace sites like TalkCash in operation at any given time. Unfortunately, he and Gaffan suggest it's unlikely this nefarious activity will end anytime soon (though of course that's good for their business).
"When the FBI shuts down a site they just move to another site," says Einav, "The URL changes but the community stays intact."
RSA doesn't even bother trying to shut down such sites, because by monitoring them it can help banks protect themselves. Says Einav: "If you see abnormal demand for accounts from a specific bank, you can assume an exploit is underway."
That's when it goes into action. RSA Cyota claims to have shut down 10,000 phishing and other schemes since Cyota was formed in 1999. (RSA Security bought Cyota last December.) The company maintains a blacklist of sites, which partners use to warn customers.
Over on payment news:
Visa USA has posted its summary of performance data for the first quarter 2006 (PDF) detailing year over year growth rates across its various card products. Net fraud as a percentage of total volume increased from 6 to 7 basis points during the quarter.
OK, so either net fraud went up by a sixth ... or overall net fraud is so low that it's lost in the noise ... or Visa just doesn't know how to count. We could be forgiven for thinking it's so low we can all rest easy, but check out this:
Akin buys things online - laptops, BlackBerries, cameras, flat-screen TVs - using stolen credit cards and aliases. He has the loot shipped via FedEx or DHL to safe houses in Europe, where it is received by friends, then shipped on to Lagos to be sold on the black market. (He figures Americans are too smart to sell a camera on eBay to a buyer with an address in Nigeria.)Posted by iang at May 23, 2006 12:58 PM | TrackBack
Akin's main office is an Internet cafe in the Ikeja section of Lagos. He spends up to ten hours a day there, seven days a week, huddled over one of 50 computers, working his scams.
And he's not alone: The cafe is crowded most of the time with other teenagers, like Akin, working for a "chairman" who buys the computer time and hires them to extract e-mail addresses and credit card information from the thin air of cyberspace. Akin's chairman, who is computer illiterate, gets a 60 percent cut and reserves another 20 percent to pay off law enforcement officials who come around or teachers who complain when the boys cut school. That still puts plenty of cash in Akin's pocket.
A sign at the door of the cafe reads, WE DO NOT TOLERATE SCAMS IN THIS PLACE. DO NOT USE E-MAIL EXTRACTORS OR SEND MULTIPLE MAILS OR HACK CREDIT CARDS. YOU WILL BE HANDED OVER TO THE POLICE. NO 419 ACTIVITY IN THIS CAFE. The sign is a joke; 419 activity, which refers to the section of the Nigerian law dealing with obtaining things by trickery, is a national pastime. There are no coherent laws relating to e-scams, the police are mostly computer illiterate, and penalties for financial crimes are light.