Cybercrime: A secret underground economy

Cybercriminals are making a killing off of stolen identities, creating their own market for buying and selling credit card and bank account information on the cheap.

EMAIL  |   PRINT  |   SHARE  |   RSS
 
google my aol my msn my yahoo! netvibes
Paste this link into your favorite RSS desktop reader
See all CNNMoney.com RSS FEEDS (close)
By David Goldman, CNNMoney.com staff writer

screen.jpg
Cybercriminals sell your information on Internet Relay Chats such as this one. One line reads 'Selling US/Ca & worldwide Cc's for the best prices."
symantec.03.jpg
Cybercriminals can see what you enter on your screen and steal your credit card information or bank account information.

NEW YORK (CNNMoney.com) -- If the word 'cybercrime' conjures up images of computer geeks trying to crash computers from their mothers' basements, think again.

Cybercrime has become a rapidly growing underground business built by savvy criminals, who buy and sell valuable stolen financial information from millions of unsuspecting Internet users every year in an on online black market.

"Most cybercriminals are very, very interested in financial gain by compromising customer accounts," said FBI special agent Austin Berglas, who supervises the Bureau's New York Internet crimes squad. "Believe it or not, there are people who fall victim to their scams, and we see it every day."

Because cybercriminals are so skilled at hacking into thousands of computers every day, the crime is potentially a billion-dollar business. If every stolen credit card and bank account had been wiped clean last year, that would have netted cybercriminals some $8 billion, according to data from Symantec, maker of the Norton antivirus software.

As a result of the lucrative payout, more and more online criminals are entering the game. In fact, the number of new Internet security threats rose nearly three-fold last year to 1.7 million.

Those cyber attacks mostly come from malware, or malicious software, that hands control of your computer, and anything on it or entered into it, over to the bad guys without you even knowing it. The most common forms of malware include keystroke logging, spyware, viruses, worms and Trojan horses.

How the deed is done. Once your information has been stolen, cybercriminals go onto an invitation-only Internet Relay Chat (like a chat group) to do commerce with other online criminals. Cybercriminals will often set up a hacker channel for a matter of days, do business, and then take it down to avoid detection. When active, hacker IRCs can get upwards of 90,000 cybercriminals talking to one another at a given time, according to Dave Cole, senior director of product management at Symantec.

Online criminals use the IRCs to sell or trade your credit card or bank account information. Credit cards are some of the cheapest commodities sold on the Internet Black Market, averaging about 98 cents each when sold in bulk. A full identity goes for just $10.

Credit cards and bank account information made up 51% of the goods advertised on the underground economy last year, up from 38% in 2007. Credit cards are most popular because they're the cheapest stolen commodity. Cards with expiration dates, CVV2 numbers and names go for more than ones with numbers only, but there is no honor in the underground online crime world -- oftentimes hackers will sell the same credit card information to multiple users, and many have already been canceled.

As a result, buyers and sellers on IRC channels will often give the information to a trusted third party for a fee. The third party will test the card information, often by charging a very nominal amount or by posing as a charity, and then verify the goods to the buyer.

After the information is purchased by a secondary criminal, that person can use a machine to print out a fake credit card with your information. But many use yet another tertiary person to wire stolen money into an overseas bank account.

That third person in the chain is usually called a "mule," who often doesn't even know he or she is part of an underground organized crime scheme. Many mules respond to the "make money from home" schemes, where stolen money is sent to their accounts, and they subsequently wire that money to an overseas account for a 10% to 15% fee.

Other mules are given phony ATM cards and are asked to retrieve cash for a small fee. But there is substantial risk involved -- law enforcement usually comes knocking on mules' doors first.

To catch a thief. The FBI is working undercover in many of these IRC channels in an effort to thwart the cybercriminals. And in many cases, captured criminals agree to work for the government in exchange for reduced sentences.

"After we make an arrest for someone cashing out at ATM machines, I'll tell them they can go to jail for 10 years or they can come work for Team America," said Berglas.

The strategy doesn't always work. Albert Gonzalez, the infamous TJ Maxx (TJX, Fortune 500) thief who stole 45 million credit card numbers and private information of 450,000 customers in 2007, was an FBI informant. He helped bring down a massive credit card theft scheme, but double-crossed the FBI, using insider information to help fellow criminals evade detection and carry out the TJ Maxx theft.

Security software also helps, but it far from solves the problem. To avoid detection, many cybercriminals will send out just a handful of viruses before modifying the code and sending it out again.

"The truth is that 'fingerprint' security technology is no longer effective," said Rowan Trollope, senior vice president of product development at Symantec. "The bad guys that got involved are organized professionals, and they figured out how to get around our technology."

Though Trollope said the new version of Norton's antivirus software helps address the problem by scanning for files' reputations, he said that Internet consumers also need know how how to keep their identities safe online.

"We do products really well, but the next step is education," said Trollope. "We can't keep the Internet safe with antivirus software alone." To top of page

Features
They're hiring!These Fortune 100 employers have at least 350 openings each. What are they looking for in a new hire? More
If the Fortune 500 were a country...It would be the world's second-biggest economy. See how big companies' sales stack up against GDP over the past decade. More
Sponsored By:
More Galleries
10 most expensive cars sold at Pebble Beach These multi-million-dollar cars sold for top dollar at this year's Pebble Beach collector car auctions. More
The world's most popular beer is ... Few people outside China have ever tasted the top-selling brew in the world. More
Transformations on the street On his days off, stylist Mark Bustos gives free haircuts to the homeless. Here are some of the transformations. More
Worry about the hackers you don't know 
Crime syndicates and government organizations pose a much greater cyber threat than renegade hacker groups like Anonymous. Play
GE CEO: Bringing jobs back to the U.S. 
Jeff Immelt says the U.S. is a cost competitive market for advanced manufacturing and that GE is bringing jobs back from Mexico. Play
Hamster wheel and wedgie-powered transit 
Red Bull Creation challenges hackers and engineers to invent new modes of transportation. Play

Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.