Computer Crime Research Center

cybercrime/orgcybercrime.jpg

The Business of Cybercrime

Date: December 09, 2010
Source: ABC.net.au
By: Michael Sentonas, McAfee

Globalisation offers many benefits to consumers and businesses. Unfortunately, it also offers plenty of opportunities for organised crime. Rather than going it alone, many Internet criminals join organised crime groups or they create new ones. Whether the reasons are economic, cultural, or technical, the motivations behind joining the virtual criminal universe are plentiful. Around the world, some individuals and many organised crime or mafia groups carry out illegal acts on the web, often in the hope of becoming rich.

Australia is one of the top 10 target countries for cybercrime. We recently came across an incident where Australian credit card holders' personal information was compromised when it was published on a website originating from Vietnam. This might seem like a one-off case, however, these incidents are part of an organised cybercrime effort.

Every day, thousands of pieces of information related to stolen, misappropriated, and sometimes even fake credit cards are sold by cybercriminals. Three packages are typically offered:

CC dump: This is the information available on the credit card's magnetic strip. Bought in large quantity, a simple dump costs only around US$0.10 (AU$0.09).

CC full info: This contains all of the details about a bank card and its owner. The exact nature of data varies by vendor. Depending on quality and countries, the cost ranges from US$2 to US$30 (AU$1.97 to AU$29.60).

COBs (Credit Card with Change of Billing): More powerful than the CC full, this offer makes it possible to take total control over the pirated account. The information provided allows the buyer to change the victim's address to gain better security for future fraudulent transactions (delivery, mailed bank statements, and point of contact). Prices vary from US$80 to US$300 (AU$79 to AU$296), depending on supply and the authorised balance transfer and spending limits.

To gather a user's personal information, cybercriminals are exploiting software vulnerabilities and human psychology to spawn a broad range of malware and threats including spyware, phishing, botnets, adware, rootkits (a group of programs designed to take control of a PC), spam, and unsafe websites.

They no longer deliver threats only via spam and are taking advantage of popular social networking sites to secure personal identify information. The malware underworld is also using mainstream practices in an effort to "sell" fake security software that is either misleading or outright fraudulent.

Many consumers are increasingly shopping online, taking advantage of the rising Australian dollar or looking for bargain deals in the lead up to Christmas. They need to be aware of the security risks that exist and protect themselves against spam and malware attacks by using the latest security software with real-time malware updates and be wary of sharing any personal information even if it is a popular website.


Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo