The ‘underground economy’ refers to commercial cybercrime activity – specifically, the purchase and sale of fraudulent goods and services. Items for sale might include sold credit card data, bank account credentials, email accounts, and other data.
Services might include cashiers who can transfer funds from stolen accounts into true currency, phishing and scam page hosting, and job advertisements for roles such as scam developers or phishing partners.
The value of the total advertised goods on underground economy servers during the twelve-month period was more than US$276 million.
Information is bought and sold on IRC channels and web forums. Sometimes sellers set up shop on legitimate servers, which makes it harder for police to shut them down.
The underground economy is highly diverse. “The top ten servers control the top 11 per cent of the revenue,” said Craig Scroggie, VP and MD of Symantec Asia Pacific.
Sixty-three (63) per cent of sellers were offering online credit as payment, using wire transfers, or funnelling money through online currencies such as Linden dollars or World of Warcraft gold.
Credit card information was the most highly prized data, accounting for 31 per cent of everything that was sold during the survey period. That included credit card numbers, credit cards with CVV2 numbers, and credit card dumps. It was also the most requested category, making up 24 per cent of all goods requested.
Credit card details might be as cheap as US$0.10 per card, ranging up to US$25, while credit cards with CVV2 numbers ranged from US$0.50 to US$12.
“The thing about credit cards is that it could cost you as little as 10 cents, but the average advertised stolen credit card limit observed by Symantec is more than US$4,000. So it’s an incredible return on investment,” said Scroggie.
“We calculated that the potential worth of all credit cards advertised during the reporting period was US$5.3 billion.”
Credit card information is popular because it’s easy to obtain and easy to use for fraud, explained Scroggie.
“Credit cards are easy to use for online shopping, and it’s often difficult for merchants or credit card providers to identify and address fraudulent transactions before fraudsters complete these transactions and receive their goods.”
Australia has a disproportionately high number of credit card transactions every year. Scroggie explained that in Australia there are 14 million credit cards in circulation, performing 1.4 billion transactions in the last year. By contrast, the UK is three times as large, but had less than 1.8 billion transactions.
“Australia’s always been an early and strong adopter of technology, and we’re an early adopter from a market stand-point. We have high credit card usage relative to other strong economies.”
Secrets of the underground economy
By Kathryn Small on Dec 1, 2008 1:11PM
In IRC channels and web-based forums, the underground economy is thriving, according to the latest year-long report by Symantec. Find out how much a botnet or a set of credit card details would cost you.
Page 1 of 2 | Single page