Card fraudsters: A world unto themselves

Computerworld Australia - Some 12 online credit card fraud networks are in operation today, with active traders on some Web sites numbering between 7,000 and 9,000, according to a Secret Service agent going by the name of Jake Jacobson.

With quasimilitary business models, alleged parliamentary links and even feedback forums on the more current "carding forums," the proceeds of some heists have reaped more than $15.9 million from stolen data, according to the interior minister of one country.

But who had any idea there was a funny side?

At times, Jacobson had those attending his presentation at this year's Australia Computer Emergency Response Team (AusCert) conference in Queensland last week laughing out loud -- not at the terrible crimes of teenage Ukrainian youth, but at the extent of the operations with one crudely named network even sponsoring state-endorsed cultural events and advertising an online site.

"All you have to do is set up a bulletin board, and the Web provides order and stability," Jacobson said.

"You control membership and kick out time wasters. At any time, there are at least a dozen [sites] operating and if you divide the traffic a big part of it is transactional -- buying and selling hacked databases, counterfeit credit cards and drivers' licences.

"Another aspect of the traffic is recruitment. They bring kids in or find high-level partners with different capabilities. And then there's knowledge sharing. The criminals are better at sharing knowledge than any U.S. government I have worked with."

Jacobson described his work as tracking millions of dollars to shady characters in dodgy parts of the world, and admitted that in far too many cases nobody knows what the money is used for. He outlined one operation, Operation Firewall, which in July 2003 netted the perpetrators behind Shadowcrew, Carderplanet and Darkprofits sites.

"By early 2003, things were rolling; we saw sites like the Brotherhood of Carders (8,600 user accounts) as well buying and selling information hacked out of the system, but there was no resource more responsible than Carderplanet," Jacobson said.

"Carderplanet had 7,000 active users from May 2001 and by August 2004 was the most reliable source for every criminal goods or service available on the Internet. The Russian-speaking community, the Ukraine Belarus, and the Baltic communities are unmatched as a source for [financial] crime and no other community comes close."

Jacobson said that more recently, carding forums have added feedback forums.

"One guy had completed 25 deals, with a 100% positive feedback rating; they have adopted rankings unabashedly," he said. "They now have specialized equipment to create bank-quality cards, offer phishing services, and even re-shipping. You can choose from reviewed vendors and compare pricing, everything you want is available and you can buy credit card "dumps" and track data."

Jacobson said a December 2005 bust of one Eastern-bloc trader led to problems with prosecution, because the perpetrator "had a remote control destruction device more like an NSA spy plane, but on a home PC" that destroyed all evidence on his hard disk. Two members of the Ukrainian parliament had personally vouched for him.