Piracy does not only happen off the coast of Somalia, and fraud does not only occur when you forget to collect your bank statements.
Increasingly, crimes are taking place online, and all providers of technology need to be sure they protect their customers and themselves.
Guy Bunker, chief analyst at Symantec, said the firm’s latest report on the
underground economy reveals a matured global market, with the same supply and demand pressures and responses of any other economy.
The report, based on data collected between June 2007 and July 2008, found that the underground online economy has its own channels resellers, distributors, service providers and developers collaborate with vendors to make solid revenue from illegal activities involving technology.
Services offered include cashiers who can transfer funds from stolen accounts, scam or spoof page hosting, and even job advertisements for people such as scam developers or phishing partners.
“Our global information network collects information from everywhere to monitor things such as the flow of credit card and bank account details,” Bunker said.
Although Symantec’s study is only of certain aspects of the underground
economy rather than the whole cybercrime phenomenon, it reveals a large and
Goods and services are advertised by category, or item and samples of sensitive information are offered to customers. Advertising messages come loaded with language to tempt and excite, using words such as ‘fresh’ and ‘unspammed’.
According to the report, typical ads include what is for sale, the price range, acceptable payment methods, and contact information for the vendor or reseller.
Bunker said that Symantec has no information tying legitimate members of the IT channel specifically to this activity, but he warned that providers need to be aware of the underground economy and must know how to protect themselves.
Big business for fraud
Symantec’s report reveals that such trade in personal or corporate details and malware exploits is big business.
“A number of sales people we found were advertising goods for a value of
$150,000 (£98,000) online,” he said. “So if one was to buy them and exploit
them, the potential value is more than that. We have estimated some can be worth
Corporate credit card or banking details, for instance, are worth more than those associated with a personal account.
However, pages of accounts with details of hundreds of individuals are bought and sold. Criminals buying those can attempt to withdraw funds from accounts very quickly.
“One thing you can buy on the underground economy is email addresses by MB,” Bunker said. “We have seen that corporate systems compromised by botnet herds have leaked information.”
He said that this had happened to quite large and responsible companies that most people would think have better IT security policies and practices.
Much underground economy activity, though, happens in the developed world. Symantec’s report found that 46 per cent hailed from servers based in the US, and 38 per cent in Europe, the Middle East and Africa.
The Asia-Pacific region, including China, has been responsible for just 12 per cent of activity registered by Symantec, and Latin America for just five per cent.
“It just comes down to who has the largest number of machines. The US is a good bet for finding a machine that has been compromised,” said Bunker.
He said much illegal online activity comes from Eastern Europe although even the notorious Russian Business Network in early November reportedly moved to China, probably to avoid a growing focus on its activities.
Credit card information, accounting for 31 per cent of the activity observed, is captured by diverse methods before funnelling through online channels, which Bunker said are mostly centred on internet relay chat (IRC), web forums or bulletin boards.
Phishing schemes, monitoring legitimate merchant card authorisations,
magnetic stripe skimmers, card theft, database hacks and laptop or storage media
all common ways of acquiring card details for illegitimate profit.
Credit card numbers sell for seven pence, or as much as £17, with the average card limit being £2,650. Bank accounts, at 20 percent of the total, sell for £6.50 to £650 each. According to Symantec’s report, credit cards are targets for criminals because buying items online is so easy.
“Suspicious activities such as consecutive purchases from more than one country will alert the card issuer of potential fraud and the card will be suspended. However, this is more difficult to monitor for online stores that have no geographical boundaries, and the same card number can be used from multiple locations,” the report said.
“Not all online stores verify the billing address of the credit card, and often any location can be provided as the shipping address.”
Symantec also studied software piracy between July and September 2008 for the report, monitoring services such as BitTorrent.
Many people download pirated software often because a copy was cheaper or not yet available in their local market.
Desktop computer games accounted for 49 per cent of the downloads. Utility applications made up 16 per cent, multimedia suites 11 per cent, business productivity applications five per cent and operating systems four per cent.
Ian Kilpatrick, chairman of security at distributor Wick Hill, said online threats are becoming frightening. “People are not going to notice a lot of drive-by attacks, and things are being dropped into their web sites all the time. The scariest thing is online banking,” he said.
Cybercriminals are learning how to insert code into actual bank web sites. Unlike traditional phishing, where a customer clicks on a link to a fake site that harvests their details, there is little reason to suspect the site is dangerous.
“It asks you for things like your security password and date of birth. And it looks just like the usual web page,” Kilpatrick said. “Give them time, and they will do this for the whole range of banks.”
He added that banks do not do enough to protect customers, and the channel must be more watchful.
Infrastructure provider says international sales now make up 51 per cent of its revenue
Suzanne Chappell of TMS plans sailing venture after selling Oxfordshire-based TMS to acquisitive Chess
Withdrawal of credit insurance by some providers a 'reflection' of current challenge facing IT sector, according to MD Steve Soper
SMART's UK managing director joins Lenovo to boost SMB business