A chat channel screenshot where buyers and sellers of the underground economy meet.
Source: Symantec Corp.
Despite tough economic times on Wall Street, the underground economy of stolen credit cards and bank account information is booming.
According to a report released Nov. 24 by Symantec Corp., about $276 million worth of passwords, hacker tools, bank account credentials and credit card information were available on Web forums and chat channels for sale from July 2007 to June 2008.
Of all the data and tools available, credit card information was promoted the most, accounting for 31 percent of the total underground economy. People shopping for a credit card number could purchase one for $0.10 to $25 per card, and once it was obtained, an average of $350 was put on the card. If all the credit cards for sale during the reporting period were maxed out, the estimated value would be $5.3 billion.
Credit card numbers that also included a three- or four-digit security number — variously called CVV2, CID, CVC2 by the different card issuers — were the most highly prized form of card data, representing 16 percent of sellable goods. However, cards with the code are still inexpensive, costing only about $0.70 a piece when bought in bulk; credit cards without a security code are sold for as little as a dime.
Credit card numbers without a security code accounted for 13 percent of all advertised goods on the underground economy, which was a decrease from 22 percent in the first six months of 2007. The report cited the decrease as a result of consumers and issuers monitoring purchases more and using online payment services such as PayPal to avoid fraud.
Bank account credentials were second behind credit cards as the most common good advertised on the underground economy, representing about 20 percent of the total. Stolen bank account information sold for $10 to $1,000, and the average advertised account has about a $40,000 balance. During the reporting period, about $1.7 billion in account credentials were for sale.
Here’s a breakdown of the goods and services available for sale and requested on the underground market.
During the reporting period, Symantec found that more Web forums and chat channels offering stolen goods were hosted on servers located in North America — about 45 percent — than anywhere else. Europe, the Middle East and Africa hosted 38 percent, and Asia and the Pacific hosted 12 percent. Within those areas, the geographical locations of the servers change constantly to evade detection.
Stolen credit card information remains popular because of the versatility it affords criminals; making a purchase online with a stolen credit card is easy, and merchants find it difficult to track and address fraudulent transactions before they’re processed and shipped. Also, Symantec reported that discounts or free numbers are given to criminals if they purchase a large amount of stolen credit card information.