In my last blog post, I covered several topics around how cybercriminals use your stolen information and why these criminals want your information. That entry, along with this entry, is part of a blog series intended to cover the expanding economies in relation to cybercrime, as well as some facts and recommendations to help safeguard your data against information theft.
In the first part of the two-part intelligence brief series, I will tackle the existing “trust model” in the underground cybercrime arena and some profiling of the gateways/actors that sell these goods.
Information Theft Business Model
It’s no secret that scammers are out there to make a quick buck. However, what’s often not known or discussed is how they engage the market to sell their goods.
These scammers must first engage the market with their goods. They often reach out to Pastebin, underground forums, and several other sites designed to peddle their wares. Furthermore, they also use a popular tactic of posting their “ads” on legitimate forums and sites. This step can be considered the aspect of “gaining your customers”. The next step is establishing a pricing model to fit the marketplace.
Price Discrimination vs. Penetration Pricing
During the past five years, there have been a number of incidents outlining price discrimination on underground forums. Price discrimination exists when a provider sells identical goods or services at different prices for several reasons. There are realistically four degrees of price discrimination, all with varying discriminatory fashions.
However, in the past two years, there has been a shift away from price discrimination and to a more penetration pricing model. Penetration pricing is a tactic used by a seller to attract new buyers in multiple different ways.
In the penetration pricing model, scammers enter the market and sell their wares at a much lower price to gain market space, and then slowly increase their price until it meets market value with the other sellers. Many of the vendors participating in selling stolen goods enjoy a good market for selling these goods after using this model. Utilizing this will often lead to increased sales volume and higher inventory turnover.
This penetration pricing upswing has likely occurred as there were many new entrants into the underground marketplace selling goods. These new entrants weren’t following maximum price rules or by unique buyer attributes.
These scammers are also enjoying a fairly uninhibited marketplace since the ease of hiding their nefarious activities has dramatically improved. For those familiar, see onion routing, and that will easily explain one of the many ways these actors hide their tracks.