In passing, I recalled talking to my neighbor where I mentioned working in the area of information security. His next question quickly came out- “Why do these scammers want my information?” The more I’m asked this question, the more apparent it becomes that user information is highly valuable.
Would it be surprising to know that it would merely cost $5 (USD) to buy all of your personal information on underground forums and sites? Some of you may also be surprised to find out the information for sale isn’t just your name and address-it’s far more than that.
“Fullz”, as it is referred to in underground forums contain not just credit card numbers, names, and date of births. “Fullz” are typically delivered in one of several methods. First, it could be a text or .CSV file containing all of the information in a comma separated file. All of the details of the compromised individuals would be included in the file for easy perusal. In addition, “fullz” could be delivered via a portable database format, like a .MDF file for easy local database import. You can also find personal questions asked during account registrations as well as driver’s license information, social security number, and other information.
Just because these scammers are nefarious, it doesn’t mean they’re not entrepreneurial. For instance, one seller offers bulk discounts for orders as seen in figure 2.
These scammers also offer the sale of “dumps”, which is the raw data off the magstrip of your credit cards. In addition to dumps, they sell “plastics”, which are blank cards that are used for writing dumps too.
And finally, to make scamming even easier, attackers are selling direct logins for bank accounts as well as the transportation of high-end electronics. Bank accounts are being sold for direct access to the money- no more buying dumps and plastics, just use your bank login information and transfer the money.
High-end electronics are also peddled on the black market for reasonable prices. These scammers buy devices at retail price using stolen credit card information, and proceed to sell it at discounted rates online for cash.
What do scammers do with my information?
While many people may say, “If a criminal were to grab 20,000 fullz, mine’s not one they’ll use.” This isn’t simply true. While the cybercriminals who stole your information may not use all 20,000 dumps of information, they will likely sell off the portions of unused data for a much lower price.
Attackers will make use of your information in one of several ways. First, they could make clones of your credit cards magstrips, and make large purchases with it. They can then sell those stolen goods for a smaller price online. In addition, they will likely re-sell your information to other crooks to use in the same type of scheme.
In addition to cloning your data, a scammer may use your information to clone your identity or purchase bulletproof hosting. Bulletproof hosting allows for massive leniency on what is uploaded to the servers, and doesn’t have many constraints on sourcing activities from the hosting server. These servers are often used to bypass laws in many locations. Furthermore, using stolen information, makes the originators behind these bulletproof servers very hard to locate. As such, your information could be sold on the black market 10’s of hundreds of times.
We are also seeing an increased marketability for all the mentioned items as well as increased ability to sell. These sellers are using sites that don’t require registration for purchasing, thus opening the door for more buyers to enter the market.
In addition, we are seeing increased usage of “escrowing” these goods. It’s no surprise that scammers even scam each other, and this is a common concept in these forums. To prevent this from happening, escrowing has been coming back in force. The buyer of these scammed products pays the escrow agent, who tests the dump to ensure they work. Once testing has been confirmed, payment is sent to the seller, and likewise, the data sent to the buyer.
In the 2013 security predictions, we stated that these sellers will become more motivated as 2013 progresses. They will sell with an increased entrepreneurial spirit- introducing new and easier ways for buyers to purchase with anonymity.
Share this article