Electronic info and credit card details at black market’s mercy

Once a computer-savvy criminal has accessed your electronic information or lured you into volunteering your credit card details you are at the mercy of the black market.

Security procedures embedded into credit cards have made scamming more difficult but the trade is still thriving. There remains a large amount of goods that can be purchased without additional security checks.

For larger sums the onus is on conmen or phishers to learn more about the victim to verify addresses, passwords or security questions.

For these a host of internet chat rooms exist which direct people to black-market sites specialising in selling stolen credit card data.

Phishers, who lift large volumes of credit card numbers, prefer to ship them off in this wholesale fashion rather than risk getting caught by using the accounts themselves.

The sell-on sites are set up as pawn shops or CVV sellers. They are very basic in design. Some only require a rudimentary log in and password process, others need an email check.

According to separate address-alert services the sites in question were based in Russia, Eastern Europe, and Africa. Payments to them are routed through an external electronic system.

For €10, European card numbers can be bought and North American details are available for €5. The reason for the difference is unclear.

The majority of card numbers are from America or Canada, while those that originated from Europe were predominantly linked to Dutch accounts.

A search of a number of black-market credit card sites did not uncover any credit cards on sale with Irish addresses. Credit cards have tightened security but the black marketeers offer refunds if the number paid for has already been shut down.

Black-market sites advise buyers not to involve themselves directly in the transaction and to engage middlemen to whom the products can be delivered. These reportedly charge 30% to 60% to accept a drop.

Chat rooms also show hundreds of individuals offering to sell bank account details, credit card numbers, and pins on an individual basis.

For prices ranging from $1 to $1,000, access is promised to bank accounts and credit cards with varying degrees of additional information such as dates of birth, login records and passwords. The more details required the larger the fee.

Some comments linked to the chat rooms accuse them of being honey traps which do not sell credit cards but instead steal them from would-be number thieves.

If phishers choose to get direct access to a bank account or a credit card, rather than selling it on, the technique is to fast-track transfers to a so-called mule as quickly as possible. This mule has a bank account which will receive the money, for a 10% commission, before it is withdrawn in cash.

Read more in this special investigation here.


Lifestyle

I ’M mad for the snacks these days — I think I will forever associate lockdown with snacking. I’m trying to keep it under control and not just grab whatever comes to hand but it is a bit of an effort for me.Derval O'Rourke's top tips for healthy snacks

We don’t cook with lobster often, so this was a bit of a re-education in preparing and using lobsters.Currabinny: Recipes completely manageable for lobster novices

More From The Irish Examiner