Symantec report page : LinkSecrets of the underground economy
By Kathryn Small 1 December 2008 01:11PM
In IRC channels and web-based forums, the underground economy is thriving, according to the latest year-long report by Symantec. Find out how much a botnet or a set of credit card details would cost you.
The ‘underground economy’ refers to commercial cybercrime activity – specifically, the purchase and sale of fraudulent goods and services. Items for sale might include sold credit card data, bank account credentials, email accounts, and other data.
Services might include cashiers who can transfer funds from stolen accounts into true currency, phishing and scam page hosting, and job advertisements for roles such as scam developers or phishing partners.
The value of the total advertised goods on underground economy servers during the twelve-month period was more than US$276 million.
Information is bought and sold on IRC channels and web forums. Sometimes sellers set up shop on legitimate servers, which makes it harder for police to shut them down.
The underground economy is highly diverse. “The top ten servers control the top 11 per cent of the revenue,” said Craig Scroggie, VP and MD of Symantec Asia Pacific.
Sixty-three (63) per cent of sellers were offering online credit as payment, using wire transfers, or funnelling money through online currencies such as Linden dollars or World of Warcraft gold.
Credit card information was the most highly prized data, accounting for 31 per cent of everything that was sold during the survey period. That included credit card numbers, credit cards with CVV2 numbers, and credit card dumps. It was also the most requested category, making up 24 per cent of all goods requested.
Credit card details might be as cheap as US$0.10 per card, ranging up to US$25, while credit cards with CVV2 numbers ranged from US$0.50 to US$12.
“The thing about credit cards is that it could cost you as little as 10 cents, but the average advertised stolen credit card limit observed by Symantec is more than US$4,000. So it’s an incredible return on investment,” said Scroggie.
“We calculated that the potential worth of all credit cards advertised during the reporting period was US$5.3 billion.”
Credit card information is popular because it’s easy to obtain and easy to use for fraud, explained Scroggie.
“Credit cards are easy to use for online shopping, and it’s often difficult for merchants or credit card providers to identify and address fraudulent transactions before fraudsters complete these transactions and receive their goods.”
Australia has a disproportionately high number of credit card transactions every year. Scroggie explained that in Australia there are 14 million credit cards in circulation, performing 1.4 billion transactions in the last year. By contrast, the UK is three times as large, but had less than 1.8 billion transactions.
“Australia’s always been an early and strong adopter of technology, and we’re an early adopter from a market stand-point. We have high credit card usage relative to other strong economies.”Next, fraudsters traded in financial accounts, at 20 per cent of the total. Stolen bank account information sells for between $10 and $1,000, but the average advertised stolen bank account balance is nearly $40,000. Symantec calculated that the total value of bank accounts advertised as US$1.7 billion.
The average price of a botnet was $25, while the price of phishing scam hosting, keystroke loggers or screen scrapers was $10.
Desktop computer games made up 49 per cent of pirated software, which Scroggie said directly correlated to retail sales in the legitimate market. Following that was commercial software suites such as Adobe’s Creative Suite. “There was a large number of pirated games but the average retail price of games is low – around $50. So there’s a large amount of piracy, but not a large amount of money.”
The underground economy is spread out across the world, ranging from loose collections of individuals to organised and sophisticated groups. North America hosted the largest number of servers, with 45 per cent of the total; Europe/Middle East/Africa hosted 38 per cent; Asia/Pacific with 12 per cent; and Latin America with 5 per cent.
The report noted that the geographical locations of underground economy servers are constantly changing to evade detection.
Scroggie said businesses and individuals could take simple steps to protecting themselves from online fraud.
“They can protect themselves by ensuring they have messaging filtering, a defensive depth strategy, multiple mutual overlapping or complementary software, such as anti-viral, anti-spyware, anti-malware and anti-phishing.
“You can buy a combination of these technologies from reputable security vendors.”
Actual download link for report: Here (PDF file)
No comments:
Post a Comment