21 October 2014

Stolen bank details going cheap on the Web

08 April 2008  |  11090 views  |  0 biometric  face pointer

Cyber criminals are selling stolen bank account and credit card details for knock down prices at online supermarkets as part of a thriving and maturing underground economy, according to Internet security outfit Symantec.

Symantec says the underground supermarkets have many traits common in traditional economies, with market forces and supply and demand having a direct impact on pricing and criminals advertising bulk rates and dishing out samples to attract buyers.

In the second half of 2007 bank account details were the most frequently advertised items on underground economy servers. The advertised price for bank account data varied as widely, with prices ranging from $10 to $1000, depending on the location and funds available in the account. Bank accounts that included higher balances, such as business accounts, and EU accounts, were advertised for considerably more, says Symantec.

Credit cards were the second most commonly advertised item and online fraudsters were offering 50 credit card numbers for $40 (80 cents apiece) and 500 numbers for $200 (40 cents each). Symantec says this is a decrease from the bulk rates advertised in the first half of 2007, when the lowest purchase price identified was $1 each for 100 cards.

Full identities were the third most common item advertised for sale and the report found that identities of EU citizens are worth more than American ones on the black market because they can be used throughout the union.

The security vendor also recorded a steep rise in the number of computers hosting phishing Web sites in the second half. The firm observed 87,963 phishing hosts during the period, 167% up on the first six months of the year.

Banks again were the most popular target for phishers, with 80% of brands targeted by attacks during the study period in the financial sector.

The financial services sector also accounted for the highest volume of phishing Web sites during this period - 66% - although this is down from the 72% recorded in the previous six months. Symantec says this may be the result of increasing consumer awareness of the threat.

Although six of the top 10 brands spoofed by attackers were in the financial sector, the second most frequently imitated brand was a social networking site.

The firm says that whilst there may be no immediate financial gain from stealing account information from a social networking site, attackers could use the compromised account to gather detailed information about the user.

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

03 April, 2008
31 March, 2008
27 March, 2008
22 February, 2008
31 January, 2008
25 January, 2008
17 December, 2007
18 October, 2007
07 August, 2007

Related company news

 

Featured job

£100,000 plus bonus
Central London

Find your next job