Cyber criminals are selling stolen bank account and credit card details for knock down prices at online supermarkets as part of a thriving and maturing underground economy, according to Internet security outfit Symantec.
Symantec says the underground supermarkets have many traits common in traditional economies, with market forces and supply and demand having a direct impact on pricing and criminals advertising bulk rates and dishing out samples to attract buyers.
In the second half of 2007 bank account details were the most frequently advertised items on underground economy servers. The advertised price for bank account data varied as widely, with prices ranging from $10 to $1000, depending on the location and funds available in the account. Bank accounts that included higher balances, such as business accounts, and EU accounts, were advertised for considerably more, says Symantec.
Credit cards were the second most commonly advertised item and online fraudsters were offering 50 credit card numbers for $40 (80 cents apiece) and 500 numbers for $200 (40 cents each). Symantec says this is a decrease from the bulk rates advertised in the first half of 2007, when the lowest purchase price identified was $1 each for 100 cards.
Full identities were the third most common item advertised for sale and the report found that identities of EU citizens are worth more than American ones on the black market because they can be used throughout the union.
The security vendor also recorded a steep rise in the number of computers hosting phishing Web sites in the second half. The firm observed 87,963 phishing hosts during the period, 167% up on the first six months of the year.
Banks again were the most popular target for phishers, with 80% of brands targeted by attacks during the study period in the financial sector.
The financial services sector also accounted for the highest volume of phishing Web sites during this period - 66% - although this is down from the 72% recorded in the previous six months. Symantec says this may be the result of increasing consumer awareness of the threat.
Although six of the top 10 brands spoofed by attackers were in the financial sector, the second most frequently imitated brand was a social networking site.
The firm says that whilst there may be no immediate financial gain from stealing account information from a social networking site, attackers could use the compromised account to gather detailed information about the user.