Now that the volume of cash circulating through society is falling, bank robbery is no longer the blue-collar career it used to be. These days, it seems that career criminals have two options: diversify or invest in an education. An eight- inch knuckle span
and a lack of discernable neck are no longer enough to make it in the world of bank robbery. These days, a successful blagger’s kit bag contains software development tools, not just hammers and crowbars.
That is probably why jewellery stores are the new target of the armed criminal. Clearly, there are significant commercial disadvantages in trying to sell distinctive jewellery rather than non-sequential notes, but there is simply no longer enough cash in
a bank branch to make it a viable target.
Interestingly, this dichotomy is starting to change the dynamics of crime. Whereas electronic crime seems to be getting ever more sophisticated, the number of stories of incompetent robberies seems to be growing steadily. Witness the guys in the U.S. who
saved money on stocking masks by disguising themselves through drawing on their own faces with a ballpoint pen, or the jewellery store thieves in Northampton, brought down by Anne Timpson, an angry grandmother with a fully loaded handbag and a heart full of
And with bigger returns, lower penalties, less chance of capture and far less personal risk, it is unlikely that Mr. Big will swap his laptop for a souped up Granada and a sawn-off shotgun any time soon.
But the surprise in all this is the way that the criminal world has created its own social networks – forums where ideas, tips, tricks, tools and even ill-gotten gains can be swapped, shared and traded.
In a recent FIS study, our Fraud Operations Team, which also looks after warranty risks for cheques and engages with police authorities, identified a number of illicit Web sites. One was an innocent looking Ghost Hunter’s Forum site where suitably spooky
news could be shared between the credulous and the time-rich. A couple of levels down in one of the discussion threads, however, things get altogether more paranormal. But this was not a place where things go bump in the night. Instead it was a rich seam of
consumer data for sale. Here you could buy the usual stuff; credit card details etc, but there was much more on offer and with a highly-structured commercial proposition:
- Credit card numbers with CVV numbers (the three digit code on the back) with or without Verified By Visa passwords
- Bank account numbers with full names, sort codes, internet banking passwords and dates of birth
What really struck our team was the pricing structure. Not only was there a volume discount structure, but they provided tiered pricing based on average account balance. In other words, if you want the bank account details for someone with an average balance
of $5,000, it will cost a lot more than one with an average of $500. And don’t worry if the stolen account details don’t work – simply notify the seller and they will give you another substitute at no extra cost!
It seems that marketing strategists have hit the world of the scammer. In the future, I wonder if they will offer a loyalty scheme based on stealing air miles on behalf of frequent customers too ...
There is a serious point behind this conjecture. The fact is cyber criminals are happy to work together for a common no-good. All over the internet there are places where information is shared about tips and tricks, weak points, good institutions to target
etc: the Anti-Social Network.
Why? Analogue-based bank robbers never tipped fellow blaggers off about the weak hinges on the safe doors at Barclays on Walthamstow High St. My theory (and it is only a theory) is that the world of the cyber criminal is populated by both the hard-headed
career thieves, often highly organised and disciplined, and the more misty-eyed romanticists, “doing it to strike a blow for the people.” After all if nobody is physically harmed, it is not a real crime is it?
This Anti-Social Network principle creates a multiplying effect on the threat to banks and other targets. In the recent past, if a smart criminal were to find a gap in the security protocols at a bank, he could use it to drain out as much money as possible
before disappearing undetected, leaving the bank nursing losses, but with time to get things fixed before the next attack.
But today, there is every likelihood that that same loophole will be exploited by the criminal, then posted into the Anti-Social Network so that more criminals can come and try their luck. Suddenly the scope for losses to spiral out of control is infinitely
Suddenly the stakes have got a lot higher.