Slashdot Mirror

← Back to Stories (view on slashdot.org)

An FBI Agent's 3 Years Undercover With Identity Thieves

Posted by timothy on from the doing-my-best-nelson-laugh dept.

snydeq writes "InfoWorld offers the inside story of how FBI Supervisory Special Agent J. Keith Mularski, aka Master Splynter, penetrated and took over DarkMarket.ws, the infamous underground carding board hacked by Max Butler and later transformed by Mularski into an FBI sting operation. The three-year tour sent Mularski deeper into the world of online computer fraud than any FBI agent before, resulting in 59 arrests and preventing an estimated $70 million in bank fraud before the FBI pulled the plug on the operation in October."

4 of 196 comments (clear)

  1. Re:Fencing by AKAImBatman · · Score: 4, Interesting

    Also from the article I read that corrupt retailers and waiters use portable card readers to steal all mag data on the card. How would you protect yourself against that kind of attack?

    As long as we use credit cards, you and I can't protect ourselves. However, the credit card companies could. Using public key authentication via smartcard technology would make it easy to verify physical access to a credit card. Yet the only instance I can think of, of anyone trying to roll this out is American Express's Blue card. Even that was mostly ineffective as the smart card circuitry appears to go mostly unused.

    --
    Javascript + Nintendo DSi = DSiCade
  2. Reloadable cards. by khasim · · Score: 5, Interesting

    I'm still wondering why the various banks don't offer reloadable cards for their customers. Why wander around with your ENTIRE credit limit in your wallet?

    And for debit cards, your ENTIRE checking account balance.

    Instead, allow the user to transfer the amount that he thinks he will need to a secondary card. That way, if anything compromises that card, the MOST they can get is whatever he put on that card.

    As for online purchases, how about one-use card numbers? Just go to the bank site, put in how much you want to pay and the bank will give you a one use number for that amount. Then the maximum you lose if the online site is fake is that specific amount. They never get the real numbers to your real accounts.

  3. Re:Fencing by Creepy+Crawler · · Score: 4, Interesting

    Or if you hand your CC to a drive-thru to pay for food/drink.. Our receipt paper is thin enough to easily take an imprint of a CC. All you'd need to do is remember 3-4 numbers, the CVV2.

    I found out this accidently, while holding a customer CC while rubbing it: it indented the CC, expr, and name perfectly.

    Good thing im honest in dealings... They wouldnt catch me if I wasnt. I know decent stat to calculate my danger, and how to mitigate any possible repercussions.

    --
  4. Re:Fencing by atamido · · Score: 4, Interesting

    I had an experience nearly identical to this in London when a shop clerk asking if we had a card with a chip in it to use. The friend I was with didn't even know what he was talking about. I explained things to her, and then told the clerk we didn't, but could wander off and find an ATM to use instead. He dug around some and found a card reader, but it was obvious he hadn't used it in a while.