Cybercriminals Learning To Filter Out Undercover Cops

An anonymous reader writes: Credit card numbers are constantly being stolen, but the people who take them don't usually use them. Instead, they sell them to others who will. Many cards are traded at online forums and markets. Law enforcement investigators know this, and they use these forums to gather intelligence on breaches. But Brian Krebs writes that one of the biggest markets, Rescator, has implemented methods to screen out suspected law enforcement agents. Krebs says of a law enforcement source of his: "The criminals running the fraud shop seized his carding store account and bitcoin balance after the pig alert flashed on my source's screen — effectively stealing hundreds of taxpayer dollars directly from the authorities. .. I found his case fascinating and yet another example of the growing sophistication of large-scale cybercrime operations."

Stealing wasn't the point

[TWX]

Krebs says of a law enforcement source of his: "The criminals running the fraud shop seized his carding store account and bitcoin balance after the pig alert flashed on my source's screen — effectively stealing hundreds of taxpayer dollars directly from the authorities..."

I think it's hilarious that the angle they took was the seizing of the police's resources committed to the transaction system. The point wasn't to steal the police's resources, that was a drop in the bucket compared to the size of the operation. The point was to prevent the suspected law enforcement agency from continuing to play and to preserve the information that might be linked with the account to use that information to help spot other law enforcement accounts.

If anything, the lack of size of the law enforcement operation was probably the initial red flag. Sure, actual criminals will start out small too, but usually an unwillingness to go all-in is a warning flag. Flat out, usually the, "good guys," have limits on their behavior either because they're attempting to do as little harm as possible or being limited in funding since they're not actually running a criminal for-profit enterprise, or a combination thereof.

It'll probably take a turned-insider to break this stuff. That's what it usually takes. Actually find a person involved, use the carrot-and-stick approach to give them reduced charges or some degree of immunity in exchange for breaking the organization from within, and let that person both take the risks associated with data collection and give them time to build up enough information to make further prosecution possible.

Re:Stealing wasn't the point

[KenDiPietro]

After Snowden sold the US out, it was quietly reported about a large number of people on the US payroll in other countries (and their families) disappearing quietly, and permanently.

It was quietly reported by the very same people who have evidence that 9/11 was in inside job, if I'm not mistaken. Maybe a better quality source of information would be the best way forward, don't you think?

amateurs

When you detect the unwanted customer, don't block them ... sell them randomized fake CC info. Their evil genius is weak sauce.

"Credit card numbers are constantly being stolen"

[k6mfw]

Maybe have it such that taking a credit card number is not as easy as getting a number. Let me explain: Someone commented getting a credit card even using someone else's name and address, all you have to do is fill out a form and put down a bunch of numbers. Unlike getting a car, you have to show them that it is really you is you getting the car. But I guess credit cards are becoming more commonplace (damned as I see someone buying lousy cup of coffee for $1.25 with their credit card), so with more of these but less of honest jobs that pay a livable wage only bound to have more credit card number thefts.

Immature Terminology

[Dominare]

Okay, I know this is off topic and I apologize, but can we agree that its time to stop calling them "Cybercriminals"? It's not 1997 anymore and internet-enabled devices are deeply integrated into most aspects of all our lives - they're just criminals.

I'm serious by the way, this isn't an attempt to be funny. Appending the cyber- prefix automatically sets them apart and I think that's a bad thing. They're thieves, and we already have plenty of words for those.

Re:Immature Terminology

[mysidia]

Okay, I know this is off topic and I apologize, but can we agree that its time to stop calling them "Cybercriminals"?

These people are called cybercriminals to provide information about what kind of criminals they are; it doesn't mean they are to be looked at as privileged or special; You don't call a serial killer just a "criminal"; These people who deal in batches of stolen credit card or social security numbers for mortgage or Tax Refund fraud are much worse than common criminals, just like you refer to criminals who are serial killers differently than you refer to muggers or jaywalkers. A thief probably only robs from a few people, cybercriminals are "Mass Thieves", and the penalties should be more severe --- they are criminals that use what the average person would consider technically sophisticated methods or tools involving the abuse of technology as a fundamental aspect in the commission of their crimes.....

They are not thieves in the traditional sense, other than their intention is essentially to get money they have not earned, E.g. those selling copies of other peoples' credit card numbers, And their chance at a profit is supported by another criminal's expectation of using those numbers to defraud banks out of $$$, but some of these criminals are also referred to as frausters and identity thieves.