Credit card fraudsters' online marketplace exposed

By David Meyer, ZDNet UK
Friday, March 28, 2008 10:29 AM

A security company claims to have uncovered an online exchange for credit-card data that has been obtained by fraudulent means--most likely phishing.

Finjan said in a Tuesday statement that the Blogspot-hosted, SellCVV2 Web site was "promoting the sale of fraudulent credit-card data with guarantees and volume discounts for large-scale fraudsters".

At the time of writing, the SellCVV2 site appeared to have been cleared of all its contents. The card details that were allegedly being traded on the site are believed to have been obtained through phishing, the practice of conning cardholders into revealing their security details through spam e-mail messages and fake bank Web sites.

"[SellCVV2] is typical of a number of portals promoting the exchange of fraudulent card data," said Yuval Ben-Itzhak, Finjan's chief technology officer. "But what is apparent from the SellCVV2 site is the level of commercialization of the traders involved."

According to Ben-Itzhak, prices on the site were segmented by type of card, type of account and country of origin. "Prices typically range from US$38 per set of card data for premium card accounts in small volumes, going down to US$10 for [Classic Visa] card data in volumes of 100 or more. Customers are also being offered [a] trial set of data, as well as a guarantee on account details that do not work," he said.

"If further proof were needed that there is a very serious problem facing the card-acceptance and [card]-processing industry, this is it," Ben-Itzhak added. "The level of sophistication shown on the site acts as a clear warning to anyone who thinks card fraud is a containable problem."

Speaking to ZDNet Asia sister site ZDNet UK on Thursday, Ben-Itzhak said that action needed to be taken by the companies that host such Web sites. "Once the host receives a report, [they] need to do something on the law-enforcement side to force them to remove it," he said. "There are [Internet service providers] that are very responsible, but most of them are not."

0

0 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Related Whitepapers

Featured Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

Salesforce CEO chatters about new social media platform
Facebook-type app hits the enterprise
Play video
Salesforce demos Service Cloud 2
New Web-based tools for customer service
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video