I want to become a credit card fraud.

K

Knife Outlet

Joined
Jan 4, 1999
Messages
3,000
This business of hacking web sites, stealing credit card numbers and selling them is getting out of hand. Most of the customers for stolen credit card numbers are teenagers who use the numbers to steal from companies like mine. I'm trying to find out how these teenagers find the source of the cards or how the source of the cards finds them. I want to become one of these teenagers undercover to try to penetrate the process. The police don't care about identity theft, America's fastest growing crime. If I can find a big enough fish I'll force the police to care or put them on TV. Does anybody have a teenage son that has been contacted by these people or knows where to go to find them? I'm baffled personally. Thanks for any help.
 
I would wager that its all being done online. Chat rooms, hidden forums and hidden download pages that move around often.
 
Go to Google or alltheweb.com and search for yourself online using parts your name and PARTIAL credit card numbers. NEVER do a search with your full name and card numbers.

Reason I say this, I found one of my numbers on a website once and immediately canceled the card.

This could be a way to find where data is stored or shared.

Also, use your partial name and partial SSN# to do some searches. Hopefully you'll never get any hits, but you never know. I know of a few folk that had their identity stolen, and found out by doing the above search.

Good luck.
 
I'm not trying to find myself. My identity hasn't been stolen but my merchandise has been stolen by the scumbags. I'm trying to find the source of the credit card numbers. I have one company in Denmark that sells URL registrations (and apparently other things) but I can't yet prove a connection. I need to complete a trasaction with these cretins. Then I will have what I need.
 
You can find out everything you ever wanted to know and more about this kind of stuff online much easier than in person. Just do some searching and find the right websites. It really isn't that hard, especially as most everything is based on standardized protocols. The first thing you need to know to hack a website is the address, which as you are running a business is public knowledge.

Then once you have the adress there are various programs available to probe the server and find out some information about it. The basic idea, or one methd anyway, is to find some weakness in the server that hasn't been closed up by the site administartor. Once you can get access to that it is just a matter of finding the files that you want and decrypting them.

A word of caution though, most any place that will be talking about how to do that sort of thing in detail will be infested with all sorts of nasties. Before venturing into the dark back alley of the web make sure your computer is safe.
 
Knife Outlet said:
I'm not trying to find myself. My identity hasn't been stolen but my merchandise has been stolen by the scumbags. I'm trying to find the source of the credit card numbers. I have one company in Denmark that sells URL registrations (and apparently other things) but I can't yet prove a connection. I need to complete a trasaction with these cretins. Then I will have what I need.
Click to expand...


I am sure there ar many many different people doing this. Just proving one person is doing it won't do much of anything. Also they are most likely done in ways that will prevent law enforcement from doing much of anything to them. The easiest way to get a CC number needs no real hard work or knowledge. Just send out emails to every possible email address and wait for some stupid person to respond with a name and number. You would be suprised how many peopl fall for spoofed websites.
 
I recently took a security course, and a large part of the problem is lenient laws and courts. Recently a hacker was let go because the login screen on the computer system he hacked said "Welcome to XXXX" and the judge agreed that this meant he was welcome to hack his way in.
irc, chat rooms, mags like 2600, they are all over the place sharing tools and exploits. Unfortunately it seems the only solution is the new Internet2, which is faster but requires clipper chip technology to be a part of. This means every packet is traceable, so anything you say can and will be used against you :)
A large amount of theft goes unreported because the security concerns will be a huge loss of business; often blackmail is involved, and so on. It doesn't help that Social Security numbers are required for everything nowadays.
 
It doesn't help that Social Security numbers are required for everything nowadays.
Click to expand...
I think it's illegal to use SSN for anything not directly related to Social Security. Many schools have changed their student id system, and some states that used the SSN for a driver's license number no longer do. Some financial institutions still use SSN for account numbers, but you have the option of choosing another number. It's an old regulation too, but only recently has anyone paid attention to it.

-Bob
 
Mr.BadExample said:
Recently a hacker was let go because the login screen on the computer system he hacked said "Welcome to XXXX" and the judge agreed that this meant he was welcome to hack his way in.
Click to expand...
I'm appalled. That's exactly like saying a Welcome mat outside your front door means a burglar can break in to your house if he wants.
 
One of our students just lost 1800 bucks through a "fishing" scam. She got an email supposedly from PayPal, where she in fact has an account. The e-mail looked official, and wanted her to "update" her information, which she did, with credit card numbers, etc. When she hit "send", the page went blank. Two days later her account was empty.
 
I'd heard that websites were being hacked for credit card numbers, but did not know that there were individuals (or groups) actually selling these numbers to others (vs. using the numbers themselves). I too would be very interested in how these kids are getting these numbers and exactly how organized it is.

Around here, the teenagers usually aren't so sophisticated. Credit card numbers used for internet fraud are often stolen from a place of employment--from customers.

Identity Theft is the fastest growing crime around and I believe it shares a similar problem to that of crack cocaine. The entire Criminal Justice system is still to this day reeling from problems associated with the crack cocaine epidemic which is now two decades old at least. There seems to be no end in sight as long as the demand remains high and the profit potential, unlimited. Plenty of collateral crime too.

Although the Identity Theft problem is not exactly new and a very big deal, I fear we have only seen the tip of the iceberg and who knows how deep that one will run.

I do not know if there has been an International effort to combat the problem yet as the Internet is a very, very big place and crosses many boundaries. Maybe in the larger cases. But considering the overall numbers involved and the types of individuals who get involved in those types of numbers....................an interesting iceberg to say the least.
 
And almost forgot. The Credit Card companies themselves also have their own Investigations division. That might be a place to check with for assistance too.
 
I work in fraud prevention, so I can offer some points from my experience.

One type of fraud that happens a lot goes like this. Someone takes a card number (by whatever means). If the card is from a large bank with lots of cards issued (Bank of America, Chase Manhattan, Citibank, Wells Fargo, Capital One, etc.) the crooks know that there will be a lot of cards with numbers similar to the one they stole. They just use different combinations of numbers for the last 4-7 digits and get hits on other valid accounts from the same issuer. They could hit upon your card number by chance and there's nothing you could have done to prevent it, save for not owning a credit card. I see this done every day. This is just one of the scams they run. Information about how to do it is easily accessible online. There are a ton more.

Use of the internet for commerce and communication has made it harder to prevent and prosecute fraud because the person placing an order over the internet can be anywhere in the world. Try tracking down someone ordering from a computer in Nigeria (a huge destination for stolen merch) or Singapore. The chances are pretty remote. Local teenagers are an easy catch compared to the international folks.

And for every person who is vigilant or paranoid about giving out information over the web, there's someone who falls for a phishing scam or agrees to receive merchandise from someone they only know through IM or BB chat. Once the frauds have that, it's open season. They order as much as they can as fast as they can to strike before that particular avenue gets cut off.

I remember one woman called us because she agreed to receive and forward merch to some guy in Liberia, who gave a sob story over email about how he was buying shoes for kids in his area but couldn't get them shipped to him directly from the merchants. She got the shoes all right, 30 pairs of them just from our company. She also got sent to her house 3 Dell computers, 4 boxes of stuff from Home Shopping Network and 6 or 8 George Forman grills. At that point she figured something was fishy. Sadly, some people just play the fool and send the merch off to its new home, never to be retrieved, or paid for either, because the person whose card was billed will have it charged back from the merchant.

A lot of the frauds are organized, efficient and sophisticated. Even those that aren't stand a fair chance of stealing something because of the sheer volume of the problem. The Secret Service used to take a lot of info from merchants about Nigerian frauds to use for their investigations. Now, they don't even want it because it's like bailing out the ocean with a spoon. It grows at a seemingly geometric rate. The crooks share information and methods. If they find a company or bank or web site that's easy to exploit for their purposes, it gets spread around like a virus. The same stolen card numbers get recycled over and over again.

Maybe that gives some perspective on why the problem is so bad. There are countless other facets to the issue. It's hard enough for merchants and banks to keep up with the scams and the number of frauds commited. Stopping or slowing the problem overall is a whole other nightmare.
 
Mudflap said:
And almost forgot. The Credit Card companies themselves also have their own Investigations division. That might be a place to check with for assistance too.
Click to expand...


They aren't interested. Since the merchant pays for credit card fraud, they don't view it as their problem. They investigate things they have to pay for. I used to report fraud many years ago. I quit doing that many years ago. The only person that is going to do something about it is yours truly.
 
jujigatame said:
Maybe that gives some perspective on why the problem is so bad. There are countless other facets to the issue. It's hard enough for merchants and banks to keep up with the scams and the number of frauds commited. Stopping or slowing the problem overall is a whole other nightmare.
Click to expand...

The way you stop it is you lift a finger to catch a few and put them away for a long time. That also spreads like wildfire. I can't tell you how many slam dunk cases I can provide to attorneys general - hundreds. But there has to be an interest in doing it. So far I've managed to bring successful lawsuits against two of them and I've intimidated one into returning my money. I can't do it alone but I'll work on the guys that traffic in the numbers.

Identity crime is the only crime I know of that is almost impossible to get punished for.
 
You must log in or register to reply here.
Back
Top