X hits on this document

PDF document

Symantec enterpriSe Security - page 73 / 97

306 views

0 shares

0 downloads

0 comments

73 / 97

Symantec Global internet Security threat report

Underground economy servers—goods and services available for sale

this discussion focuses on the most frequently advertised items for sale on underground economy servers observed by Symantec. the underground economy is an evolving and self-sustaining black market where underground economy servers, or black market forums, are used for the promotion and trade of stolen information and services. this information can include government-issued identification numbers such as Social Security numbers (SSns), credit card numbers, debit card information, user accounts, email address lists, and bank accounts. Services include cashiers, scam page hosting, and job advertisements such as for scam developers or phishing partners. Much of this commerce is built within channels on irC servers. For an in-depth analysis of how the underground internet economy functions, please see the Symantec Report on the Underground Economy, published november 2008.191

the measure of goods and services available for sale is by distinct messages, which are considered as single advertisements for a good or service, though the same advertisement may appear thousands of times. to qualify as a new message there must be variations such as price changes or other alterations in the message.

in 2009, credit card information was the good most frequently advertised for sale on underground economy servers observed by Symantec, accounting for 19 percent of all advertised items (table 21). this was a decrease from 32 percent in 2008. Although this appears to be a significant drop, the percentage observed in 2007 was 21 percent, which may indicate that there was higher availability of credit card numbers on underground economy servers in 2008. the number of data breaches reported in those years is a further indication of this. there were more than twice as many data breaches reported in 2008 than in 2007. Similarly, there were almost twice as many data breaches reported in 2008 than there were in 2009. Credit card information advertised on the underground economy consists of the credit card number and expiry date, and may include the name on the card (or business name for corporate cards), billing address, phone number, CVV2 number, and pin.192

2009

2008

Range of Prices

19%

32%

$0.85–$30

19%

19%

$15–$850

7%

5%

$1–$20

7%

5%

$1.70/MB–$15/MB

6%

3%

$2–$5

5%

4%

$0.70–$20

5%

2%

$4–$150

4%

3%

$4–$10

4%

3%

$0–$600 plus 50%–60%

4%

3%

$2–$30

2009

2008

Item

1

1

Credit card information

2

2

Bank account credentials

3

3

Email accounts

4

4

Email addresses

5

9

Shell scripts

6

6

Full identities

7

13

Credit card dumps

8

7

Mailers

9

8

Cash-out services

10

12

Website administration cre

Overall Rank

Percentage

dentials

Table 21. Goods and services advertised for sale Source: Symantec

on underground economy servers

191 192

http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_underground_economy_report_11-2008-14525717.en-us.pdf Card Verification Value 2 (CVV2) is a three- or four-digit number on the credit card and used for card-not-present transactions, such as internet or phone purchases. this was created to add an extra layer of security for credit cards and to verify that the person completing the transaction was in fact, in possession of the card.

73

Document info
Document views306
Page views306
Page last viewedSun Dec 11 04:45:36 UTC 2016
Pages97
Paragraphs2532
Words45916

Comments