The amount of credit card information that hackers can steal in one fell swoop these days is staggering. Ever since banks and merchants started digitizing their customer account databases, tech-savvy thieves have been able crack network security walls and make away with as many as 45 million credit card numbers in the span of a few days. In fact, there are over 8 million credit card numbers stolen from financial databases every year – which makes the average American wonder what thieves do with them all.
As it turns out, they go into business themselves. A report released this past Tuesday by Bloomberg News has discovered that cyber-thieves are retailing their purloined credit cards on various websites for about $3.50 per account. The sites, which include CVV2s and CrackHackForum, share features ironically similar to the ones used by many legitimate online merchants, such as a seller rating system and a search result filter. According to the report, customers can search for cards by issuing bank, card type, credit limit and zip code and can even validate the numbers in real time to make sure that the card hasn’t been canceled.
Although authorities know that thieves have been moving stolen credit cards over the Internet for years, they never suspected that the business would grow as rapidly as it has. According to FBI agent Keith Mularski, it used to require two references from existing members to get an invitation to the black market forums where stolen credit cards were “fenced,” or bought and sold illegally, for a going rate of about $50. Today, however, you need only to perform a simple Google search to gain entry into a card fencing site where you can buy everything from retailer-issued card numbers to platinum account numbers for the price of a cup of coffee.
The worst part is that since these sites are hosted on India-based servers, there’s virtually nothing U.S. authorities can do to stop them. There have been several stings on FBI-created “bait” sites over the years, but cyber-fencing – especially in stolen credit cards – has grown so big that the industry is now self-replicating. There are now massive organizations composed of thousands of credit card thieves. Members recruit and train young hackers every day. Raiding a major credit card cartel, such as the one responsible for $70 million in thefts that the FBI busted last year, has become the equivalent of cutting the head off a hydra. Take one out and two more grow to replace it.
If there’s any good news to take from the discoveries made by the Bloomberg report, it’s that credit card cyber theft can’t last forever. The FBI has begun collaborating with European authorities to crack down on the most dangerous and skilled hacking cartels, like they did with the mafia in the early 90′s. The credit card industry is also taking steps to make their products safer, like eliminating consumer liability on fraudulent credit charges and introducing EMV chip cards to the market, which require PIN numbers for transactions.
While the world waits for credit card fencing to finally go extinct, there are steps Americans should take to ensure that their identities are safe. You should always use a low-limit credit card when shopping online, and it’s smart to avoid ATMs and gas pumps that look like they might have been tampered with. Additionally, make sure to only download software from trusted sources and run regular virus checks on your computer. If you follow these safety measures, you’ll keep your credit information safe for years to come.