Underneath the thousands of portals and social networking sites we visit, lurks a fl ourishing underground market for fraudrelated services. According to a recent study titled ‘Report on the Underground Economy’ by Symantec’s Security Technology and Response (STAR) organisation, the total value of these goods could be over $276 million (Rs 1,380 crore) between July 2007 and June 2008. Here’s how the Internet underground makes its money and why it is hard to nail.
Safety first
The underground economy is geographically diverse and generates revenue for cyber-criminals. North America hosted the largest number of such servers–45 per cent of the total. The geographical locations of these servers are constantly changing to evade detection.
What is to be done:
Phishing figures
India is a fast-growing Internet market and most new consumers are unsuspecting browsers—easy prey for hackers. India has 81 million Internet users, according to an Internet Governance Forum report, released in December and attacks seem to be increasing every day.
Server lifespans
What makes enforcement harder is the very nature of IRC (Internet Relay Chat) servers; they can be set up and taken down quickly—within 10 days. One of the largest observed IRC servers had 28,000 channels and 90,000 users. Here’s the average lifespan of IRC servers.
Top theft: credit card data
Credit card data is by far the most sought-after information by scamsters. Over half the demand from hackers scanned by Symantec was for credit card data, with identity information— user names and passwords, for example—a distant second.
The bad guys use a complex network of IRC servers to advertise their services.
What the hackers need
Getting hold of tools to hack into accounts comes at a price. And like any other economy, prices are based on supply and demand. Like buying produce from a wholesale market, some software could even be bought in bulk.
Underground supermarket
