Home
Rapport Lucid Intelligence identiteitsfraude uit
https://www.lucidintelligence.com
The Lucid Report 2009
SUMMARY
Identity theft and credit card fraud
Fraud has undergone a rapid evolution in 2009, Criminals have moved from "card not present" (CPN) fraud to what Lucid Intelligence has termed as "card not necessary" (CNN) fraud. Lucid Intelligence has identified over 67,750 stolen credit cards* being used on the internet during 2009, This number is slightly down on both 2007 and 2008 whilst the incidences of person data being stolen and sold by criminals during the same period increased by over 230%. This is further borne out by the significant drop in the price of stolen credit cards on the internet whilst the value of personal data and passwords has increased.
Colin Holder CEO of Lucid Intelligence explains “With the increased sophistication of the software used to combat “card not present” fraud, we have seen a marked move away by the organised criminal gangs traditionally operating in this arena. Phished, stolen or negligently sold personal data has become the basis for creating false identities that can then be used to set up bank accounts, credit cards and loans. With such a potentially high value “end game” criminals are becoming more patient and persistent. We see “card not necessary” fraud as the major threat as we enter the next decade. £100’s millions of fraudulent applications could be detected and prevented if the credit agencies checked against the data that the criminals have in their possession rather than just the information supplied to them by legitimate institutions”
At the end of 2008, the Lucid database held 58 million occasions of personal data being sold on the internet during 2007 and 2008. By the beginning of December 2009 the figure stood at 138million individual personal records. This represents approximately 58,000,000 individuals as many people have either been phished or have had their personal data sold and purchased more than once by criminals.
In addition to hacked and phished personal data, Lucid intelligence has identified over 4100 websites that leak personal information into the public domain which criminals then exploit. This data is developed and sold on, creating a black market supply chain in stolen identities that threatens businesses and individuals alike.
Lucid Intelligence’s software partner, Marcus Whittington, COO, Sentrybay explains “Our Phishlock solution already identifies phishing sites and actively prevents a user from visiting such a site. However with the growth of sites that leak personal data that have been identified by Lucid Intelligence, we are continually updating our lists to provide further cover and reduce such information falling into the hands of criminals”
Lucid Intelligence also anticipates that the collection of this data by criminal gangs will have a major impact on companies both in Europe and the USA. Staff casually surfing the internet or responding to phishing/scamming emails from their company domain and parting with personal data and passwords pose an IT security risk to the company which the criminals will exploit. **
Money Laundering
Lucid Intelligence (in partnership with Silentguards) has added 3,113 bank accounts offered by internet criminals for money laundering to the ML database during 2009. This brings the number of such bank accounts uncovered by Lucid Intelligence/Silentguards to over 9300 since the database’s inception in 2007.
Once again the United Kingdom (excluding the Channel Islands and the Isle of Man) is the most popular location for internet criminals to launder funds despite having some of the most exacting anti-money laundering legislation in the world. The UK is followed closely by the USA, China (including Hong Kong) and Japan.
Colin Holder says “What the database clearly demonstrates is that internet fraud has evolved. It is no longer a cottage industry operated by a group of disparate scammers. It is now a major criminal industry mainly under the control of a few large highly organised gangs which operate internationally from bases in the UK, USA, Canada, Netherlands, Nigeria, Malaya and Japan".
Outlook for 2010
Colin Holder says “We anticipate that whilst credit card fraud will remain significant but stable the explosion in the collection of personal data by the criminals will lead to a further upsurge in “Card not necessary” fraud unless the credit agencies take positive action. We also predict that major companies will be targeted for phishing and scamming attacks as the criminals identify staff members who could pose an IT risk to their company.”
“There is also significant internet traffic indicating that in 2010 the criminal gang leaders will be targeting smaller financial institutions throughout the USA to use for their money laundering activities. Detailed instructions of account opening procedures and lists of what they perceive are “soft” bank targets which do not possess the due diligence resources of the larger institutions are being circulated amongst the various gangs operating in this arena. We also expect banks in India and other countries on the Asian continent to be targeted”.
“The ubiquitous Nigerian 419 scams will continue unabated with increased sophistication and personalised phishing/scamming emails utilising the data they are collecting and exchanging. Within 24 hours of the Haiti earthquake, Lucid Intelligence identified and monitored criminal gangs in Nigeria and Malaya switching from standard ongoing scams to sending out scamming 419 emails allegedly from aid organisations seeking donations for the Haiti relief funds. This ability to immediately react and revise the fraudulent operations for every disaster or death of a notorious figure shows the level of organisation the gangs have developed for this once disparate crime.***”
Colin Holder
CEO Lucid Intelligence Ltd
February 2010
NB:-
• *67,750 stolen credit cards were identified by Lucid Intelligence Ltd being used on the internet in 2009 and reported to the Dedicated Cheque and Plastic Credit Card Unit (DCPCU) a joint operation between the Metropolitan Police, City of London Police and APACS. http://www.dcpcu.org.uk/ . This brings the total to approximately a quarter of a million stolen credit cards reported by Lucid Intelligence to the DCPCU.
**Lucid Intelligence has identified staff compromises at over 400 of the USA’s and UK’s. major companies in all fields including banking, defence and pharmaceutical as well as Government/State departments.
***Lucid Intelligence identified 13 Haiti relief fund scams within the first 48 hours of the disaster and 21 bank accounts worldwide being used to launder any stolen funds.
About Lucid Intelligence
The Lucid Intelligence website and database has been set up to fight crime by educating users about the ways in which criminals obtain and exchange personal information on the internet. A free search is available to all users to identify whether their data is in the possession of internet criminals. It then demonstrates what simple steps each and everyone can take to best protect themselves from Identity Theft. Lucid Intelligence is committed to provide potential victims with the information that will help protect themselves now and in the future. For more information please visit: www.lucidintelligence.com
About SentryBay
SentryBay is a leader in real-time data security software – in partnership with Lucid Intelligence, its proactive solutions offer unparalleled security in real-time preventing identity theft and theft of corporate data. This protects a user’s online identity while protecting corporate brands and reputation. SentryBay is a privately-held company headquartered in London with offices in the USA and Australasia. For more information please visit www.sentrybay.com
About Silentguards
Silentguards is a “not for profit” organisation formed by individuals from a variety of backgrounds, Law Enforcement, the City, IT and the Arts. It is dedicated to identifying crimes committed on the internet and bringing them to the attention of the Authorities.