The encounter with the anonymous Russian in an internet chatroom was one of scores like it going on at the time. In a separate private message, another vendor promised: “I will give you HSBC full info with 26k Pounds…for $500…When can you wire money?”<\/p><\/blockquote>\n
The whole (longish) article is like this. There are quotes from people at SOCA, security consultants and the like. All talk about how dangerous the internet is and add to this image of the “Internet bank fraud community” sitting around trading details and earning fortunes as a result:<\/p>\n
The community has developed a high level of sophistication so that trusted parties can trade efficiently. In one posting on a forum selling card details a fraudster reports to the rest of the community on the “review” he has conducted of a new entrant to the market.<\/p>\n
He has tested his speed of response and accuracy of information supplied and marks him out of 10 for communication, timing and product. “Total: 9\/10 nice score,” he concludes and awards the status of “trial vendor”.<\/p>\n
Many vendors offer discounts for bulk buyers and even display a replacement policy. If the account details do not work most vendors will replace the data with a different lead. SOCA, which has responsibility for fighting organised internet fraud, has set up a series of cross-border alliances to tackle the problem, but declined to comment on our findings.<\/p><\/blockquote>\n
Wow. Lock up your bank accounts now! This is scary stuff!<\/p>\n
However, you can breathe a sigh of relief gentle reader because, largely, this is a case of a journalist who has fallen for a pretty basic scam. Yes, there is fraud going on here, but the victim isn’t the innocent bank account holder. A simple application of logic (counts most journalists out then) to the basic premise hints at something not being as it seems.<\/p>\n
Imagine this, you are a techno-savvy criminal who has gone to all the trouble to acquire account details which will allow you to empty \u00c2\u00a326,000 from a strangers account. You have done this without anyone knowing or being able to trace it was you. Would you then sit on the account details until another complete stranger got in touch with you and sent you US$500?<\/p>\n
What sane criminal is going to turn down the \u00c2\u00a326,000 (US$52,000) and take one hundredth of that instead. The risk to the cyber-crook remain, he has just given up 99% of his potential monetary gain. In fact, if anything, his risks have escalated significantly because he now has to contend with police sting operations.<\/p>\n
It is madness to suggest that these account details are really being sold online for such pitiful sums of money. Cyber criminals who hack into bank accounts will either empty them there and then, or use them for their own ends. Selling the details on to random internet strangers is completely stupid.<\/p>\n
Just to underscore my point, the Guardian article finishes with this bit of reassurance:<\/p>\n
As sobering as the trade in stolen identities has become, there was a crumb of comfort last night for the Halifax account holder whose details the Russian fraudster was peddling. Twelve hours after the payment had been withdrawn from a Siberian wire office, the Guardian was still waiting for the promised bank details.<\/p><\/blockquote>\n
So, in reality, I suspect this is the more common type of fraud. People who want<\/em> to be cyber-criminals but lack the technical knowledge to manage it are being conned by other cyber-criminals who at least have the brains to pretend <\/em>to be able to do something. The best frauds work by playing on the victim’s greed and willingness to commit criminal acts – I mean if someone is conned into paying \u00c2\u00a3116.50 for illegally gained bank details, who can they complain to?<\/p>\n