washingtonpost.com  > Technology > Tech Policy > Cybercrime

Police Arrest 28 in Online ID Theft Scams

By Brian Krebs
washingtonpost.com Staff Writer
Thursday, October 28, 2004; 6:41 PM

Law enforcement authorities have arrested 28 individuals accused of operating public Web sites designed to help people steal, sell and forge credit cards and identification documents.

"Operation Firewall" targeted 21 suspects in the United States and seven individuals in six nations who allegedly are responsible for running Web sites that investigators said served as online bazaars for hackers and identity thieves.

_____Cyber-Crime Headlines_____
Thieves Find Exactly What They're Looking for on EBay (The Washington Post, Jan 6, 2005)
Companies Forced to Fight Phishing (washingtonpost.com, Nov 19, 2004)
Phishing Feeds Internet Black Markets (washingtonpost.com, Nov 18, 2004)
More Cyber-Crime Headlines

The sites, which operated under names like Shadowcrew, Carderplanet and Darkprofits, were hosted on multiple Internet servers outside the United States in countries such as Belarus, Canada, Sweden and Ukraine, authorities said.

"This indictment strikes at the heart of an organization that is alleged to have served as a one-stop marketplace for identity theft," U.S. Attorney General John Ashcroft said in a statement on the arrests.

The operation was conducted by the U.S. Secret Service along with the Justice and Homeland Security departments, the Royal Canadian Mounted Police, Europol and local police departments on the operation.

The case illustrates the growing technological sophistication of organized crime gangs in Eastern Europe and the former Soviet republics, said Bruce Townsend, deputy assistant director for the U.S. Secret Service.

"These guys have discovered this very lucrative form of fraud and they've allied themselves with savvy hackers to make money," Townsend said. "These sites were more than just places you could purchase stolen credit cards: you could get your hacking tools there or arrange to have false ID documents shipped to drop boxes around the world."

Townsend said the yearlong investigation showed that much of the stolen credit card and identity information was obtained through attacks on e-commerce Web sites and "phishing," online scams that use e-mail as a lure to trick people into typing user names, passwords, credit card numbers and other personal data at bogus Web sites.

According to records filed at the U.S. District Court in Newark, N.J., the suspects sold and exchanged stolen information and counterfeit documents such as credit cards, drivers' licenses, birth certificates and foreign and domestic passports. They bought or sold approximately 1.7 million stolen credit card numbers in all, investigators said.

The operation began in November 2003 after credit card company MasterCard International briefed law enforcement agents on more than 100 Web sites and Internet chat rooms that specialize in credit card and identity document trafficking.

"This is one of the biggest organized crime elements we've seen," said Sergio Pinon, MasterCard's senior vice president of security risk services. "We're talking about an international network that has new sites popping up all the time. These aren't high-tech individuals: all it takes is a computer, a little bit of knowledge and these guys can do a lot of damage."

The sites targeted in the investigation did a brisk business, said Ken Dunham, a computer security expert with Reston, Va.-based iDefense.

"These arrests have the potential to significantly hamper a mainstream area of credit card fraud online," said Dunham, who has spent a good part of the past year monitoring such Web sites. "The problem is that sites like these can rise up and go away in a few days and can be easily mirrored, but the reality is that if people aren't out there making arrests -- especially internationally -- there's not much deterrent out there for this type of fraud."

© 2004 TechNews.com