ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/reg/register.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    How to be a successful online fraudster

Ever wanted to know how easy it is to be an identity thief and earn a fortune? IT PRO reveals all…

By Asavin Wattanajantra, 26 Nov 2008 at 16:27

gallery

With a little effort, a bit of technical know-how and dubious morality, it’s a cinch to become a successful online fraudster.

Here is a step-by-step guide to how people set themselves on the career path to be a wanted criminal - the secrets of the identity thieves.

One - Choose your career path

There are two different career paths that you can take as you begin your life as an identity thief.

The harvesting fraudster

These are the guys who steal credentials – usernames and passwords from online banking, credit cards and other types of ID theft. They use technical infrastructure such as phishing keys, trojans and other types of malware which are hosted over the internet and sent to the consumer.

The cash-out fraudster

These are the fraudsters who ‘cash-out’ or make money from the credentials. For example, if one of these fraudsters was given credit card details on a disk, or online banking passwords, they would be able to empty the accounts.

Whereas the harvesting fraudsters are all about the malware technology, the cash-out fraudsters will have an operation - for example, having physical ‘drops’ where money can be dumped. They will also be able to monetise – selling goods on the black market for cold hard cash.

With online banking fraud, the cash-out fraudsters will have accounts which they will be able to launder money into. With this, they will usually recruit collaborators with bank accounts, take the funds and send it to the supply chain.

How to decide

The cash-out fraudster will never have contact with the consumer – they are after the credit card details or bank accounts. It depends on you point of view: do you want to deal with the technical side – harvesting, phishing etc – or do you want to recruit mules and end up cashing the account?

Being a cash-out fraudster is more risky. You’ll be doing the actual fraud by emptying accounts and transferring money to your mules – but the reward is greater.

Two - What to defraud

The world is your oyster. It’s not just financial institutions that you can defraud, but internet services, social networks, online games, and virtual worlds.

Social engineering is one of your best tools, so understand how it works. It’s easy to get people out there to perform actions or divulge confidential information with some simple trickery with malware, such as phishing attacks or trojans.

Previous
1 2 3
Next

Email to a friend

Print this page

< Previous   Security : Analysis & Insight Next >

Be the first to comment on this article

You need to Login or Register to comment.

    You may also like...

 Sponsored Links

advertisement

    You may also like...

    Latest Security News

Cloud computing

Huddle: Amazon, Google clouds not Government ready

Huddle claims big public cloud vendors don't offer enough security to be used by central Government.

Read more

 

More Security News

    Latest Security Tutorials

PC on a drip (virus protection)

How to protect a group of office PCs from viruses

Safeguarding multiple office computers from malware doesn't have to be difficult or expensive, as Simon Edwards shows in our step-by-step guide.

Read more

 

More Security Tutorials

advertisement

    Most popular

    Latest Analysis & Insight Videos in Security

Cloud Security

Why security should top the cloud agenda

Play Why security should top the cloud agenda   Play

Security should always be paramount in business, but with a cloud based infrastructure it’s arguably even more important. Steve Cassidy and...

 
Sponsored Links
Advertisement