SOCA reveals threat of organised e-crime gangs

The internet has bred a thriving and organised criminal market which deals with the theft, trade and exploitation of personal data, the Serious Organised Crime Agency (SOCA) has said.

This was according to UK Threat Assessment of Serious Organised Crime 2008/9, an annual report which assesses the threats posed by serious organised criminals.

It described criminals compromising large quantities of data, selling it to others who could make money by committing wider identity theft and further crimes. It also described data brokers', who could collect data from different sources and sell it on, usually over the web.

The report described how well e-crime syndicates were run with the most significant e-crime activities taking place within multi-skilled virtual' criminal groups. Virtual criminal groups were often centred on an online meeting place such as a web forum or an Internet Relay Chat (IRC) channel.

It said: "These groups often consist of 10 to 30 online identities, with different roles (e.g. spamming compromising victim machines, trading compromised data etc) divided within the group."

"Each group will typically have an inner circle of more technically advanced and/ or experienced members who control access to the attack tools and are responsible for dividing up the work."

The report said that e-criminals were able to continually adapt their tactics as new defences were constantly adapted by security software vendors. It also described how web-based technologies were becoming an increasing target

The assessment also showed that the financial sector needed to keep on its tools, as techniques such as phishing and keylogging to take-over bank accounts was on the increase. Call centres were an increased target, as fraudsters were tricking call centre workers and finding out personal information about victims.

According to APACS losses from payment card fraud were up as there was a rise in fraud in foreign countries where chip and pin had no been implemented. Skimmed and card cloning as well as card not present' fraud was also on the increase.

However online and ATM banking fraud had decreased, likely thanks to improvements in web security as well as changes in cash machine design. The public were also more aware about ATM risks.

SOCA has come under some criticism in the past, with accusations that it was not taking e-crime seriously enough with the lack of a dedicated unit. IT PRO has recently reported on Home Office plans for an e-crime unit, but the budget was not yet available.