From the kansas city star-credit cards etc
A dollar goes long way in swiping private data
Identity thieves have matured from isolated hackers to organized criminal groups.
By DAVID HAYES
The Kansas City Star
* Symantec Internet Security Threat Report
Your identity: $14.
Your credit-card number: $1.
A good credit record: priceless.
Identity thieves are selling us out for the price of a song, according to a report issued Monday by Symantec Corp., a maker of computer security software.
Stolen credit-card numbers are being sold online for as little as $1, Symantec researchers found in a six-month study.
Complete identities — a U.S. bank account number, credit-card number, date of birth and government-issued identification number — sell for $14 to $18, the security firm said.
The study outlined a shady online world where criminals use an underground online economy to sell stolen confidential information.
The online criminal world has matured from a playground for hackers to organized criminal groups “relying much more on deception and trickery,” said Dave Cole, an Internet security expert for Symantec.
Most of the stolen information — 86 percent — was for credit cards and other information issued by U.S. banks.
The stolen information was found on computer servers that were known locations where hackers, con artists and organized crime groups sold and even leased stolen private information.
In the last six months of 2006, Symantec researchers “observed” 4,943 credit-card numbers being traded.
Those thefts and others result in millions of dollars of losses each month.
Researchers found that identity thieves generally pick up their stolen data in one of two ways — physical theft of laptop computers or storage devices, or online theft by Trojan viruslike programs and e-mail phishing scams.
Such scams increasingly rely on programs that log keystokes on a victim’s computer, Cole said. For instance, he said, online greeting cards — especially those sent anonymously — sometimes mask Trojan viruses that download to a computer and relay financial information to information brokers.
Symantec found that the threat to consumers was growing. Computer threats overall increased 12 percent from the first half of 2006.
The study found that more than 6 million computers worldwide have been taken over by hackers. That number rose 29 percent from the first six months of 2006.
“As cyber-criminals become increasingly malicious, they continue to evolve their attack methods to become more complex and sophisticated in order to prevent detection,” Arthur Wong, a senior vice president for Symantec, said.
Among other trends spotted by researchers: a significant increase in the “pump-and-dump spam,” in which con artists buy stock, generally in little-known companies and send e-mail with fraudulent information predicting that the stock will increase in value. When the price jumps, the scammers dump their shares.
About 30 percent of all e-mail spam related to the financial services industry was part of a pump-and-dump scheme, Symantec researchers said.
Next up? Watch out, “World of Warcraft” players and “Second Life” denizens.
As more virtual goods related to those games are sold for cash, Symantec projects an increase in online scams designed to steal the identities of those gamers.
SO…WHAT DO I DO?
•Don’t click on links in e-mail messages.
•Don’t download attachments — even ones from friends — if they look “even a little wrong.”
•Do turn on the automatic update functions for all popular software programs, such as Microsoft Windows, Microsoft Explorer and Mozilla’s Firefox.
•Do use anti-virus, anti-spam and firewall programs, and keep them updated.
Source: Symantec Corp.
To reach David Hayes, call (816) 234-4904 or send e-mail to email@example.com.
*What the mind can conceive and believe, it can achieve.*