Feeds

ID thieves bring ease of use to trafficking forums

Stolen info translated into German, Albanian and French at no additional cost

Choosing a cloud hosting partner with confidence

As cyber crime goes mainstream, a working knowledge of English is no longer a required skill for identity thieves trafficking in stolen credit card numbers and other personal data. Just ask Matthew Miller, a pharmacist from Pennsylvania, who recently learned miscreants had translated some of his personal details into French before blasting them out to a discussion group frequented by online con artists.

"I feel violated about that, quite frankly," Miller said shortly after seeing a screenshot that listed his "nom," "prenom" and other personal information translated so it could be consumed by those without a working understanding of English. "Anything that I have with my personal history would be accessible to these people."

Miller's case is hardly an isolated example.

Screenshot of chat session showing personal information translated into German

The above screenshot is part of a trend that started about nine months ago in which purloined information is translated into languages including French, German and Albanian to make it more appealing to would-be buyers. As soon as a victim is tricked into entering the details on a phishing site, a CGI script converts the fields when compiling a database.

In addition to name, address, date of birth and credit card and CVV2 numbers, many of the entries also include the victim's social security number and mother's maiden name, as was the case with Miller.

"Right now, it seems like everybody in the world knows my social security number," Miller said.

He said he fell "hook, line and sinker" for an eBay phishing scam about 12 months ago and was in the process of rehabilitating his identity when his personal information was misappropriated again in May.

With so many of traffickers speaking a native language other than English, it's only natural that databases would provide better ease of use, according to Dan Clements, president of CardCops, a division of the Affinion Group that monitors online forums for stolen credit card information. Being located in places far out of reach of most US-based law enforcement agencies means they aren't likely to be stopped anytime soon.

"They're on foreign soil, and their drilling down on America and they have the ability to drill down on America indefinitely," Clements said. ®

Intelligent flash storage arrays

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.