Feds Investigate Bogus Credit

By Evan Schuman  |  Posted 2006-04-04 Print this article Print

Cards"> The five cases being prosecuted federally in Buffalo/Rochester do not involve tax returns and mostly dealt with the manufacturing of bogus credit cards and the selling of identity information. Sites that cropped up in several of the New York state cases include www.scandinaviancarding.com, www.theftservices.com and www.ccpowerforums.com, which federal affidavits described as "three organized criminal Web sites dedicated to promoting malicious computer hacking."
Another site mentioned in a few of the cases is www.iaaca.com, which court papers identify as standing for the International Association for the Advancement of Criminal Activity.
The documents weigh deep into the slang of the underground world of identity thieves, including "banging out ATMs" (counterfeit ATM card use), "carding" (counterfeit credit cards), "in-store carding" (where the thief must be physically inside the store when making the fraudulent purchase) and "novelty" (bogus identification documents). In addition to gaining familiarity with the terminology of cyber-crime, investigators also grappled with the workings of the Internet, which abounds in ways to obscure a thiefs identity. Sokol, for example, is accused of selling stolen identities—including name, address, Social Security number and date of birth—for between $3 and $5 each. According to the affidavits, an undercover Secret Service agent started chatting with Sokol using the ICQ instant messaging service. When the undercover agent tried to buy some of the identities, Sokol wanted to be paid with PayPal, the documents said, but the agent said PayPal was "malfunctioning" and asked to use Western Union as a means of payment. Western Union offers a means of anonymously transferring funds, using a question-and-answer authentication system, but Sokol asked for it in his name, the affidavit said, which pierced the Internet mask of anonymity. Visa is putting retail IT executives everywhere but where they want to be. Read more here. In Hardimans case, agents traced the IP address to a particular ISP in Canada. Using the exact timestamps of the messages, they were able to identify subscriber information and get a tentative identification, the documents said; agents then started searching eBay and found someone using a very similar alias who was purchasing equipment—including a laminating machine and specialty printers—that would be useful in credit card fabrication. eBay was then subpoenaed. In the case of Pinkston, according to the documents, an agent told the suspect that some bogus Old Navy and Gap credit cards were not working, prompting him to send more cards in the names of other people. Investigators then reviewed the online applications for all of the cards, paying particular attention to IP addresses. "A Whois query of the IP addresses exposed through the three credit card applications showed it resolving back to a Virginia Tech University account," one affidavit said. A credit card company investigator then searched for any applications from that IP address or other accounts using the same drop addresses or e-mails and identified 37 more accounts, for a total of 44. Microsoft then helped identify the suspect through an MSN account that he had used. Secret Service forensic analysis also discovered multiple fingerprints that matched on several of the cards, the documents said. Retail Center Editor Evan Schuman can be reached at Evan_Schuman@ziffdavis.com. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

Evan Schuman is the editor of CIOInsight.com's Retail industry center. He has covered retail technology issues since 1988 for Ziff-Davis, CMP Media, IDG, Penton, Lebhar-Friedman, VNU, BusinessWeek, Business 2.0 and United Press International, among others. He can be reached by e-mail at Evan.Schuman@ziffdavisenterprise.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel