NESTA Crime Online - University of Brighton Repository
NESTA Crime Online - University of Brighton Repository
NESTA Crime Online - University of Brighton Repository
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Source: John Leyden, “Trojan trawls recruitment sites in ID harvesting scam,” The<br />
Register, 8 th July 2008.<br />
2.2.2 Capabilities and specialisation in the exploitation <strong>of</strong> information<br />
At the lower end, specialisation in exploitation is minimising the level <strong>of</strong> skills required to<br />
perpetrate crime. Some examples are shown below.<br />
Use <strong>of</strong> non-cyber skills to exploit information.<br />
In a survey conducted in June 2007, the UK's leading online companies revealed that<br />
criminal ‘shoppers’ use their stolen cards to go shopping between 9 pm and midnight<br />
because there are likely to be limited staff at this time <strong>of</strong> the day. About 28 per cent <strong>of</strong><br />
the companies surveyed declared that this was the period in which most credit card<br />
fraud was conducted. 202<br />
They also tend to buy items in the £250-500 range because these items tend less to<br />
arouse suspicion, or merit careful scrutiny by the company’s fraud team, or the attention<br />
<strong>of</strong> the card owner or the company issuing the credit card. 203 A recent survey <strong>of</strong> fraud<br />
managers showed that 43 per cent <strong>of</strong> attempted fraudulent transactions were in the<br />
£250 to £500 range and that 29 per cent were in the £500+ range. 204<br />
Many credit card fraudsters prefer to obtain cards themselves but without stealing them.<br />
One way <strong>of</strong> doing this is known as account takeover. 205 Here, the fraudster manages to<br />
obtain sufficient information about the victim to impersonate him or her in bank<br />
dealings, in person, by telephone or in writing. The fraudster changes the address<br />
associated with the account so that all mail is delivered to another address. The<br />
fraudster then gets a new card by reporting the loss <strong>of</strong> an existing card or requests an<br />
additional card.<br />
202 192.com Business Services, (2008), The Fraudster’s Modus Operandi. London, p.10.<br />
203 192.com Business Services, (2008), , p.11. Interviews with directors <strong>of</strong> fraud investigation also say that a<br />
main way <strong>of</strong> detecting fraudulent activity on credit cards is the unusual transaction activity on the card.<br />
Interviews were conducted on 11 th and 26 th November.<br />
204 192.com Business Services, (2008), , p.11.<br />
205 192.com Business Services, (2008), , p.9.<br />
Page 69