4. What is the most common way that fraudsters use personal data? Please read th

Question

4. What is the most common way that fraudsters use personal data?

Please read the case below to answer the above question. Please answer the question with a paragraph (four to five sentences).

CASE 6-1 Shadowcrew

At 9:00 P.M., Andrew Mantovani, cofounder of the group Shadowcrew, received a knock at his door while chatting on his computer. For Mantovani and 27 others, that knock marked the end of Shadowcrew, which provided online marketplaces and discussion forums for identity thieves. Shadowcrew members used the organization’s website to traffic in stolen Social Security numbers, names, e-mail addresses, counterfeit driver’s licenses, birth certificates, and foreign and domestic passports. It also shared best practices for carrying out fraudulent activity. By the time it was shut down, Shadowcrew had trafficked in at least 1.7 million credit cards and it was responsible for more than $4.3 million in fraud losses.

Considered the online equivalent of the Russian Mafia, Shadowcrew operated as a highly sophisticated and hierarchical organization. All users operated under aliases, never revealing their true names or other personal information. Operations and communications were conducted using proxy servers that hid the location and identity of the users. Shadowcrew users were divided into five different roles: administrators, moderators, reviewers, vendors, and members.

Administrators Shadowcrew administrators were the heads of the organization.

Moderators A dozen moderators, chosen from the general membership based on proven skill in fraudulent activity, controlled the flow of information.

Reviewers Reviewers tested the quality of illicit goods (credit cards, passports, etc.) trafficked on the Shadowcrew site. For example, reviewers would run a test called a “dump check” on credit card numbers by hacking into a retailer’s cash register system. The fraudster accessed the system through back doors used by technical support personnel to remotely perform maintenance or repairs. The reviewer would then enter a trivial charge of $1 or $2 to see whether the charge was approved. Reviewers would then write up and post detailed descriptions of the credit cards or other merchandise tested.

Vendors Vendors managed the sale of stolen data. Prices were posted and products were sold using an auction forum much like eBay. Payments were processed via Western Union money transfers or an electronic currency and were made using a fraud victim’s stolen data.

Members Thousands of people used the Shadowcrew website to gather and share information on committing identity fraud. Shadowcrew practiced open registration, but more sensitive discussion areas were password protected, and members needed another trusted member to vouch for them in order to join the forum.

Members could be promoted up the organization by providing quality products or by sharing new or unique tips or techniques for committing fraud. Shadowcrew punished acts of disloyalty. For instance, one disloyal group member had his actual name, address, and phone number posted on the website for all to see.

Shadowcrew’s demise began when MasterCard informed the United States government that a hundred websites promoted and supported identity fraud. The United States Secret Service covertly infiltrated Shadowcrew. Acting as trusted members, agents set up a Virtual Private Network (VPN) over which Shadowcrew leaders could conduct illicit business. The VPN allowed the Secret Service to track the organization’s doings and discover the real identities and locations of Shadowcrew users.

It was vital that all arrests occur simultaneously, because any one of the targets could instantly warn the others via Shadowcrew’s discussion forum. With the help of the Justice Department, Homeland Security, the Royal Canadian Mounted Police, Europol, and local police departments, authorities simultaneously knocked on the suspects’ doors at precisely 9:00 P.M. The operation led to 28 arrests, 21 in the United States. Rather than immediately deactivating the website, investigators replaced the home page with the following warning: “Activities by Shadowcrew members are being investigated by the United States Secret Service.” Under a picture of hands clutching bars of a jail cell, agents listed the criminal charges that Shadowcrew members faced and called on visitors to turn themselves in: “Contact your local United States Secret Service field office before we contact you!”

(Source: J. McCormick and D. Gage, Baseline Security, March 7, 2005.)

Explanation / Answer

4. What is the most common way that fraudsters use personal data?

           The use of personal data without authorization is called as "Identity fraud". Identity fraud occurs when somebody is using your personal data in illicit way.

Fraudster may use your Social Security Number, names, emails, birth certificates and domestic passports for Identity fraud. Fraudster may use trafficked credit card which is one the most common way for fraudster.

            As given case in question of fraudster indicate, Shadowcrew had trafficked in at least 1.7 million credit cards and it was responsible for more than $4.3 million in fraud losses. Fraudsters may use personal data to use illicitly bank accounts, mortgages, credit cards.

Hope this answers your question.

Related Questions

Navigate

• Browse (All)
• Browse 4
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.