Credit card 'info for sale' websites closed in global raids
- 26 April 2012
- From the section UK
Dozens of websites offering credit card details and other private information for sale have been taken down in a global police operation.
Britain's Serious Organised Crime Agency (Soca) says raids in Australia, Europe, the UK and US are the culmination of two years of work.
Credit card numbers or bank account details of millions of unsuspecting victims were sold for as little as £2.
Two Britons and a man from Macedonia were arrested, with 36 sites shut down.
Some of the websites have been under observation for two years.
During that period the details of about two-and-a-half million credit cards were recovered - preventing fraud, according to industry calculations, of at least £0.5bn.
Lee Miles, the head of Soca's cyber crime unit, told the BBC that criminals were now selling personal data on an "industrial" scale.
He said: "Criminals are turning over vast volumes of these cards. We must match the criminals - it's an arms race.
"They are industrialising their processes and likewise we have to industrialise our processes to match them."
Mr Miles said traditional "bedroom" hackers were being recruited by criminal gangs to write the malware or "phishing" software that steals personal information.
Other IT experts are used to write the computer code that enables the websites to cope, automatically, with selling the huge amounts of data.
"I'd rather arrest 10 code writers than 1,000 front-end fraudsters," he said.
Joint operations on Thursday in Australia, the US, Britain, Germany, the Netherlands, Ukraine, Romania and Macedonia led to the websites being closed down.
A 23-year-old man in Stechford, Birmingham, and a 27-year-old man in Tottenham, north London, have been arrested, along with the man in Macedonia.
More arrests are expected.
Soca is also calling on internet service providers to stop individuals registering websites anonymously.
Automated computer programs can register thousands of similar, but different domain names, and it can be difficult to trace them back to their owner.
"Where individuals register domain names for criminal purposes there is a very loose 'know your customer' regime among the website providers," Mr Miles said.
"What we are trying to do is influence the industry to introduce more secure systems so they do know who is registering these sites and they have a more comprehensive customer database, and do more aimed at preventing criminals buying websites and using them for criminal ends," he added.
The BBC's Ben Ando said that, privately, officers admitted that it could be frustrating dealing with internet companies who were not used to being policed and were reluctant to agree to anything that they perceived to be an infringement of their freedoms.