Skip to content

Black Friday special: Fraud bargains



Join our mailing list

Signifyd regularly publishes free reports packed with business insights, commerce trends and data from our massive Commerce Network. We’ll only email when we have something meaningful to share, no more than once per week. And of course you can unsubscribe any time.

Black Friday is quickly approaching. To celebrate, we decided to give you an inside look at some of the hottest deals in the fraud world. The social networking era, with its increased availability of information, has made the criminals’ job simpler and provided new sources of revenue.  Marketplaces that used to sell stolen credit card numbers have expanded to include personal profiles, login credentials for email and social networking accounts.

Hot Item: Accounts

Spotlight Vendor: Shopaccs.com

The market for accounts is quite
liquid.  From the shopaccs.com screenshot, you can see that email accounts and social networking accounts are sold side-by-side.  The price list below (from another site) also shows that social networking accounts sell at a premium ($5/1000 for Hotmail, $50/1000 for Facebook).  In most cases, these accounts are auto-registered and are used to send out messages containing links to image malware-infected sites. The malware will then be used to extort money from the victim (so-called “scareware”), turn the victim’s computer into a “bot” (used for more spam or DDoS attacks), or steal the victims’ personal and banking information.

$/1000 Accounts (with bulk discounts)

Order Size: 1k-10k 10k-20k 20k+
Blog.com $30 $28 $25
Blogger.com $50 $50 $50
Facebook.com $50 $48 $45
Gmail.com $30 $30 $30
Hotmail.com $5 $4.50 $4
Linkedin.com $35 $32 $30
Livejournal.com $15 $14 $12
Myspace.com $30 $28 $25
Twitter.com $15 $12 $10
Twitter.com UK $28 $27 $27
WordPress.com $20 $18 $15
Yahoo.com $8 $8 $8

Hot Item: SOCKS Proxies

Spotlight Vendor: Soks.biz

So how do the bad guys manage to get away with sending out spam, stealing/creating thousands of accounts? They image hide their tracks, of course.  The most popular way to hide your origin on the net is a proxy. That’s a comfortable niche for vendors like soks.biz.  The subscription options can be as sophisticated as a legitimate cloud services vendor.  For example, prices will differ for dedicated vs. shared servers.

“Big Ticket” ($2) Item: Credit Cards

Of course, the fraud world’s big ticket item continues to be the credit card.  The cost varies dramatically, ranging anywhere from $2 to $90 per card depending on  quantity of information that comes with it.  In addition to the number, a basic CC package will include name, billing address, email, CVV2, expiration date and phone number.  What’s interesting about social networking accounts is how they can be used to acquire some of this information if needed.  For instance, if the fraudster can add mother’s maiden name and DOB to the package, the price goes up.

Several years ago it took a considerable amount of expertise to setup a fraud organization.   Today, the start-up capital needed is trivial.  Understanding the fraud supply chain is part of what we do at Signifyd, uniquely marrying analyst insights with advanced technology to defend against this new breed of fraud startups.

Signifyd

Signifyd

Signifyd provides an end-to-end Commerce Protection Platform that leverages its Commerce Network to maximize conversion, automate customer experience and eliminate fraud and customer abuse for retailers.