Demo on Purchasing Stolen Credit Cards

I recently attended the Southwest Graduate School of Banking (SWGSB) alumni program and went to a half-day session on cyber security. This was not your father’s session on cyber security. The morning session was largely the normal material presented well. The afternoon was a demo of how easy it is for criminals to operate anonymously using phony social profiles, dumb phones purchased with cash and The Onion Router (TOR), and how easy it is to purchase card skimmers and other hardware necessary for credit card theft. Previously, I thought that it took a fair amount of technical sophistication for criminals to purchase stolen credit card and other identity information; how wrong I was. I know very few people who do not have the intellectual capacity to quickly master the techniques required to turn themselves into effective cyber and/or credit card criminals.

Although it is likely that someone performing this line of criminal activity would eventually mess up something and tie their anonymous identities to their real person, it would be very labor intensive (and expensive) for businesses and law enforcement to track all of the points of contact to find the point where the individual made the slip-up. The relatively low cost of stolen card numbers is a clear indication that there is ample supply of stolen information. Although I’m not going to cancel all of my credit cards, I will start to use cash at restaurants, and will start looking for retail computers that are still running Windows XP–which went out of support last year and is now a cyber criminal’s delight. I was very surprised when I saw the Windows XP logo on a machine at a restaurant in the Arts District last week.

As a society, we are woefully unprepared from a cyber security perspective.