Online credit-card fraudster jailed

By PETER GRIFFIN


A fraudster who used credit-card numbers harvested illegally on the internet to buy computer equipment has been jailed in one of the first convictions under new computer provisions of the Crimes Act.

Phillip Greig was sentenced to 20 months' prison in the Manukau District Court last week for five charges of using a credit card to unlawfully obtain property and one charge of dealing with accessing a computer system - the internet.

Greig, 21, is the local face of a plague hitting online retailers and card owners alike - using stolen credit-card numbers in online "card-not-present" transactions.

During March and April, Greig visited an internet chatroom where he obtained a link to a site listing stolen credit card numbers.

He then rang Newmarket computer seller Compulink and used several credit card numbers to buy $6900 worth of equipment. His scam successful, he returned to spend $1400 more on computer gear.

But Greig's plan fell over when he tried to sell the equipment on auction site Trademe.co.nz in a bid to convert the goods into laundered cash.

Staff at Compulink recognised the equipment online and called the police.

In his defence, Greig, who owned up to the fraud, said that he had to meet household expenses and considered not being able to do so worse than using his computer to steal.

But that did not wash with tech-savvy Judge David Harvey.

He said there were aspects of computer crime that make it "particularly insidious" given the ability to be anonymous and avoid detection.

"You were able to access information which is available in the demimonde, or twilight zone, of the internet. Credit-card numbers are harvested by individuals who have absolutely no compunction whatsoever about utilising sophisticated computer technology to crack into other people's computers," Judge Harvey wrote in his judgment.

Weighing against Greig was the fact he faced two charges of burglary in 2002, was sentenced to community service, but broke his sentence. In January he was also sentenced to 400 hours of community service and ordered to make reparations of $7463 after taking payment for goods advertised on the internet but never delivering the goods.

No reparations were ordered in the most recent offending because Greig has no money.

Judge Harvey sentenced Greig to 20 months in prison for accessing a computer system and 18 months for the other charges of credit-card fraud. Home detention was refused and the sentences are to be served concurrently.

Poor identity verification practices underlie credit-card fraud.

New provisions being brought in by the major card vendors and known as EMV (Europay, Mastercard, Visa) will require card terminals to be upgraded to deal with computer-chip-enabled credit cards.

Such cards will then be able to be used with a reader device connected to a user's home PC to make safer internet transactions where the card has to be present.

But that level of safety is still some time away - the first batch of local terminals will be updated in early 2006. Chip-enabled cards are likely to be issued by the banks in large numbers from next year.

The ANZ already has a chip card on offer with its "Zed" card, but uptake is understood to have been limited.

* National Internet Fraud Watch Information Center