KEY POINTS:
The internet black market for credit cards, bank details and even full identities is growing quickly, according to the latest web security report.
Security specialist Symantec says a highly organised underground economy allows cybercriminals to quickly trade stolen and confidential information.
The company's twice-yearly Internet Security Threat Report also said that the web had easily become the primary conduit of attack activity.
Online users can increasingly be infected simply by visiting everyday websites, including popular social networking sites where users happily and habitually upload large amounts of personal information.
It said that the price of a credit card within the plentiful black market depended on factors like the physical location of the issuing bank, but could be as little as 50 cents.
Bank account details, which account for a massive 22 per cent of available 'goods' can be bought for just $12.50.
Full identities made up 9 per cent of items for sale, and Symantec warned that type of theft increased 6 percent during 2007.
These ultra-sophisticated information clearing houses conduct their business using instant messaging groups and web forums that can only be accessed for a matter of days - or even just a few hours.
European Union accounts and cards are among the most valuable, because they can be used across the continent. American accounts are also towards the top of the heap for their ease of use.
The report identified that social networking sites are becoming a prime hunting ground for cybercrooks looking for identities to steal.
As internet users become more security aware, the report noted, those wanting to exploit them have been forced to change their approach. Most of those belonging to social networking sites felt safe using them and tended not to take the same sort of security precautions they would elsewhere.
"Avoiding the dark alleys of the Internet was sufficient advice in years past," said Stephen Trilling of Symantec Security Technology and Response.
"Today's criminal is focused on compromising legitimate websites to launch attacks on end-users, which underscores the importance of maintaining a strong security posture no matter where you go and what you do on the internet."
The BBC today reported that bulk buy packages of details were advertised within the hacker community, giving batches of 50 or 500 credit cards at a discounted rate.
Those who sold incorrect information quickly found themselves unable to sell other data, with the community exacting 'harsh consequences' on those who misrepresented product.
The Symantec report is compiled from data collected by internet sensors, first-hand research and active monitoring of hacker communications.
- NZ HERALD STAFF
