lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060526092216.A2E59328040@radish.jmason.org>
Date: Fri, 26 May 2006 10:22:16 +0100
From: jm@...son.org (Justin Mason)
To: Lance James <phishing@...urescience.net>
Cc: phishing@...urityfocus.com, "full-disclosure@...ts.grok.org.uk"
	<full-disclosure@...ts.grok.org.uk>, Phish-Net
	<phish-net@...ta.net>, bugtraq@...urityfocus.com, "Malicious
	Activity Awareness &amp;
	Response Discussions" <general-discussion@...-aware.org>, Apwg
	<apwg@...iphishing.kavi.com>
Subject: Re: [General-discussion] Graph analysis of stolen
	credit cards



hi Lance --

interesting data!

It might be worth scaling that against each bank's credit-card issuance
volumes, to compensate for their relative sizes.   This report --
http://www.chicagofed.org/publications/publicpolicystudies/emergingpayments/pdf/eps-2001-2.pdf
-- gives these account volumes for the top 10 banks on page 33:

  1. Bank One Corp./First USA 64,191
  2. Citibank 40,600
  3. Morgan Stanley Dean Witter 38,500
  4. Capital One Financial Corp. 23,705
  5. The Chase Manhattan Corp. 15,592
  6. Households Credit Services Inc. 15,030
  7. Providian Financial Corp. 12,400
  8. Bank of America 12,000
  9. Associates National Bank 8,764
  10. FleetBoston Financial Corp. 7,237

(volume of accounts in thousands).   However that's from 7 years
ago :(

There may be more recent figures but a quick google can't find 'em. 

--j.

Lance James writes:
> Hi all,
> 
> We took one sample of one carding/phishing forum that our Global
> Surveillance Center was monitoring and sampled the set into a graph that
> lists the top 10 banks and the losses over the last month. As you can
> see, it's obvious who the top credit card companies are out there, but
> at the same time, we can see an ever increasing on the top targets but
> not necessarily an increase on the lower tiers over the entire three
> months, but in the first two we see a significant increase in success
> with stolen credit cards in general. In this case, the loss that we
> captured (which probably isn't nearly the number captured by this forum)
> was a little over 21,000 credit cards.
> 
> Thought this might interest some, and if this is interesting, we are
> going to be providing a graph of the losses of top targets with malware
> in the upcoming weeks.
> 
> Attached is the chart.
> 
> -- 
> Best Regards,
> Lance James
> Secure Science Corporation
> www.securescience.net
> Author of 'Phishing Exposed'
> http://securescience.net/home/news/phishingexposed.html
> **********************************************
> * New IntelliFound Service 2 weeks free	     *
> * Real-Time Identity Surveillance Service    *
> * https://slam.securescience.com/signup.cgi  *
> **********************************************
> 
> _______________________________________________
> General-discussion mailing list
> General-discussion@...-aware.org
> http://mal-aware.org/mailman/listinfo/general-discussion

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ