U.S. flag

An official website of the United States government, Department of Justice.

Examining the Structure, Organization, and Processes of the International Market for Stolen Data

NCJ Number
245375
Date Published
March 2014
Length
156 pages
Annotation
Based on a survey of 13 Web forums that buy and sell a range of products, the majority (84.3 percent) being some form of stolen data, this study examined the distribution of the goods sold, the social organization of market actors, and the network structure that support the stolen-data market generally.
Abstract
The majority of sellers offered "dumps," referring to bank account or credit card data (44.7 percent), as well as CVV data from credit cards (34.9 percent) and various forms of electronic data, such as eBay and PayPal accounts (1.4 percent). A number of sellers also offered resources for obtaining currency from these accounts on or off-line (7.4 percent), and a small percentage sold malware and tools that facilitate cyber crimes. The majority of stolen data came from the United States and Europe, with products having a range of advertised prices. Findings suggest that the markets are primarily collegial at the individual level, enabling individuals to work together in facilitating transactions. There is also a distinct division of labor among participants on the basis of products sold and skill sets available. At the macro level, eight of the forums apparently operate as formal organizations based on managerial structure and long-term operations compared to other forms of on-line criminality. Quantitative social network analyses were used to explore the network structure among participants within the forums. The majority of networks had just over 50 percent of users connected. Sellers were the central actors, although buyers and neutral users posted more frequently and were critical to information sharing and promotion of user reputation. There was a high correlation between the number of posts and the number of users in each forum. Consequently, these network apparently have substantive redundancies that make them difficult to disrupt through traditional external means of node removal. 15 figures and 82 references

Date Published: March 1, 2014