[Clips] As Identity Theft Moves Online, Crime Rings Mimic Big Business
R.A. Hettinga
rah at shipwright.com
Wed Jul 13 13:10:54 EDT 2005
--- begin forwarded text
Delivered-To: clips at philodox.com
Date: Wed, 13 Jul 2005 12:54:49 -0400
To: Philodox Clips List <clips at philodox.com>
From: "R.A. Hettinga" <rah at shipwright.com>
Subject: [Clips] As Identity Theft Moves Online,
Crime Rings Mimic Big Business
Reply-To: rah at philodox.com
Sender: clips-bounces at philodox.com
<http://online.wsj.com/article_print/0,,SB112121800278184116,00.html>
The Wall Street Journal
July 13, 2005
U.S. BUSINESS NEWS
Fraud Inc.
As Identity Theft Moves Online,
Crime Rings Mimic Big Business
Russian-Led Carderplanet
Steals Account Numbers;
Mr. Havard Hits ATMs
'Common Punk' to 'Capo'
By CASSELL BRYAN-LOW
Staff Reporter of THE WALL STREET JOURNAL
July 13, 2005; Page A1
At 19 years old, Douglas Cade Havard was honing counterfeiting skills he
learned in online chat rooms, making fake IDs in Texas for underage college
students who wanted to drink alcohol.
By the age of 21, Mr. Havard had moved to England and parlayed those skills
to a lucrative position at Carderplanet.com, one of the biggest
multinational online networks trafficking in stolen personal data. Having
reached a senior rank in the largely Russian and Eastern European
organization, he was driving a $57,000 Mercedes and spending hundreds of
dollars on champagne at clubs and casinos.
Now 22, Mr. Havard is in a Leeds prison cell, having pleaded guilty to
charges of fraud and money laundering. The Carderplanet network has been
shut down.
As other similar groups thrive and proliferate, Mr. Havard's case provides
a rare insight into the underground marketplace for stolen information, a
surging white-collar crime of the 21st century. It affects as many as 10
million Americans at a price tag of $55 billion to American business and
individuals, according to industry and government studies.
While banks typically compensate customers for fraudulent losses, victims
can spend hundreds of hours repairing the havoc wreaked on their personal
records and finances and often end up paying legal fees to do so.
Sometimes, ID-theft victims are forced to pay off the debt racked up in
their name by fraudsters. In the most insidious cases, they are arrested
for crimes committed by the person who stole their identity.
Most identity theft still occurs offline, through stolen cards or rings of
rogue waiters and shop clerks in cahoots with credit-card forgers. But as
Carderplanet shows, the Web offers criminals more efficient tools to
harvest personal data and to communicate easily with large groups on
multiple continents. The big change behind the expansion of identity theft,
law-enforcement agencies say, is the growth of online scams.
Police are finding well-run, hierarchical groups that are structured like
businesses. With names such as Carderplanet, Darkprofits and Shadowcrew,
these sites act as online bazaars for stolen personal information. The
sites are often password-protected and ask new members to prove their
criminal credentials by offering samples of stolen data.
Shadowcrew members stole more than $4 million between August 2002 and
October 2004, according to an indictment of 19 of the site's members
returned last October by a federal grand jury in Newark, N.J. The
organization comprised some 4,000 members who traded at least 1.5 million
stolen credit-card numbers, the indictment says.
The organizations often are dominated by Eastern European and Russian
members. With their abundance of technical skills and dearth of jobs,
police say, those countries provide a rich breeding ground for identity
thieves. One of Carderplanet's founders was an accomplished Ukrainian
hacker who went by the online alias "Script," a law-enforcement official
says. As with many of its peers, the Carderplanet site was mainly in
Russian but had a dedicated forum for English speakers.
One English speaker was Mr. Havard. He was arrested in Leeds in June 2004
after allegedly stealing millions of dollars from bank accounts in the
United Kingdom and the U.S. The charges against him have been detailed in
hearings in the Leeds Crown Court, where Mr. Havard recently pleaded
guilty. Last month, he was sentenced by a British judge to six years in
prison. His U.K. lawyer, Graham Parkin, says Mr. Havard "accepts his role."
Mr. Havard grew up in an upper-middle-class neighborhood in north Dallas.
The son of a well-off entrepreneur who founded a local
health-care-technology company, he attended a private high school and then
Southern Methodist University before dropping out in the summer of 2002
after his freshman year.
Mr. Havard began honing his criminal skills as a tall, heavy-set teenager.
He started using computers at a young age because of writing difficulties,
his lawyers say. He learned about making fake IDs in online discussion
forums.
In February 2002, Dallas police arrested the blue-eyed, brown-haired youth
selling 10 gallons of an ecstasy-like party drug to an undercover cop,
according to a report of the arrest. By that summer, aged 19, he faced a
total of five felony charges, including drug-dealing, robbery at gunpoint
and counterfeiting, court documents in Texas' Dallas and Collin counties
show. He soon broke bail and fled the U.S.
Mr. Havard is the kind of "common punk that we deal with every day," says
Eric Mountin, an assistant district attorney in Dallas county. "The only
difference is that he comes from a more well-to-do family, which gave him
more freedom to move internationally." Mr. Havard's father declined to
comment about his son's activity.
U.S. authorities are seeking to extradite Mr. Havard to prosecute him for
the charges he faces in Texas. His U.S. lawyer, Kevin Clancy of Dallas,
says "we're vigorously defending him against the extradition proceedings
and the charges."
After skipping bail, Mr. Havard traveled to Belize, Costa Rica and Canada.
He maintained his contact with the online counterfeiting world during his
travels and began interacting with Russian thieves, his lawyers say. With
no steady income, he made money as a middleman in a scam buying and selling
goods with stolen credit-card numbers, his lawyers say. It's unclear when
he first joined Carderplanet.
In early 2003, he arrived in the U.K. using an Irish passport in the name
of McNamara, they say. He met up with people he had met online and settled
in Leeds, a city once known for its textile mills that is undergoing a wave
of redevelopment.
Using the nickname "Fargo," which is a brand of machines used to encode
magnetic strips, he communicated regularly with other members of
Carderplanet, which had started in 2001, according to U.K. and U.S.
authorities.
He became a "reviewer" on the site, testing illicit merchandise before it
was sold, according to the U.K.'s National Hi-Tech Crime Unit, or NHTCU,
which led the investigation of Carderplanet. Would-be sellers mailed Mr.
Havard copies of fake drivers' licenses and counterfeit travelers checks
that he screened to check the authenticity of their security features, such
as their crests and colors, the U.K. police agency says.
Mr. Havard worked his way up the organization to the status of "Capo di
Capi," a misspelled version of a title typically associated with the
Italian mafia, U.K. and U.S. authorities say. "Capo dei Capi" means "the
boss of all bosses," but was used more loosely in the Carderplanet network
to signify high rank. In an organization largely made up of Russian and
Eastern European members, Mr. Havard is one of only two Americans
authorities believed to have reached that status. At the very top of the
organization were about half a dozen individuals who called themselves "the
family," the NHTCU says.
Carderplanet boasted roughly 7,000 members and served as a marketplace for
millions of stolen accounts, according to Larry Johnson, special agent in
charge of the U.S. Secret Service's criminal investigative division. Many
of the stolen accounts came from hackers who targeted dozens of
organizations such as banks, e-commerce sites and government agencies in
the U.S., U.K. and Australia, he says.
The NHTCU suspects fake emails and Web sites may also have been used to
harvest information trafficked on the site. One common form of theft is
known as phishing, which uses emails designed to look as if they are from a
legitimate bank or retailer to trick consumers into entering credit-card,
banking or other sensitive information at fake Web sites. Stolen account
information can sell online for as little as a few dollars and as much as
several hundred dollars.
Mr. Havard teamed up with Lee Elwood, a 23-year-old Scotsman he met via
contacts he made online. Mr. Elwood, who used the online alias "Raptor,"
frequently commuted to Leeds from his base in Glasgow, prosecutors say. The
pair rented a series of short-term properties for their activities, often
paying rent upfront in cash. Mr. Elwood didn't respond to a letter mailed
to him in prison. His lawyer declined to comment.
By late summer 2003, they were hard at work. The Russians relayed to them
pairs of ATM accounts and PIN numbers via instant messenger, typically in
batches of 50 to 120, according to the NHTCU. With extra software, instant
messenger can be made more secure than email. Messrs. Havard and Elwood
loaded the information onto the magnetic strips of blank cards and pre-paid
cellphone cards using hand-held encoders that plug into a computer, the
NHTCU says.
The two men then withdrew money from bank machines with the fake cards,
sending 60% of the proceeds back to St. Petersburg and elsewhere in Russia
via Western Union, the NHTCU says. Western Union records show several names
as being the recipients of the funds, but it's unclear if the recipients
belonged to one gang or to different groups, the U.K. agency says.
Messrs. Havard and Elwood split their 40% cut between themselves, after
allowing for a 5% wire-transfer fee, according to prosecutors. Mr. Havard
also sometimes worked with a small team in the U.S., to which he relayed
the stolen data forwarded by the Russians. The Russians kept close tabs on
what Mr. Havard did and complained that he took out less than the limit on
the cards, Mr. Havard's lawyers say.
In another scam, Mr. Havard and Mr. Elwood obtained stolen credit-card
details via Carderplanet connections and used them to buy laptop computers
and other electronic goods online, prosecutors say. They then resold the
merchandise on online auction sites such as eBay Inc.
>From August 2003 to mid-2004, Messrs. Havard and Elwood stole about $1.3
million from British and American bank accounts using the stolen ATM-card
information forwarded by the Russians, U.K. prosecutors allege. Altogether,
including the proceeds from their credit-card swindles, the NHTCU suspects
the two men stole about $11.4 million over the course of about 18 months
starting in early 2003.
The money funded an extravagant lifestyle. Mr. Havard's Mercedes had tinted
windows, a leather interior and a top-of-the-line stereo system, the NHTCU
says. Mr. Elwood also bought a Mercedes and a Rolex watch. Mr. Elwood told
British authorities he earned up to about $3,500 a week from his
activities, but police suspect it was significantly more than that.
Business came to an abrupt end in June 2004 after U.K. law enforcement
received a tip from the Federal Bureau of Investigation, which was looking
for Mr. Havard in connection with his Texas crimes. Mr. Havard awoke one
morning to find a dozen policemen at his converted-warehouse apartment in
Leeds, the NHTCU says.
The officers discovered $28,000 of forged traveler's checks and a portfolio
of identities bearing his photo, including phony drivers' licenses and fake
or doctored passports from Spain, Ireland and the U.S.
The policemen also found high-resolution images of bank and credit-card
logos stored on a computer along with fake holograms, blank plastic cards
and a heat press for embossing numbers. Mr. Havard also had about $17,600
in cash stashed at various addresses, the NHTCU says.
Investigators then zeroed in on Mr. Elwood, who was arrested two weeks
later in Glasgow. Soon after, senior members of Carderplanet closed the
site down, citing law-enforcement scrutiny, says Mr. Johnson. Shadowcrew
and Darkprofits also have shut down amid a sweeping crackdown by U.S. law
enforcement.The NHTCU says it hasn't extended its investigation to Russia.
The Russian police declined to comment. U.S. law-enforcement officials say
that while cooperation from Russian authorities on cyber crime is
improving, they receive help on maybe one of about every six requests for
assistance. U.S. authorities continue to investigate the Carderplanet
network.
In April, Mr. Elwood received a four-year jail sentence after also pleading
guilty to fraud and money laundering. Last month, Mr. Havard stood in a
small, windowless courtroom in Leeds. Sporting a gray polo shirt and jeans,
he appeared tired. Police officers said he'd lost weight. Mr. Havard
swallowed and stared straight ahead as the judge noted the seriousness of
his crimes. He remained stony-faced as his six-year sentence was delivered.
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
_______________________________________________
Clips mailing list
Clips at philodox.com
http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list