With more people looking to get into the online crime racket and huge caches of personal information cheap and easy to come by, documents describing the process of committing (and getting away with) online fraud are becoming hot commodities.
This according to a study [PDF] from security biz Terbium Labs, which analyzed three massive darknet markets, and found that fraud guides were by far the most popular item being sold. The study was based on observations of Empire Market, White House Market, and Canadian HeadQuarters, three underground souks the researchers likened to Amazon and eBay in their massive footprints and use of ratings to rank merchants.
The Terbium team reckons that these guides, which help newbie crooks through the process of things like setting up bank fronts, crafting phishing emails and stealing money out of victim accounts, make up just under half (49 per cent) of all data transactions on the store (not including drugs or for-hire services like DDoS attacks).
"What they have in common is detailed information on how to export an organization's current policies," Terbium Labs said of the guides. "Oftentimes, the content in fraud guides doesn't require any prior knowledge from the reader (criminal) and can realistically lead to successful execution of the outlined steps."
By comparison, financial data records were a distant second, only accounting for 15.6 per cent of all transactions, followed by non-financial account details, which made up 12.2 per cent of what people were buying.
The merchants are not only selling more of the guides, they are also getting a better price for them than stolen financial records generally fetch. A single fraud guide will typically run you about $7.80, while account details will vary widely in prices and low-value credentials could only for for about $1 each.
"We routinely see stolen data for sale on these markets for surprisingly low prices, considering how expensive the consequences of stolen data can be to an organization," said Terbium chief strategy officer Tyler Carbone. "The missing piece here is the way criminals buy that data and make use of available knowledge and tools to exploit it."
Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web storeREAD MORE
This despite what Terbium says is a skeptical attitude toward the guides and their accuracy of information. Despite not expecting many of the schemes in the guides to actually work (criminals can't be trusted - go figure), would-be hackers are so desperate for material that they buy up the how-to manuals in droves.
Interestingly, what Terbium advises its customers to do is learn about what is in these guides and guides and take countermeasures.
In addition to protecting companies from the specific schemes mentioned, this will also play against the greatest weakness of these markets: the common belief among criminals that guides are often unreliable and inaccurate.
"This is a good thing for businesses – if a business purchases a fraud guide early, they can change the affected internal policies immediately and thereby, render that fraud guide useless," Terbium explains.
"As a result, the seller of that fraud guide will be discredited and likely deemed untrustworthy by other criminals." ®