Business

Is Buying Stolen Credit Card Numbers Really This Easy?

Posted on June 17, 2011 at 11:15pm by Tiffany Gabbay
Print »
Email »

With the help of the Internet, crime rings have been able to steal tens of millions of credit card numbers each year — plucking them right from the ether in fact. But the FBI’s cybercrime unit is reportedly stepping up its game in pursuit of criminals who buy and sell stolen credit card numbers in an online marketplace. To gain access to the sellers’ inventory, one must be a tried-and-true criminal, complete with references…honestly.

NPR reported that Keith Mularski, an agent with the FBI’s cybercrime unit, has had to pose as a rather dubious character in order to gain entree to the online marketplace:

To even be able to see this site — to register and get a password here — Mularski had to use an an alias to persuade two criminals already on the inside to vouch for his criminality.

It‘s sort of the exact opposite of getting two references when you’re applying for a job; rather than vouching for you as an upstanding, law-abiding citizen, you’re getting people to attest to your deviousness.

How the site works:

In order to sell products on the site, you need to be reviewed. So if I was going to sell credit cards, what I would have to do is provide a sample of 50 cards to each reviewer. Then they would test them out and then write a review back, and say, “XYZ provided me 50 cards and there was a good mix of classics and platinum and business cards and there was a 98 percent approval rating. So now I vouch for him to be a vendor on the site.”

This is the central paradox of this marketplace. In order to get in, you have to be a verified credit card thief. But in order to do business, you have to show that you can deal honestly.

This one seller is rated A++, so we click on his name. That takes us to another shop, with a pop-up window. We have to agree with the terms and conditions — which explicitly bar both journalists and law enforcement officials.

But once the credit card numbers are successfully purchased, then what? How are the numbers actually used? According to Mularski, it’s as simple as printing up a new credit card with some very inexpensive equipment, and, off you go to the mall!

Mularski jumps up and pulls open his desk drawer. He pulls out a piece of white plastic with a magnetic strip on it (it looks like a hotel key), and a machine that looks like a toaster for really skinny bagels.

The machine’s called an MSR-206. You hook it up to your computer, and swipe your plastic card through it. It encodes the credit card information onto the magnetic strip — like burning a playlist onto a CD.

Next you run the white plastic card through another machine to get the raised lettering and the holograms that make it look legit.

But this is nothing new. For years, Hackers have been allegedly positioning themselves outside vulnerable retailers with a laptop and simple wifi connection until a customer makes a purchase using his or her credit card. It‘s reported that the credit card’s number is then intercepted from the store’s unsecured credit card processing equipment. Simple as can be.

Here‘s a video from back in 2008 that explains how it’s done.

40 Million Credit Card Numbers Stolen! -8/6/08 by Carter_Flores1585

Back to The Blaze »

Comments (39)

STAR SPANGLED SPAMMER
Posted on June 23, 2011 at 12:55pm
I am selling George Soros’ CC number. We will start the bidding at……

(“trust nobody”)
Report Post » Log in to ReplyReply
- EX1T5U1C1D3
  Posted on January 29, 2012 at 7:07am
  getting THOUSANDS of stolen CC info actually is not too hard, it`s really that easy, but using them to profit is harder.
  selling stolen cc numbers, buy stolen credit card info : NO MINIMAL ORDER to test quality of info.
  vent1lat0r[at]atrus[dot]ru
  stolen CC numbers [not generated crap] and phished PayPal logins in stock.
  Report Post »
EqualJustice
Posted on June 22, 2011 at 7:30pm
THIS IS EXACTLY why we hate putting all of our account information online. They charge more now if you don’t bank online and many places will not except cash or CC payments and you must direct deposit payments ONLINE. Too much info out there in cyberspace waiting to be STOLEN!
Report Post » Log in to Reply Reply
Progressive Wrecking Crew
Posted on June 21, 2011 at 5:41pm
I’ll tell you I truly work all day every day 18 hours a day on the net as a bonifide computer geek and graphic designer/programmer off site for a number of Chicago area design houses for almost 15 years now, which is why I’m on the forums very often, and I go by Chicago Ray.

You can see my work all over Google, and I‘ve never once even come across the ’avenue to which you go down to get to these net destinations‘ and I’ve actually tried out of curiosity and I haven’t come up with Jack.

My point is: the net is now so vast, you can spend all day every day on a different plane of websites each day and still not find half the crap that’s out there. Our daily world is dangerously close to nefarious cartoon-like take over by criminals and cyber geeks who make my 20 years of schooled and real life computer skills look like I’m retarded. It’s frightening to say the least.

We’re all in for a rude awakening on this front in short order like something right out of the movies. :(
Report Post » Log in to Reply Reply
slvrserfr
Posted on June 21, 2011 at 4:18pm
Get rid of your credit cards, The Fed is out of control in charging outrageous rates on this long outdated and corrupt socialist program.
Report Post » Log in to Reply Reply
Gamer234
Posted on June 20, 2011 at 1:45pm
Its nice to see people finally acknowledging this problem. Close to a BILLION DOLLARS every year are stolen through credit card fraud, the major credit card companies employ securities firms to analyze these threats. But they have found that their is almost nothing they can do about it. Most of these criminal hubs are located in russia and china, and we cannot infiltrate their networks enough to stop them. Polymorphic viruses are even scarier, I hope someone is going to find an answer soon.
Report Post » Log in to Reply Reply
jackbauer
Posted on June 18, 2011 at 9:27pm
I see this as a build-up to the next phase. We are told we need a new governance system. A New World Order. A new world financial system. A new way to buy and sell. A new way of doing business. Does 666 mean anything to any of you? Read “The Good Book” to see what’s coming!
Report Post » Log in to Reply Reply
Pokerjoe
Posted on June 18, 2011 at 3:40pm
Use a debit card. To hell with the credit card companys. all the hell one goes thrue when its stolen. It dont seem worth it.
Report Post » Log in to ReplyReply
- Gamer234
  Posted on June 20, 2011 at 1:47pm
  That is the worst thing you could do, you don’t need a pin number for a debit card on the internet.
  Report Post »
JakeEllis
Posted on June 18, 2011 at 11:10am
For over a decade, society has been pushed by ad campaigns claiming the use of debit/credit cards is faster and safer than cash. We have been shown how slow cash transactions are when being used at place of purchases when compared to the use of the ‘safe plastic card’. In reality, quite the opposite is fact.
I have a bank card, and it stays in my wallet.
No need for any worries when CASH is used. NO detailed point of purchase information. NO tracking spending habits.
Remember when we used to have anonymity and privacy both?
CASH
Report Post » Log in to Reply Reply
Redistributor
Posted on June 18, 2011 at 9:06am
It‘s reported that the credit card’s number is then intercepted from the store’s unsecured credit card processing equipment. Simple as can be.

Not true! I would imagine that the data is intercepted because of the unsecured Internet access available to the public and not the retailer’s card processing equipment. When someone places and order online it should be secured with SSL certificate.
Report Post » Log in to Reply Reply
justice
Posted on June 18, 2011 at 4:09am
It’s not only your credit cards. It is your medical information. Hell, it’s everything you do in life general.
Report Post » Log in to Reply Reply
Cold War Vet
Posted on June 18, 2011 at 3:32am
Are Ben Bernanke and Obama members on this stolen credit card site? I wouldn’t put it past them.
Report Post » Log in to Reply Reply
Arc
Posted on June 18, 2011 at 3:20am
“there is honor among thieves” ???? All “undercover” cops begin their new assignment by locating the “main man”, convince the main man thief that you’re an “honest competitor” and your allegiance is only to other thieves. No wonder law enforcement has such a tough time cracking these credit card thieves. ( yeah riiiight, all these crooks are brilliant) Bulger was a genius and psychic, he knew the jig was up so he hauled ass……………….. I also sell life insurance to death row inmates.
Report Post » Log in to Reply Reply
nomercy63
Posted on June 18, 2011 at 1:47am
You don’t have to use lifelock and pay their fees just lock your credit file with the credit reporting agencies cost 10 dollars each and done no one can access it and since you locked it it is easy to dispute anything on it.
Report Post » Log in to Reply Reply
RationalMan
Posted on June 18, 2011 at 12:28am
Time for “Lifelock” even, Mark Levin got tap, but, Lifelock saved his a**!!!!
Report Post » Log in to Reply Reply
frustratedwithgovt
Posted on June 18, 2011 at 12:28am
Slightly of topic but if you want a fairly easy solution for online banking look into downloading a copy of Unix ( mint / unbuntu etc ) – burn it to a disk and you can boot your pc up on a clean operating system with internet access. Once your done just pop it out and reboot back to windows. Nothing is ever guaranteed but that is as close as I have found. Nice thing about unix is that very fast as well.
Report Post » Log in to Reply Reply
nomercy63
Posted on June 18, 2011 at 12:20am
Need a loan go to a loan shark cheaper then a bank or credit card!!!
Report Post » Log in to Reply Reply
Oil_Robb
Posted on June 18, 2011 at 12:04am
test
Report Post » Log in to Reply Reply
frustratedwithgovt
Posted on June 17, 2011 at 11:42pm
I haven’t taken cash out of an ATM in years and I never use my debit card. I use a credit card with a very small limit on it for all my day to day purchases and then pay it off in full at the end of each month. In this day and age you have to limit your exposure – bad folks abound.
Report Post » Log in to ReplyReply
- jb.kibs
  Posted on June 17, 2011 at 11:56pm
  that’s exactly what i do. small limit CC that can be disputed if anything goes wrong.
  Report Post »
- cowdude
  Posted on June 18, 2011 at 9:19am
  There was a gas station near my house that collected 3000 unique cc numbers. Half of them were never used…yet!!! It was part of a Russian mob thing.
  
  Cowdude
  
  http://conservativewatercooler.com
  Report Post »
snidley-whiplash
Posted on June 17, 2011 at 11:40pm
Can’t be any worse than QE1,QE2 and soon coming to a ATM near you QE3
Report Post » Log in to ReplyReply
- vennoye
  Posted on June 18, 2011 at 12:34am
  At least credit cards have credit limits!!
  Report Post »
independentvoteril
Posted on June 17, 2011 at 11:40pm
they have been doing this for years.. you have to be careful and even then it’s not assured your safe.. always better to be richest person in a poor neighborhood than the poorest person in a rich neighborhood.. people tend to do this type stuff in the better neighborhoods figuring they have MORE available credit..
Report Post » Log in to Reply Reply
Exrepublisheep
Posted on June 17, 2011 at 11:39pm
Those “sponsored links” at the bottom of the story seems like a great way to get your private info out there too.
Report Post » Log in to Reply Reply
Psychosis
Posted on June 17, 2011 at 11:25pm
sure, lets name the machine that lets you do this, then show a video on how to do it

kinda like the reporters telling the enemy what our military was doing in vietnam dumb a$$eSS
Report Post » Log in to ReplyReply
- SacredHonor1776
  Posted on June 17, 2011 at 11:36pm
  Another reason to ban ATMs!
  Report Post »
- jb.kibs
  Posted on June 17, 2011 at 11:58pm
  could be a ploy to get more people to ‘try it’ because they want to bust them…
  Report Post »
- fastfacts
  Posted on June 18, 2011 at 12:06am
  It’s just as easy as getting drugs at school. All of the kids knew who were pushing them or who knows where to get them.
  
  This is why people are starting to teach their kids at home or sending them to private schools. Chris Christie was asked yesterday about how he know anything about public schools since his kids go to private. He laid out a good argument and then said, “It’s none of your business” http://tiny.cc/zenkf
  Report Post »
- Dustyluv
  Posted on June 18, 2011 at 12:48am
  Keith Mularski, an agent with the FBI’s cybercrime unit, has had to pose as a rather dubious character in order to gain entree to the online marketplace:
  
  An FBI agent does not need to pose as a criminal…They are criminals.
  Report Post »
- Snowleopard {gallery of cat folks}
  Posted on June 18, 2011 at 1:25am
  @Sacred Honor:
  
  You hit upon the crux of the matter. Obama a couple of days ago was complaining of ATM’s being a cause of the unemployment and slow economy; he also wants regulations in force for ATM fees of the banks.
  
  And now the left’s main propaganda arm of NPR is saying this of credit cards, and by default the ATM cards…see a pattern for what is coming next?
  Report Post »
- ME
  Posted on June 18, 2011 at 2:09am
  If this where all true where are the arrest?? lets see the long list once you know about the chat room you could easily with a warrant get all the IPs and arrest all of them, where are the arrest??? Is the blaze now feeding the machine by passing on this crap called news??? this is propaganda, this is a crises, this is something we need new “protection” from. Please pretend your awake…. from NPR was my first clue
  Report Post »
- gotta light
  Posted on June 18, 2011 at 9:04am
  and who say there is no honor amongsat theives LMAO
  
  Hey bud gotta light?
  Report Post »
- TexasCommonSense
  Posted on June 18, 2011 at 9:21am
  Mine was apparently “skimmed”, probably by wait-staff, a card was made and used in New York. Luckily I caught it about an hour after the first transaction for about $200 and cancelled the card immediately. Chase refunded the purchase, and after a brief investigation, refunded all related charges permanently. an When I go to a restaurant now, I politely tell the waiter or waitress I have to stay with my card and I go with them to check out. So far they’ve all understood and some even guessed why. If they ever do give me grief I‘ll tell them to get a manager or I’m walkin’ the bill. It’s as simple as that.
  Report Post »
- TomFerrari
  Posted on June 18, 2011 at 10:41am
  OLD ‘news’
  
  note video is from 2008 – OLD NEWS.
  
  solution? WIRED NETWORKS IN STORES, secured routers, DS encryption hardware IN the card readers, and future technology such as single-photon generation.
  
  MOST IMPORTANTLY – hold RETAILERS accountable for their networks! If a credit card company can prove xyz had an unsecured network that caused/allowed theft of cc info, the RETAILER must re-imburse the cc co! THEN you would see retailers secure their networks, instead of hiring their 8-yr old to install a wireless network. Retailers would also DEMAND the manufacturers of cc-swipe machines provide SECURE equipment – Non-secure equipment should also be held liable. As it is, the cc co assumes all the liablitiy – yet another reason rates are so high.
  Report Post »
- Tom Phipps
  Posted on June 18, 2011 at 12:30pm
  Your absolutely right Psychosis
  It’s like during the first Gulf war, and horrendous revolver ( harold rivera ) was drawing maps in the sand showing positions and where they were going next. It was asked to go home after that, unfortunately he came to America.
  Report Post »
- PrfctlyFrank
  Posted on June 18, 2011 at 2:01pm
  Yawn…. Old news as has been stated… Meh..
  Report Post »
- Gamer234
  Posted on June 20, 2011 at 1:38pm
  @ME “If this where all true where are the arrest?? lets see the long list once you know about the chat room you could easily with a warrant get all the IPs and arrest all of them, where are the arrest??? Is the blaze now feeding the machine by passing on this crap called news??? this is propaganda, this is a crises, this is something we need new “protection” from. Please pretend your awake…. from NPR was my first clue”
  
  This is a very real problem, I work for an internet securities company, and you have no idea how unsafe you are on the internet. China, russia, ethiopia they buy and sell credit card numbers, SSN, identities, all the time, and there is nothing we can do about it. The reason their are no arrests, is because these people use sophisticated computer code to remain anonymous. NPR could not be more accurate about this problem.
  Report Post »

It appears that you have Javascript Disabled. Please enable Javascript in your browser preferences for a better user experience on TheBlaze. You can not comment without Javascript enabled.