Who Ends Up with Your Stolen Credit Car Info? Criminals Take Advantage of Network Meant to Protect Privacy

In the wake of the Target security breach and Home Depot’s recent breach, CNN’s Laurie Segall takes a look at where stolen personal information might end up.

The value of your stolen credit card information depends on your geographic location and the bank issuing the card — and how fast it is known to respond to reports of a stolen card. The average blackmarket price for all the data on your credit card is a little over $100. The cost for data from an EBay or PayPal account is about $27. The cost for data for an entire bank account is about $187.

Criminal operators operate in the Dark Web to sell credit card data, sell drugs, and sell firearms.

Dark Internet is technically an area of the web that is not accessible. The Deep Web is Internet content that is not part of the “Surface Web”, which is indexed by standard search engines. Darknet distributed filesharing network, which could be classified as a smaller part of the Deep Web. Some prosecutors and government agencies think that the Deep Web is a haven for serious criminality.

Deep Web should not be confused with the dark Internet, the computers that can no longer be reached via the Internet and cannot be indexed by standard search engines. Darknet is a private network where connections are made only between trusted peers — sometimes called “friends” (F2F). DarkNet Internet sites use non-standard protocols and ports, and users usually need specialized software instead of a regular web browser to access the DarkNet sites.

Deep Web resources are made possible by the following methods, and may be classified into one or more of the following categories:

Dynamic content: Dynamic pages which are returned in response to a submitted query or accessed only through a form, especially if open-domain input elements (such as text fields) are used where the fields are hard to navigate without domain knowledge.

Unlinked content: Pages which are not linked to by other pages, which may prevent Web crawling programs from accessing the content. These pages have code in the header that tell search engine robots to ignore the pages — content is referred to as pages without backlinks (or inlinks). These pages are known as Limited access content sites that limit access to their pages in a technical way (e.g., using the Robots Exclusion Standard or CAPTCHAs, or no-store directive which prohibit search engines from browsing them and creating cached copies.)

Private Web: Internet sites that require registration and login (password-protected resources). Robots can’t get past login pages, although there is software that can attempt millions of user name/password combinations to gain access.

Contextual Web: pages with content varying for different access contexts (e.g., ranges of client IP addresses or previous navigation sequence).

Scripted content: Web pages that are only accessible through links produced by JavaScript as well as content dynamically downloaded from Web servers via Flash or Ajax solutions.

Non-HTML/text content: Textual content encoded in multimedia (image or video) files or specific file formats that are currently impossible for search engines to index.

The Tor Project provides free software that is used for online anonymity and resisting censorship. Tor, formerly known at The Onion Router, is designed to make it possible for users to surf the Internet anonymously so their activities and location can’t be discovered by government agencies, security analysts, the military, corporations, or anyone else.

Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis. Tor makes it more difficult for Internet investigators to track activity back to the user. Anonymous users hope to hide their visits to Web sites, specific page views, downloads, online posts, instant messages, and other Internet communications methods. While Tor products can enhance criminal activity, it’s stated use is the protection of the personal privacy and freedom of users.

Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.

— Torproject.org

A recent NSA appraisal characterized the Tor project as “the King of high secure, low latency Internet anonymity” with “no contenders for the throne in waiting”.

Tor projects include the following …

Tor Browser
“Contains everything you need to safely browse the Internet”

“Live CD/USB operating system preconfigured to use Tor safely” — Operating System on a USB stick.

“Tor for Google Android devices”

The Tor project proclaims being a member of the Internet Defense League — a political activism website with the goal of organizing online protests of anti-piracy legislation. Mozilla, Reddit, and WordPress are other notable Internet organizations that are members of the Internet Defense League.

Get updates from The Cardinal CRIME BLOG ‘Plus’ on Facebook. Just ‘LIKE’ the ‘Arlington Cardinal Crime & Forensics’ Page (become a fan of our page). The updates cover all posts in the 24/7 Crime Alerts! and sub-categories. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …