Carding (fraud)

[9] Today, various methodologies include skimmers at ATMs, hacking or web skimming an ecommerce or payment processing site or even intercepting card data within a point of sale network.

[10] Randomly calling hotel room phones asking guests to "confirm" credit card details is example of a social engineering attack vector.

[33][34][failed verification] Many forums also provide related computer crime services such as phishing kits, malware and spam lists.

[41] Logins to many sites may also be sold as a backdoor access apparently for major institutions such as banks, universities and even industrial control systems.

Tax refund fraud is an increasingly popular method of using identify theft to acquire prepaid cards ready for immediate cash out.

Methods such as "trashing", raiding mail boxes and working with insiders at stores were cited as effective ways of acquiring card details.

[7] Characters such as "The [51] Vindicator" would write extensive guides on "Carding Across America", burglary, fax fraud, supporting phreaking,[52] and advanced techniques for maximizing profits.

[53] During the 1980s, the majority of hacker arrests were attributable to carding-related activities due to the relative maturity of financial laws compared to emerging computer regulations.

[49] Started in 1989, by 1990 Operation Sundevil was launched by the United States Secret Service to crack down on use of BBS groups involved in credit card fraud and other illegal computer activities, the most highly publicised action by the US federal government against hackers at the time.

[55] In the mid-1990s with the rise of AOL dial-up accounts, the AOHell software became a popular tool for phishing and stealing information such as credit card details from new Internet users.

[57] December 1999 featured an unusual case of extortion when Maxim, a Russian 19-year-old, stole the 25,000 users' card details from CD Universe and demanded $100,000 for its destruction.

[59] From the early 2000s, sites like "The Counterfeit Library", also functioning as a diploma mill, grew to prominence, with many of its members going on to join larger cybercrime websites in later years until its closure around September 2004.

[60] In the summer of 2003, separate US secret service and FBI investigations led to the arrest the top administrator Albert Gonzalez of the large ShadowCrew, turned informant as a part of "Operation Firewall".

[61][62] ShadowCrew admin Brett Shannon Johnson managed to avoid being arrested at this time, but was picked up in 2005 on separate charges then turned informant.

When his continued carding activities were exposed as a part of a separate investigation in 2006, he briefly went on the run before being caught for good in August of that year.

One of the few survivors of "Operation Firewall", Mularski was able to infiltrate the site via taking over the handle "Master Splyntr", an Eastern European spammer named Pavel Kaminski.

In late 2006 the site was hacked by Max Butler, who detected user "Master Splyntr" had logged in from the NCFTA's offices, but the warning was dismissed as inter-forum rivalry.

[72] In 2011, alleged site owner Roman Seleznev was apprehended in the Maldives by US law enforcement[73][74] and in 2012, identity thief David Ray Camez was arrested and charged in an unprecedented use of RICO legislation.

[75][76] Horohorin Vladislav, identified as BadB in November 2009 in a sealed indictment from the United States attorney's office was arrested in 2010 by USSS in Nice, France.

[77][78][79] Horohorin Vladislav is also known for being first cyber criminal to promote his illegal activities by creating video cartoons ridiculing American card holders.

[80] In 2011, former Bulgarian ShadowCrew member Aleksi Kolarov (also known as "APK") was finally arrested and held in Paraguay before being extradited to the United States in 2013 to face charges.

[86] In January 2014, fakeplastic.net was closed following an investigation by the US postal service and FBI, after collating previously seized information from TorMail, ShadowCrew and Liberty Reserve.

[100] Meanwhile, most Russian carders selling details do not trust the darknet markets due to the high level of law enforcement attention; however, buyers are more open.

[105] Vladimir Drinkman, 34, a cohort of Albert Gonzalez,[106] pleaded guilty in Camden, New Jersey, that he got credit card numbers from Heartland Payment Systems, 7-Eleven, Hannaford Bros, Nasdaq, Carrefour, JetBlue,[107][108] and other companies from 2005 to 2012.