Home News Stories 2006 May Personal Data is Cyber Treasure
This is archived material from the Federal Bureau of Investigation (FBI) website. It may contain outdated information and links may no longer function.

Personal Data is Cyber Treasure

Protect Your Information
Personal Data is Cyber Treasure


Credit Card image with codeIt’s no secret the Internet has bred its share of innovation, changing the way we shop, bank, communicate, and do business. But where money’s changing hands, you can bet there’s a criminal writing a nefarious computer code to siphon a piece of it.

Our investigation into recent security breaches across the U.S. that compromised thousands of credit and debit cards is a grim reminder that you can never be too careful with personal information in a heavily wired world. The thefts weren’t just card numbers; included were personal identification numbers (PIN) on thousands of individual debit cards. The case is ongoing, so we can’t release details. But Dave Thomas, head of the computer intrusions section in our Cyber Division, cautions card holders to protect what criminals want most—information about you and your assets.

“They are looking for information that can be bought, bartered, and sold on the Internet,” said Thomas, who describes a criminal underworld that meets in shady online forums to trade bundled stolen card numbers like commodities on an exchange.

Here’s a typical scenario: A careless employee downloads e-mail from an unknown sender and accidentally unleashes malicious code into the merchant’s computer system; the code quietly gathers customers’ card information; the hacker remotely collects the data, then prints new bogus cards or offers to sell or trade the raw information to a faceless entity in an online chat room full of like-minded hackers and black marketeers. The buyer could be from anywhere, which is how fraudulent charges from overseas could appear on your billing statement, even if your card is still securely tucked in your wallet.

“The spread of high-speed communication has brought with it an increase in cyber crimes,” Thomas said, citing the ease with which criminals overseas can bait their Internet traps in the U.S. “Everyone else’s criminals are our criminals.” Stolen cards played a central role in the Mytob and Zotob worms that originated overseas and wreaked havoc on U.S financial and media companies last summer.

Financial institutions that issue credit and debit cards are one of the biggest cyber targets. Recent studies show more than 35 percent of Trojan attacks in 2005 targeted the financial and banking sector. Six in 10 U.S. businesses believe cyber crime costs them more than physical crime.

“They’re really not going after the person that’s shopping online. They’re going after the databases, ” Thomas said. With that in mind, it’s all the more prudent to hold personal records close to your vest by regularly reviewing credit reports and bank statements.

Online scams should be reported to the FBI’s Internet Crime Complaint Center (IC3). You can learn more about Internet fraud and test your web savvy at lookstoogoodtobetrue.com, a website created to help prevent you from becoming a fraud victim.

Resources: Cyber Crimes stories | Cyber Investigations | Internet Crime Complaint Center (IC3) | InfraGard