Trust among cybercriminals? Carding forums, uncertainty and implications for policing

Abstract

At the beginning of the twenty-first century, before the power of online social networking became apparent, several studies speculated about the likely structure of organised cybercrime. In the light of new data on cybercriminal organisations, this paper sets out to revisit their claims. This paper examines the structure of organised cybercrime by analysing data from online underground markets previously in operation over the Internet. In order to understand the various structures of organised cybercrime which have manifested, theories are drawn from social psychology, organised crime and transaction cost economics (TCE). Since the focus is on how uncertainty is mitigated in trading among cybercriminals, uncertainty is treated as a cost to the transactions and is used as the unit of analysis to examine the mechanisms cybercriminals use to control two key sources of uncertainty: the quality of merchandise and the identity of the trader. The findings indicate that carding forums facilitate organised cybercrime because they offer a hybrid form of organisational structure that is able to address sources of uncertainty and minimise transaction costs to an extent that allows a competitive underground market to emerge. The findings from this study can be used to examine other online applications that could facilitate the online underground economy.

Keywords:

• organised cybercrime
• carding
• underground economy
• trust
• transaction cost economics
• social network

Notes

1. http://money.cnn.com/2012/03/02/technology/fbi_cybersecurity/index.htm.

2. http://www.aic.gov.au/about_aic/research_programs/staff/~/media/staff_presentations/tomison_adam/2011-02-trends.pdf.

3. The IRC is a command-based communication tool that operates over the Internet. However, it uses the IRC protocol rather than the web (HTTP).

4. We have, however, been granted ethical approval for the use of these forums by our University Ethics Committee.

5. Although, see Yip et al. (2012a) for a discussion on the need to be aware of the way that cybercrime can drift on and off-line.

6. This refers to the address of a drop location.

7. Where quotations from forums are used we present them as they appear, spelling and grammar mistakes included.

8. http://www.justice.gov/opa/pr/2004/October/04_crm_726.htm.

9. http://www.guardian.co.uk/technology/2010/jan/14/darkmarket-online-fraud-trial-wembley.

10. http://www.wired.com/techbiz/people/magazine/17-01/ff_max_butler?currentPage=1.

11. Pseudonyms created by the authors are used throughout when using extracts from the forums.

12. Credit Card Dumps, the collection of data needed to produce a fake credit card or buy goods remotely over the Internet, for example. Often a dump can contain hundreds of credit card details (see Peretti 2008).