Evidence of the credit card frauds – revealed exclusively here – has been found on copies of six computer hard drives that were seized from Landslide by police, the FBI and government agents. Copies of the hard drives were made for the Landslide trial. Late in 2006, the copies were flown to Britain to be examined by defence computer experts (including the writer).
As soon as the hard drive copies were opened, it was obvious that Landslides activities had been riddled with fraud. Independent computer expert Jim Bates, of Computer Investigations, said ‘the scale of the fraud, especially hacking, just leapt off the screen’.
The previously undisclosed computer files showed that Landslide had been plagued by a range of credit card fraud rackets, known in the industry as Card Not Present (CNP) frauds. CNP transactions occur when the cardholder, or someone pretending to be them, provide their card and personal details over the internet, or by phone.
The people who do it call it ‘carding’. CNP fraud has increased exponentially over the past decade to become the largest type of card fraud in the UK.
‘Carding’ has been carried out over the internet in international black markets since the mid-1990s. Organised groups with closed websites and chat groups, such as CardersMarket, DarkMarket, TalkCash or TheVouched, trade stolen credit card data in bulk ‘dumps’, pricing it according to its potential fraud value. Prices advertised in their net postings range from $30 for a single ‘virgin’ (unexploited) Visa Gold card to $10,000 for a bumper file of 4,000 stolen American Express card and user details just $2.50 each.
A typical dump of British credit card holders’ stolen data contains not only card numbers and expiry dates, but name, address, date of birth, email, personal password and even mothers’ maiden names – everything needed for complete and convincing frauds.
‘Phishing’ was a word nobody had heard of in 1999, and the way the carders harvested data from their victims was simpler than today’s carefully crafted and deceptive spam emails.
They advertised cheap adult sex sites on the internet, and offered access in return for a credit card payment, perhaps as little as $1.95. A customer who signed up had to provide his or her name, address, card details, and email address and password. That was all the carders needed. The data collected could then be reused or traded online with other fraudsters.
Carding through phoney (or real) porn sites is a simple way to earn millions because nothing has to be delivered. Operating out of Indonesia, Russia or Brazil, many of Landslide’s webmasters appeared to have obtained and swapped lists of stolen cards and charged them up through different portals. Transactions were usually for repeated small amounts of less than $50.
Many victims were charged numerous times by websites they’d never heard of. Some noticed, and applied for ‘chargebacks’ – refunds provided by the bank when unauthorised transactions have taken place. Most people didn’t notice or couldn’t find out how to get refunds.
Under British law and the Human Rights Act, lawyers and experts are supposed to have the right to check all the evidence that might be relevant to a defence case. But since Operation Ore began, the police unit responsible has refused to allow full checks on the computer evidence by independent experts, and has sought to restrict access to police-approved experts only.