Credit Card Theft Thrives Online as Global Market
Security experts say the people living in the former Soviet Union — often in Russia and Ukraine — who are operating the marketplaces are typically buying the card numbers from so-called black-hat computer hackers. These hackers obtain the card numbers by breaking into computer systems of online merchants and getting access to thousands of credit-card records at a time.

"This is highlighting a tremendous lack of security," said Richard Power, editorial director of the Computer Security Institute, an association of computer security professionals that recently published a report with the Federal Bureau of Investigation on computer crime. "In the old days, people robbed stagecoaches and knocked off armored trucks. Now they're knocking off servers."

The Internet sites of the online marketplaces are mostly known only to their participants — though that number can run as high as 2,000 registered users. The site operators change their online addresses frequently to prevent monitoring by law enforcement. In the past, credit-card traffickers did business in private chat rooms on the Internet Relay Chat, a communication network, and now they also use the World Wide Web, where it is easy to start and shut down sites to avoid detection.

But there are security professionals who surreptitiously listen in, tracking the supply of card numbers and prices.

John Shaughnessy, senior vice president for risk management and fraud control at Visa USA, said the company was aware of online marketplaces and sought to monitor them, when it could find them. He said it appeared that many of the buyers and sellers of cards were in Asian countries and the former Soviet Union. Some people familiar with the trend have also said that stolen credit cards were being purchased by people in Saudi Arabia and Dubai, United Arab Emirates.
http://www.nytimes.com/2002/05/13/technology/13CARD.html?todaysheadlines