How your data becomes Gold for Criminals

In our last instalments The Trail of Illegality, Phisihng Extorsion and Defamation, The Secrets of the Iluminati and Illegal Financial Entities and Fake Driver’s Licenses Noti.Group delved into the operation of an International network of organized crime that runs financial intermediaries and unregistered forex brokers, extortion sites, Illuminati groups that offer financial freedom in exchange for a subscription, a fake fan club of a Mexican singer and a multitude of phishing websites with copies of legitimate sites used to defraud.

Today we will take the public hand in hand into an investigation of illegal databases being sold on the internet, and how your stolen data is sold to almost anyone.

A source provided Noti.Group’s investigative team with unprecedented access to an ongoing criminal investigation of entities operating behind the scenes, creating a world that seeks to separate their victims from their money, who without suspicion unwillingly provide their information, credit card and their personal data on sites that at first glance seem legitimate, today we will discover how and where these databases and financial information is being sold on the internet.

Ghost Financial Companies

In our investigation regarding Illegal Financial Entities Noti.Group uncovered four allegedly illegal financial companies that claim to engage in Foreign Exchange or Trading activities, however, as we revealed in our investigation, these unregulated companies are engaged in allegedly criminal activities.

The financial regulator in London confirmed Noti.Group that none of the companies referred to in our article were part of the Financial Services Register (FSR) nor that they were authorized to do business, the regulator also confirmed that the companies information is currently in the  Unauthorized Businesses Department (UBD) suggesting a possible investigation on the case, Noti.Group found that the French Financial Market Authority AMF issued a warning on one of the companies after the publication of our article regarding Illegal Financial Entities.

Our editorial research team went depth into the Internet by doing an independent investigation jointly with a security research firm to verify what real use is given to the personal data collected by these criminal groups. After weeks of research, we found that the data illegally collected by Financial Intermediaries is for sale on specialized internet sites.

The Database intermediation website written in English and Russian, any buyer can access the different offers available, including an offer to buy the information of the more than 1,300 “clients” of the CFDs and binary options Broker, which includes the database of clients of these brokers located throughout Europe and in Russia.

The same happens with the clients of the Forex companies, the complete database can be purchased for only $ 50 U.S. Dollars, the Criminal Group also sells a Master database that includes 700 million Contacts obtained from Shopping, Trading, Games and Online Stores.

The Noti.Group investigative team also found sites dedicated to the illegal sale of Government databases, Driver’s licenses, and Passports as seen in the images, these sites promise to create a good fake copy of a Passport for only $ 899.00 U.S. dollars

Cloned Credit Cards

Carding is the activity of obtaining credit card numbers at ATMs and POS (points of sale) using a technique known as Skimming, or by incorporating a keyboard that attaches on top of the factory keyboard on the ATM and a card reader that attaches to the slot where users feed their card into the machine.

The system copies the data from the original card and saves it into identical copies of the original called cloned cards. Once the card numbers have been obtained, they are concentrated in a database and the new cards are printed using blank plastic cards.

Noti.Group found the sites specialized in cloned credit cards where the sale is made, the site that our team had access to even offers to personalize the cloned cards by reprinting the new cards with the image of the original bank card on it and will include the name of the fraudster in the print so that when the fraudster appears in the store the falsification may be undetected by store personnel, even in cases where an official identification is requested.

The site offers Visa, Master Card and American Express cards conceited that their business partners are located all over the world and warn possible buyers that they are “only interested in large operations”, the site explains how to operate the fraud locally .

“You can cash out by yourself or re-sell the cards locally or you can hire some dudes to cash it out for you for a small fee. “

Mexico and the Philippines

According to the information from the investigation to which Noti.Group had access, the criminal group is related with theft and redistribution of government property (databases) including the Pilipino Comelec Electoral Database (the Philippines country’s electoral commission).

It is estimated that almost 55 million Filipinos are at risk of identity theft and impersonation, the Database being sold online contains more than 50 million individual registries according to security researchers at Trend Micro. That Database contains a huge amount of very sensitive personal data, including the fingerprints of 15.8 million individuals, passport numbers and expiry dates of 1.3 million overseas voters.

In Mexico, the criminal group have access to multiple government databases and private entities, the databases of the Secretariat of Finance and Public Credit also called Hacienda (SHCP), the user base of the largest fixed telephony operator in the country Telmex, and a complete copy of the Mexican voter registry containing more 87 million of Mexican voters cards (INE Cards) are all offered for sale by the criminal group.

According to the investigation, illegal data extraction activities in Mexico have occurred since 2012 and had impacted almost 87% of the Mexican population, the dabase version currently being sold by the criminal group is an updated voters registry from January 15^th 2015, Mexican authorties have been unable to arrest the individuals responsible, in October 2018 they issued a statement informing the public that they were only able to recover three computers a celphone and a hard drive linked to this data breach.

Card Cloning Activitites

The Group is also related with Carding activities, In the site simply named “Wallstret” hosted in a PHP BB forum, we found an exchange between dealers and potential business partners, the member of the criminal organization tells potential buyers that they sell 25,000 cloned Mexican credit and debit cards for only 4,000 Mexican pesos (the equivalent of $ 180 U.S. Dollars), if this is not enough, you can choose the next larger package including 60,000 cards for only 7,000 Mexican pesos (the equivalent of $ 350 U.S. Dollars). The packages for sale include the complete information of the cardholder, his address, telephone numbers, date of birth, gender and the security code of the card.

As per the site screenshot, the seller claims that interested buyers should contact an email *****@sigaint.org to enquiry on regards to the Databases, the member of the organization indicates that they will only accept serious offers.

According to the information to which we had access, the email controlled by the website http://siguint.org belongs to Fastmail Pty Ltd a company registered in Victoria Australia under a P.O. Box (PO Box 234 Collins St West 8007 Victoria Australia) the sigaint.org domain was sold by the company Namecheap, Inc. in Arizona in the United States.

Once the offer is made, the buyers offer to pay with deposits via Western Union and Bitcoin, the seller replies that it is possible to receive deposits in a mexican bank account, if they are made within that Country.

Among the potential business partners that respond, the user Mrjjblack expresses his interest by offering, among other things, to help the “provider” to become a “trusted” person and grow within the illicit business of credit card sales if of course “all goes well [with the deal]”.

Other criminal activities found by our team include the distribution and sale of Amazon Mexico Prepaid Cards which are offered for only a quarter of the price of the card.

Cards being sold are available for $100, $200 and $400 Mexican Pesos.

The Greek Case

Back in 2012 in Greek authorities discovered that a 35-year-old hacker gained access to a rough nine million data files according to Reuters, including addresses, ID card data, tax ID numbers and even license plate numbers the suspect had access for almost 83% of Greece’s entire population. The police was able to trace and caught the individual behind the hack which is now serving time behind bars.

However, such as in the Mexican and the Philippines case, it will be in the end, hard to estimate the damage to all victims as identities are being used every day for illegal purposes, identifying exactly how many persons will be affected is a matter of waiting a long time. There is no way of knowing exactly what the specifics damages will be until criminals use that information. Nevertheless, all these stolen records, such as national identity cards, passports, credit cards, tax records and personal information is as of today currently being sold on the web which will surely impact all affected individuals.

If you have information about this article or the subjects related, please contact us at [email protected]

[This article may have been written with information from various sources.]