"Cyber ​​thieves" are rampant and explore the black production chain of information data

[[181007]]

Many practitioners said that the behavior of using the black industrial chain to commit fraud is scattered and hidden, and it is very difficult to trace the upstream and downstream and lock the chain of evidence. Some cases even occurred across borders in Africa, Southeast Asia and other regions. The relevant information protection laws are also imperfect and difficult. Combating the black industry requires joint efforts from multiple parties.

With the popularity of e-commerce and mobile payments, consumers carry less and less cash with them, and people joke that "thieves are almost out of work."

However, on the Internet, "cyber thieves" who steal funds and virtual assets from users' electronic accounts are rampant.

Personal information leaked through various channels is processed, resold, and used for telecommunications fraud or credit card theft, forming a huge black industry system and becoming a hidden cancer in the Internet world.

"We have a business team lurking in various black markets for data and observing that professional fraud gangs are rampant in China," said Qiu Han, general manager of Qianhai Credit Information. Many industry insiders agree with this.

Symantec's 2016 Annual Internet Security Threat Report pointed out that there are 1.6 million black industry professionals engaged in online fraud in the Internet data black market, and 600 million pieces of user data are circulating in the black market. According to industry estimates, the economic losses caused by black industry in my country are nearly 100 billion yuan each year.

Recently, a reporter from 21st Century Business Herald interviewed a number of Internet risk control and technology professionals, trying to explore the black industry chain behind the online world.

Hackers, Trojans, Insiders, and Purchasing User Data

"If you are used to using the same username and password, it is recommended that you change them. At least make sure not to use the same username and password in places where you have money." Qiu Han made the above suggestion on many occasions.

With the popularization of e-commerce and the Internet, more and more user behavior data and transaction information are stored on the Internet. Since most users find it difficult to remember too many website login account names and passwords, they tend to use partially identical or similar user names and passwords. This brings convenience but also poses certain risks.

Qiu Han introduced that Internet companies have different standards and investments for data security. Some websites may store user names and passwords in plain text, or without any encryption or firewall blocking. When there is a slight loophole in the system, it will be attacked by hackers to steal user data, and then "crash the database", that is, use these account names, passwords and other information to try to log in to many other websites. Once the same account name and password are used, the hacker will "crash" into the account and steal the user's funds or other related information.

Information theft is the most basic part of the black industry. In addition to hacker attacks, user information leakage is difficult to prevent through Trojan viruses, institutional insiders, social engineering databases, etc.

Details of the investigation into the case of Shandong student Xu Yuyu who died as a result of telecommunications fraud have been revealed. Hackers exploited a loophole in the online registration system to upload a Trojan horse, broke into the system, stole more than 600,000 pieces of candidate information and sold them online. Xu Yuyu's personal information thus flowed from the hackers into the hands of the scammers.

Driven by profit, some employees of some institutions participated in the sale of customer data. The China Banking Regulatory Commission pointed out in the "Notice on Risk Warning of Cases of Customer Personal Information Leakage in Banking Financial Institutions" that some banks have "insiders" who sell customer information for illegal profit.

The China Personal Information Security and Privacy Protection Report, based on 1 million questionnaires, pointed out that personal information leakage is serious, but there is a lack of self-protection awareness. In life, 55% of the respondents did not indicate the purpose of the photocopies of their ID cards, and 34% of the participants used free WiFi without identification.

The Ministry of Public Security disclosed that in the black industry of cybercrime, various phishing websites, mobile phone Trojans, and crimes that steal user personal information are the most rampant. In 2015, the public security departments in various places alone cracked more than 1,000 related cases, involving more than 1 billion yuan.

Wang Shaoqiang, vice president of Jiedaibao and head of the risk control department, told the 21st Century Business Herald reporter that in the traditional black industry, hackers at the upstream obtain sensitive information of users, squeeze out useful information and sell the data to the downstream, and data distributors earn the difference and sell it to the black industry data users. The new black industry, on the other hand, uses terminal channels to penetrate into third- and fourth-tier cities and even rural areas, and purchases a full set of information such as user mobile phone numbers, ID cards, photos of holding ID cards, bank card information and even U-shields at prices ranging from 20 to 50 yuan, and requires the seller not to report the loss of the above materials. Most of these users have never left their place of residence in their lives, and their identity information flows upstream, and in the hands of black industry personnel, they become registered users of social, e-commerce, Internet finance and other products, with good shopping records and microcredit records, but it is unknown when they will borrow a large loan and disappear. Such fraudulent techniques were introduced to the mainland from Taiwan, China, and spread to the southeastern coastal areas and even to the inland areas.

Identifying the user is key

"The essence of the black industry is to realize the corresponding benefits." Cheng Jianbo, senior director of risk management at JD Consumer Finance Division, told the 21st Century Business Herald reporter.

Currently, large websites and institutions generally have identification and defense mechanisms for abnormal accounts. Black industry practitioners will choose to repeatedly try to "crash the database" on small websites to obtain relatively complete personal information of users and then cash in on it.

Cheng Jianbo introduced that JD.com, as a high-frequency trading platform, is often targeted by black industry players. However, such attacks are not specifically targeted at any platform, and all institutions in the industry may face such fraud risks.

"People working in the black market are a very realistic group of people. If they can turn it into money, they will turn it into money. If they can't, they will use it themselves." Cheng Jianbo said that the products they monetize are varied, mainly virtual products such as game coins, recharges, etc. This type of product has formed a relatively mature monetization path; the physical products include mobile phones and even biscuits and underwear.

Wang Shaoqiang said that the root cause of most fraud cases in the market is the leakage of user personal account information, and the platform is unable to identify whether the request is made by the user himself or the fraudster, resulting in user losses. According to incomplete statistics, the amount of four-factor bank card information (name, ID number, bank card number, bank reserved mobile phone number) in the market is over 10 million, and even the five-factor (four factors plus bank cash withdrawal password) information is over 1 million.

In telecommunications fraud cases, since criminal gangs have access to users' detailed personal information, they will also use different roles and change their rhetoric, making it difficult to guard against.

The head of an institution told the 21st Century Business Herald that although the losses caused by black industry operators on a specific platform are not too great, they have a huge impact on the platform's information security, user confidence and reputation, and investment in risk prevention technology accounts for a huge proportion of the platform's expenditures.

"Our risk prevention and technology R&D personnel account for more than 50% of the business team," said Cheng Jianbo. In order to identify whether a transaction is initiated by the user himself, the risk control system developed by JD Finance records every user's behavior, including registration, account login, information modification, application for Baitiao, activation of quick payment, etc. When abnormal information about the device model or delivery address is found, the backend Skynet order system will identify and determine whether there is a problem with the transaction, thereby intercepting the delivery order or requiring cash on delivery.

Wang Shaoqiang also introduced that by cooperating with leading facial recognition technology companies, the risk of fraudulent registration will be reduced.

The black industry is the public enemy of the industry.

Many practitioners said that the behavior of using black industries to commit fraud is scattered and hidden, and it is very difficult to trace upstream and downstream and lock the chain of evidence. Some cases even occur across borders in Africa, Southeast Asia and other regions. The relevant information protection laws are also imperfect and difficult. Combating black industries requires joint efforts from multiple parties.

The reporter learned that a number of information sharing platforms have been established in the industry, such as the "Financial Risk Information Sharing Alliance" supported by the China Payment and Clearing Association, initiated by Tencent Tenpay, JD Finance, Ant Financial, Baidu Finance and Meituan Dianping, and the Internet Finance Industry Credit Information Sharing Platform led by the China Internet Finance Association. While the industry shares information on fraud and illegal and irregular transactions, it will also carry out joint punishment.