Sites selling stolen credit card information shut down

Posted by Dr Alistair Phillips in Identity Theft on 4 May 2012 - Ali is a Senior Developer at checkmyfile

After 2 years of investigation, police in Australia, Europe, the UK and US have succeeded in closing over 30 websites selling stolen credit card information. It has been reported that the details of over two-and-a-half million credit cards were recovered, estimated to have prevented fraud of at least £0.5bn.

Thieves and hackers use various methods of getting hold of this information, and of stealing our identities, many of which can be thwarted by taking a little more care, especially online.

Identity thieves often use a technique known as “social engineering” – fooling the user into doing what the thieves want. This can be done in a variety of ways, such as emailing the user with an interesting-looking attachment (which, once opened, installs malware onto the victim’s computer), or sending a link in an email which takes the user to a “booby-trapped” website (which, when visited, installs malware onto the victim’s computer). This malware may then sit on the victim’s computer, searching for information on the user’s identity, passwords and anything else which could prove useful to the identity thief. It could even scan all the key-strokes on the user’s computer – this is then uploaded for later analysis to the thief’s computer.

Another common trick is to send an email which looks, at first glance, as if it comes from the recipient’s bank. People are becoming savvier to the fact that banks never ask for online banking information via email, and so many of these emails contain a link which appears to access the recipient’s online banking. This link often leads to a very credible and accurate representation of the actual bank’s website, although all it does is record the user names and passwords of anyone fooled into trying to “log in”.

Although these emails look quite genuine, there are sometimes tell-tale signs that not all is at it seems. They are often addressed “Dear Sir” regardless of the recipient – they don’t know your name, or even if you’re male or female. The English is often quite bad grammatically (but not always!). They usually claim that “there’s a problem with your account” or that your “account security has been upgraded” and that you need to click on the link in the email and change your login details (exactly what the thieves want from you).

The best thing to do is to delete such emails immediately. Some banks have an email address you can forward the email to. If you think that the email may have been genuine, contact your bank to be sure or navigate to your bank’s website directly to see if there are any instructions on there – don’t click on any links in the email itself. Before logging in, make sure that the web address at the top of the browser starts “https://” (the “s” is the important part here) - the browser sometimes displays a padlock symbol or changes the colour of the address bar as well. Ensure that the antivirus program on your computer is always up to date, but don’t rely on it – think before you click!

Regardless of what actions you take to protect yourself, it’s a good idea to keep an eye on your credit file. That will tell you instantly if someone has opened an account in your name.

Dr Alistair Phillips is one of our longest serving Senior Programmers at checkmyfile. You can contact him at

Personal Data in the Wake of Facebook/Cambridge Analytica

Strange as it might sound to some, huge numbers of people routinely complete online surveys through Facebook to find out which football player they are most like, which Hogwarts house they should be in or how much money they will be earning in 2050. The truth is, every time you volunteer seemingly innocuous information or consent to share profile information with an app, your data is probably going somewhere to be used for another purpose.

Published on 17 Apr 2018 by Paul Anderson-Riley

Full Article

Identity Fraud: What To Do If It Happens To You

Year on year, there has been a substantial rise in the number of identity fraud cases being reported to organisations such as Cifas, the UK’s fraud prevention service. It’s no real surprise when you consider the crime can be committed from the comfort of someone’s home without ever having to risk showing their face.

Published on 6 Feb 2018 by George Coburn

Full Article

What's a Politically Exposed Person (PEP) & Why is it on my Report?

PEP stands for Politically Exposed Person, which would typically relate to an individual who has a prominent public title or function. If you receive this classification, often you will have to undergo additional security checks when applying for finance. Your credit file will tell you if you have been identified as a PEP, however for most people it isn’t something they’ll need to worry about.

Published on 8 Jan 2018 by Paul Anderson-Riley

Full Article

Brits continuing to fall for HMRC and Apple gift card scam

At the face of it, it seems a bit odd that the company responsible for collecting taxes would request payment from individuals in the form of an Apple iTunes gift card, but according to Action Fraud, this scam has continued to be profitable for fraudsters. The scheme first came to light in May last year and Action Fraud have received hundreds of complaints since then.

Published on 30 Jan 2017 by George Coburn

Full Article

Yahoo’ve been hacked – Yahoo in largest ever reported data breach

In the last two years, we have already been alerted to data breaches at Three Mobile, Tesco Bank, TalkTalk, Morrison’s, Steam and Sage, amongst others. The scale of these hacker attacks have varied. But none have come close to the newest report.

Published on 16 Dec 2016 by Ben Tumilty

Full Article

Lloyds bank letter scam

Millions of consumers have been warned to be vigilant and question written correspondence from their banks following a sophisticated scam which has targeted customers of Lloyds Bank.

Published on 12 Dec 2016 by Kirstie Brown

Full Article

Digital footprints - taking a step in the right direction

Credit reports and the internet are now not too far away from each other in evaluative skill, as there is a lot that can be learnt about an individual from their online presence.

Published on 1 Dec 2016 by Paul Anderson Riley

Full Article

Another giant data breach

Only last year a communications giant had a serious data breach, which left customer’s details in the hands of fraudsters. But following in Talk Talk’s footsteps, the mobile giant Three have revealed that over 400 phone handsets had been stolen thanks to a security breach where fraudsters were able to login to Three’s systems.

Published on 22 Nov 2016 by Ben Ryland

Full Article

The Taxing Scammers

Some people question paying taxes in the first place, so it’s no surprise that around 50,000 people a day are being targeted as a part of a tax refund scam in the UK. Personal details have been shared with scam artists pretending to be government officials claiming that a refund could be due.

Published on 1 Nov 2016 by Paul Anderson Riley

Full Article

British banks still failing to protect customers from ID theft

Consumer group Which? has today criticised some of the biggest banks in Britain for failing to invest in security systems that would better protect their customers from fraudulent activity. This criticism comes as a result of a 64% increase in online banking fraud last year alone, with losses of £133.5m. Fraud for phone banking rose 28%, with losses of £323.3m.

Published on 27 Oct 2016 by Kirstie Brown

Full Article


We have loads of great customer reviews