A fence specializes in the sale of stolen goods, buying from thieves and selling to (often) unsuspecting buyers at a higher price. E-fencing involves selling stolen goods or information online through marketplaces ranging from mainstream sites such as Ebay or Amazon to gray-area avenues including Craigslist or private social network groups to secret marketplaces on the deep web. Despite the challenges of policing online marketplaces, security experts and web developers are implementing measures that will make selling stolen goods online more difficult.
Who Steals What, And How Do They Fence It?
Thieves steal to make money, and they quickly learn what to take, who to sell it to, and how not to get caught. And, as in any “business,” they also keep up with trends in their field. “Considerable changes to the stolen goods landscape has been found,” researcher Rebecca Thompson writes in a recent article in the Journal of Research in Crime and Delinquency, “with a shift from more traditional items such as cash and purses/wallets to portable electronic items such as mobile phones.” Increasing in popularity is the theft of data, identity, and financial/credit account information. Stolen credit card information is being sold at prices ranging from $20 to $100 on the dark website Rescator, award-winning technology writer Jaikumar Vijayan reports in a May 2015 article in The Christian Science Monitor. The dark web, formerly a small market made up of networks of individuals, has in recent years “transformed into a playground for financially driven, highly organized cyber criminals,” he writes, citing a recent RAND Corp study. E-fencing activities tend to concentrate in certain categories of stolen goods, including:
- Small items of high value, such as portable devices, designer purses and wallets, and other easily grabbed items.
- Larger, high-priced items, which often involve break-ins, looting/rioting, or robbery.
- Private/personal data, financial account numbers, documents, and other digital information typically obtained through hacking or social engineering.
Criminology expert Michael Sutton writes in his Stolen Goods Markets guide that the qualities that make an item attractive to a thief can be summed up in the acronym CRAVED: Concealable, Removable, Available, Valuable, Enjoyable, and Disposable. E-fencing has increased exponentially as a method for selling stolen goods, according to Congressional Research Service’s Domestic Security Specialist Kristin M. Finklea. “While criminals may profit about 30 cents on the dollar (30 percent of the retail price) by selling goods at physical fencing locations,” she writes in a report on organized crime, “they can make 70 cents on the dollar via e-fencing.” The sudden emergence and profitability of e-fencing has given rise to organized cybercrime. In the International Journal of Cyber Criminology, the ANU Cybercrime Observatory in Australia identifies several types of organizations, including:
- Swarms – Disorganized organizations with a common purpose but without leadership. The Hacktivist group Anonymous fits into this category.
- Hubs – Online cybercriminal groups that involve a focal point (hub) of core criminals around which peripheral associates gather. LulzSec, a black hat hacking group claiming responsibility for several high profile security breaches, belongs to this category.
- Hybrids – Swarms or Hubs that move between online and offline (real world) environments.
- Hierarchies – Highly organized criminals who operate primarily offline but use the Internet for activities such as prostitution, gambling, and extortion. Crime families now belong to this group.
Where Does E-Fencing Occur?
E-fencing occurs either 100 percent online or uses the internet to connect sellers and buyers. Some of the more widely used fencing venues include:
- Major online marketplaces such as Ebay and Amazon – Stolen goods are sold alongside legitimate items.
- Online classified sites such as Craigslist or Backpage – Items are listed as simple classified advertisements.
- Mobile apps such as LetGo and OfferUp – Pictures of items are uploaded into an app and sold quickly to nearby buyers.
- Facebook and other social networks – Private groups can be formed by location or interest for the buying, selling, and trading of goods.
- The deep web – Items are sold, typically for cryptocurrency such as Bitcoin, on anonymous websites that can be viewed only with a special browser.
RAND Corporation experts Lillian Ablon, Martin C. Libniki, and Andrea A. Golay assess predictions about the future of the stolen data market in their paper, “Markets For Cybercrime Tools And Stolen Data.” “There will be more activity in darknets,” they write, “more checking and vetting of participants, more use of cryptocurrencies, greater anonymity capabilities in malware, and more attention to encryption and protecting communications and transactions.”
Security experts advise online shoppers to watch for red flags, including:
- An unreasonably low price
- A seller’s ratings that look or sound fake.
(The McAfee Institute, in its blog, warns that “some sellers have admitted to posting fake ratings. To reduce your risk of becoming a victim, be skeptical of the reviews that lack detail or are too positive.”)
- Sellers who have too many items for sale in brand new (tag still on) condition.
- Unusual or bizarre information in the seller’s post, such as strange payment or shipping requirements, descriptions of the item as “found,” or claims that a device is “password locked.”
Owners and administrators of online marketplaces are under pressure to step up their efforts against stolen merchandise. As a result, they are implementing more stringent identification verification measures, background checks, encryption and security measures, and stricter sales guidelines. Manufacturers are striving to produce products with better security features, such as RFID chips, tracking services, product registration, and (with mobile devices especially) face recognition, retina scans, fingerprint scans, and voice recognition. Sutton, in Stolen Goods Markets, writes that law enforcement has implemented several strategies to crack down on e-fencers, including:
- Establishing multiagency partnerships
- Improving an agency’s capacity to investigate stolen goods
- Learning where known (caught) thieves sell their goods
- Encouraging citizen reporting of suspicious trading behavior
- Conducting publicity campaigns to discourage the purchase of stolen goods
An Uphill Battle
E-fencing is a difficult fight to win. Only education (learning what to look for when shopping online), watchdogging online trades, and organizing law enforcement efforts can help fight the online stolen goods trade. Maryville University offers undergraduate and master’s degree programs in cyber security. Coursework includes topics such as cryptography, cloud security, incident handling, mobile forensics, and penetration testing. Students can log into their classroom anywhere, on any device, at any time with the Maryville Virtual Lab. More information is available at Maryville University’s online cyber security website.
Portable Electronics and Trends in Goods Stolen from The Person – http://irep.ntu.ac.uk/id/eprint/28797/1/PubSub6336_Thompson.pdf
The Identity Underworld: How Criminals Sell Your Data On The Dark Web – http://www.csmonitor.com/World/Passcode/2015/0506/The-identity-underworld-How-criminals-sell-your-data-on-the-Dark-Web
Markets for Cybercrime Tools and Stolen Data – http://www.rand.org/content/dam/rand/pubs/research_reports/RR600/RR610/RAND_RR610.pdf
Stolen Goods Markets – http://www.popcenter.org/problems/pdfs/stolen_goods.pdf
Organized Retail Crime – https://fas.org/sgp/crs/misc/R41118.pdf
The Online Stolen Data Market: Disruption and Intervention Approaches – http://www.cl.cam.ac.uk/~ah793/papers/2016disruption.pdf
Learn Where Fraudsters Are Selling Stolen Goods Online – http://blog.mcafeeinstitute.com/learn-where-fraudsters-are-selling-stolen-goods-online/
Organizations and Cyber Crime: An Analysis of The Nature of Groups Engaged in Cyber Crime – http://www.cybercrimejournal.com/broadhurstetalijcc2014vol8issue1.pdf