Info Stolen From Millions of Phishing Victims For Sale

The personal information of at least 4 million Britons and a whopping 40 million others, most of whom are Americans, is being bought and sold online. This includes usernames and passwords, credit card details, bank account numbers and more. Most of the information was gathered from individuals who fell for phishing schemes. As a result over 250,000 bank and credit card accounts have been broken into by the cybercriminals behind the scams.

The information is bought and sold on forums and websites that cater to the booming underground economy of cybercrime. Along with consumer details, corporate FTP and email usernames and passwords are also offered for sale.

          “I’m concerned, but I’m not surprised in the least,” said Mikko Hyppönen, chief research officer at F-Secure, the computer security experts. “We’ve seen this going on for quite a while. There’s a mind-boggling amount of information that’s being sold on the underground forums.”

A British company has managed to intercept the data and has compiled it into one central database. The company’s owner, Colin Holder, says he plans to charge individuals for access to it to check whether their info has been stolen. The ethics of such a plan are being debated as is whether Holder’s database itself is legal.