A peek inside a boutique cybercrime-friendly E-shop – part four

By Dancho Danchev

Over the past couple of months, I’ve been periodically profiling the monetization tactics applied by novice cybercriminals, a market segment of less technically sophisticated individuals looking for ways to cash out on their fraudulent Web activities.

The rise of this market segment can be contributed to the rise of managed cybercrime-friendly services and DIY tools, allowing everyone an easy entry into the world of cybercrime.

In this post, I’ll profile yet another recently launched cybercrime-friendly E-shop, and emphasize the emergence of these over-the-counter (OTC) trading E-shops.

More details:

Sample screenshots of the boutique cybercrime-friendly E-shop:

As you can see in the above screenshot, the novice cybercriminals are currently listing 22 fraudulently obtained items for sale. Selling items including compromised email accounts, compromised FTP accounts and Linux shells, the individual behind this E-shop is actively looking for ways to monetize the fraudulently obtained assets.

What makes an impression in comparison to the previously profiled boutique cybercrime-friendly E-shops, is that all the novice cybercriminals rely on the same E-shop module. This standardization inevitably leads to efficient monetization models, as long as the shop’s owner continues to supply a steady flow of new assets. Which is exactly what I’m not seeing. For instance, the three previously profiled E-shops are now gone, and their authors are no longer advertising their presence at selected cybercrime-friendly communities. Why? Their immature business models, lack of periodic inventory updates, and relatively modest inventories, result in small interest in their underground market propositions.

In comparison, sophisticated cybercriminals rely on affiliate networks, franchise models, market segmentation, price discrimination, and generally avoid monetizing commodity underground items in an attempt to differentiate their underground market proposition and gain more market share, resulting in a recognized and trusted brand name, a respected vendor serving a specific market niche.

We’ll continue monitoring this emerging market segment.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

2 thoughts on “A peek inside a boutique cybercrime-friendly E-shop – part four

  1. Pingback: A peek inside a boutique cybercrime-friendly E-shop – part five « Webroot Threat Blog – Internet Security Threat Updates from Around the World

  2. Pingback: Webroot’s Threat Blog Most Popular Posts for 2012 « Webroot Threat Blog – Internet Security Threat Updates from Around the World

Join the Conversation

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s