Catch up with previous research on the topic:
- Newly Launched 'Scanned Fake Passports/IDs/Credit Cards/Utility Bills' Service Randomizes and Generates Unique Fakes On The Fly
- A Peek Inside the Russian Underground Market for Fake Documents/IDs/Passports
Sample screenshot of the advertisement:
Among the rarest type of such vendors is the experienced one who tends not to advertise at public or commercially accessible cybercrime-friendly communities. Although it would seem fairly logical to assume that the applied OPSEC (Operational Security) would be directly proportional with the decrease in processed orders since it would limit the visibility of his services within the cybercrime ecosystem, that's not necessarily the case when quality, experience, sophisticated, and, of course, high profit margins based on perceived value come into play. In between the lack of mass advertisements, the vendor would also not list his contact details, and would only do business with cybercriminals with proven reputation within not just the community in question, but also, across the entire ecosystem.
Next are those vendors who'd sacrifice OPSEC, for the sake of reaching as many customers as possible in an attempt to monetize this market 'touch point' with other prospective cybercriminals. They advertise on public and on commercially accessible cybercrime-friendly communities, usually have a decent reputation, with generally positive feedback from their customers, and of course, never fail to 'deliver' what they pitch.
There's yet another type of such vendors, worth discussing. It's those who 'populate' a newly launched community with their propositions, and most often target novice cybercriminals with zero understanding of cybercrime ecosystem reputation dynamics, who are still looking to purchase this desired, but largely commoditized underground market good.
With more vendors of fake IDs/documents popping up across the entire ecosystem, the series of blog posts profiling their activities, are prone to expand.
This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.