The illegal trade of identity documents on the surface Web and in Onionland
The online market of forged identity documents is quickly evolving. Sellers of these documents operate both on the surface Web and the deep Web, specifically in ‘Onionland,’ thanks to the typical features of the internet; anonymity, gaps in the legislation, and the absence of an actual tangible distance in cyberspace create an environment that provides several advantages to fraudsters.
The market has been studied with a criminological approach, mainly virtual ethnography. The analysis was conducted on the surface Web and on the part of the deep Web called ‘Onionland.’ While the former is the part of the Web that most people use routinely, the latter may need some further explanation.
Onionland
Onionland is part of the deep Web, made of dynamically‑generated internet content that cannot be accessed by a link crawling search engine such as Google.1 Onionland is a darknet, a sort of parallel Web, which can only be reached using a specific software called Tor. Tor, an acronym for ‘The Onion Router,‘ was initially designed and implemented by the US Naval Research Laboratory.
Its primary purpose was the protection of government communications. Although still used by the military, Tor is nowadays employed for a wider variety of reasons by ordinary people, journalists, law enforcement officers, activists, criminals, and many others. It is a network of virtual tunnels that allows people and groups to improve their privacy and security on the internet and to remain anonymous. This is the main reason why Tor became so successful (there are a few million users connected every day) and why it is also a perfect place for illegal activities.
During the research, 50 websites and blogs that produce forged identities were analyzed, and 65 vendors were contacted through email. An essential source of information was the forum ‘Complaintsboard.com,’ where hundreds of posts and comments linked to the market were analyzed.
Sellers on the cybermarket
The profiles that emerged from the research showed significant differences. It was possible to isolate three main types of sellers:
• Group A: Website owners: sellers who manage a website or a blog used as an online shop. They are present both on the surface Web and in Onionland.
• Group B: Email sellers: sellers who spam forums with advertisements to publicize their products. They are massively present on the surface Web but rare in Onionland. 85% of this group are likely scammers and ‘con artists.
• Group C: Onion vendors: vendors active in Onionland who use dedicated illegal markets, such as Black Market Reloaded, Silk Road and Sheep, or specific forums.
Group A: Website owners on the surface Web
The website owners active on the surface Web usually work in a team. Every team member has a specific function: managing the website, sourcing the materials for the products, or creating forged documents. These websites are likely built-in offshore servers or Eastern European or Far East countries, weaker criminal legislation. Websites and blogs are built up similarly: the homepage presents links to products, prices, contacts, and FAQs. Sellers deny any responsibility for the production and commercialization of forged identities, arguing that the documents are just for fun, without any unlawful intent, and that they should not be used for illegal activities or as genuine documents.
Payment methods and prices
Discounts are often offered if the client buys a special deal such as ‘the full identity package’: an identity card, a passport, and a birth certificate (although the products can vary). There are different methods of payment depending on the seller: cash, cheques, bank transfers, credit cards, and Western Union or an equivalent are accepted, but also PayPal, Ukash, MoneyGram, or even Bitcoin. Upfront payment is the rule, which can vary from 15% to 60% of the total amount. This is justified as cost for materials, machines, and bribery. Since the upfront payment is often an indication of a scam, some sellers follow a scheme directed to gain the client’s trust. First, they take the order, after which they send a video that shows the creation of the requested document. When the customer’s trust increases, they ask for the upfront payment.
Many websites claim to provide any identity document, but their reliability is low. Others are instead specialized in particular products:
• American social security: USD 500 – 630;
• American Birth certificates USD 220 – 330;
• IDs and driving licenses of European countries (mainly Germany, Italy, France, Spain, and The Netherlands) and English‑speaking countries (United Kingdom, Australia,
New Zealand and Canada): EUR 300 – 650.
Some websites specialize in passports. In general, they claim to provide both counterfeit passports (which they call ‘fake’) and original ones. A fake passport has a low quality: the buyer receives a copy or a scan of a genuine passport, which can be used to purchase products on the Web or prove identity when it is not necessary to show the document physically. Forgers speak about ‘original’ documents when they claim to provide a passport with all the standard security features registered in a national database. This product is more expensive and promises to start a new life, but it should allow travel and pass security controls.
Passport scans or replicas cost EUR 1200 – 3200. For a supposedly genuine one, the vendor asks EUR 33,500 – 74,000 (Indonesian) up to EUR 72,000 for a passport from the United Kingdom, but prices can go up to EUR 870,000 for a diplomatic passport. Prices depend on the chosen nation: the European countries are the most expensive.
Some companies also provide non-existent documents and consequently scam the client. Examples are the ‘European identity card’ or the ‘European work permit card.’ 2
Group A: Website owners in Onionland
The sellers of Group A in Onionland are organized slightly differently than on the surface Web. First of all, sellers in Onionland ask clients to register themselves on their website with a username and a password. Secondly, it is impossible to access the website’s entire contents without registration and contact the seller directly. Thirdly, all the companies specialize in selling only a limited number of documents, such as passports from a small group of selected nations. The only accepted payment method is Bitcoins. Passports are the primary documents available: the website ‘Onion Identity Services’ sells Canadian passports for USD 62,500, Dutch ones for USD 53,150, and a passport from the UK costs USD 84,000. For identity cards or driving licenses, the amount varies from USD 900 – 3,000.
Group B new identity
Email sellers are involved in verbal fights in forums and websites such as complaintsboard.com. This ‘war,’ using techniques of social engineering using social media accounts, is made by fake and real feedback written, on the one hand, to gain the clients’ credibility and trust, and on the other to destroy the reputation of the competitors. The wording analysis shows that the contents and approaches are always the same: the seller affirms his abilities and long experience in the field, warning the client of the risks of dealing with other retailers.
The products offered by email sellers range from passports to identity cards, from driving licenses to birth certificates, for every nationality. Sellers claim to provide copies, new identities and tampered/used documents belonging to other people. In the latter case, only the photo and the data physically printed on the passport are replaced, while the information on the chip is still one of the previous holders to allow them to disappear completely. These documents can be safely used if they are not verified with a machine reader or used to check credit history.
Other vendors claim to produce e‑Passports registered in the database of the issuing country. They assure to work with groups of hackers who can break into a system and modify the database. Nonetheless, it is doubtful that they can change public and secured databases in a short period, considering that their delivery time is two to seven days.
All sellers provide email addresses, telephone numbers (usual numbers in Western Africa), and Skype contacts. Some email sellers are active on Facebook and YouTube.
The price for a genuine passport ranges from EUR 8500 – 132,500, while for a fake one, the cost lies between EUR 8500 – 16900. Identity cards and driving licenses are cheaper, up to EUR 1000.
Group C: Onion vendors
The final group is represented by onion vendors who mainly use dedicated markets in Onionland, such as Silk Road or Black Market Reloaded. They also place their advertisements in other forums where it is possible to buy weapons, drugs, and stolen credit cards. What are the differences between the different groups?
First, onion vendors must register themselves on the market to sell a product. They can choose to be ‘vendors & purchasers’ or only vendors, but unlike the purchasers (who must be registered as well), vendors immediately have to pay a fee to rent the ‘advertising space.’
Secondly, they are limited to self‑made internal regulations that help build trust with clients. The customers and the other vendors can use their social control by denouncing fraudsters or unreliable sellers. At the same time, the market owners can exercise a helpful formal control to reduce the risk of opportunism. The consequences for failure to comply with the regulations can be immediate expulsion from the website. It is difficult to say how strict the website controls are. Still, these policies are likely to be essential for the platform itself: the other sellers have all the advantages to stop a fraudster, particularly if they want to keep an open market where clients feel safe. It is a way to maintain trust based on reputation.
Finally, and most importantly, there is a system of feedback. Customers can leave comments that describe both the quality of the product and the vendor.
Like other groups active in the Dark Net, the onion vendors are also characterized by the limited variety of the products sold: vendors only provide specific documents limited to a small number of nationalities. There is usually an accurate description of how it can and cannot be used.
The market prices are a bit higher than those on the surface Web. A scanned ID can cost up to EUR 9500, while a genuine passport can amount rocket to several thousand. It is possible to contact the vendor privately or use the public board on the market. It seems there is a prevalence of independent and acting‑alone sellers, whereas specialized teams were not encountered. While on the surface Web, the retailers often mention where the products come from, onion vendors never say their contacts.
Conclusion
The cyber market for forged identity documents is quickly evolving, thanks to the typical features of the internet; anonymity, gaps in the legislation, and the absence of an actual tangible distance in cyberspace create an environment that provides several advantages to fraudsters. It is possible to conclude that a high percentage of the sellers, around 70%, are probably scammers who cannot offer any new identity document. Nevertheless, several vendors in category A) and a large percentage of the sellers who operate in Onionland are more ‘trustworthy.’ It is highly likely that they can provide the requested products. This market is a means to conduct an activity with its roots in the physical world, and the chances are high that it will become a problem for law enforcement agencies. Vendors can quickly disappear when they feel hunted, and they can quickly create a new website or new market. This risk is increased because legal control is fragile in Onionland.
The post Cybermarket for New identity documents appeared first on Amicus.
source https://www.amicusint.ca/cybermarket-for-new-identity-documents/
No comments:
Post a Comment