The risk reduction strategies used by criminals in illegal markets in the physical world are well documented. Their practices are shaped by their perception of risk. Online and physical environments are considerably different. Therefore, individuals participating in online illegal markets employ different risk reduction strategies. They use resources available to them to protect themselves from formal and informal risks associated with law enforcement and with their criminal peers.
Holt et al. conducted a study focusing on the different mechanisms used by buyers and sellers participating in online illegal data markets to minimize formal and informal risks. They analysed content found in a sample of 1889 conversations from ten Russian and three English public web forums on the trade of stolen fnancial and personal data. They only selected conversations related to the sale and trade of personal and banking information. They found three of the forums through search engines and identifed the rest through these forums. Eight of the sites were entirely openly accessible, while the other fve required registration to access the market sections.
The researchers identifed many strategies to minimize risks for both sellers and buyers in these forums. Forum members are mainly concerned with internal risks, such as disreputable or competing sellers, disgruntled buyers or dishonest members. To ensure successful transactions, forum members use informal strategies negotiated between them for their mutual protection. Since cheated members cannot complain to the authorities because of their implication in illicit trade, forum administrators implement formal strategies to protect the forum. These strategies help preserve its credibility, proper operation and regulate transactions between members.
|Informal strategies used between buyers and sellers|
|Electronic payment and fake accounts||
Immediate payment and rapid dissemination of goods. Avoid face to face interaction and provide privacy and anonymity.
|Private messaging system||
Privacy for negotiating terms of trade.
|Public posting of positive or negative feedback||
Help determine the reliability and reputation of a seller. Discredit and harm the reputation of dishonest sellers.
|Formal strategies used by the forum administrators and moderators|
Dictate rules of participation in the forum. Review and deletion of posts.
|Escrow service system||
Hold payment on behalf of the buyer until the seller releases the merchandise.
|Review and product testing||
Ensure the quality of products and services offered.
|Threat management system||
Ban or block of users attempting to disrupt the market. Demand proof of any wrongdoing.
In reality, not all forums offer escrow or product testing services, and their application is often inadequate. Furthermore, administrators are not always active, forcing buyers and sellers to use feedback posting and reviews to fnd reliable transaction partners. Even though external risks such as legal authorities are not perceived as the main threat to illegal forums, members still use anonymity strategies to ensure their privacy.
The use of slander attacks against forums, where law enforcement attempts to disturb the market by making false complaints against other members, is well documented as an effcient strategy. But, it might not be as effective in regulated forums where administrators can ban disruptive members. Using undercover identities to create forums for stolen data could be more valuable for gathering intelligence, identifying key members, and tracking the behaviour of participants, along with building cases against entire networks. The creation of stolen data forums by law enforcement as an investigative strategy would provide suffcient evidence to build solid cases, and would furthermore create distrust amongst participants and consequently affect the supply and demand of these illicit markets.
Trust in the forum is used as a proxy for trust in other criminals. Reducing the trustworthiness of criminal forums could be effective.