Cyber criminals typically obtain credit card data, online banking logins, and other sensitive financial information using the methods discussed below. Often, people selling stolen information online did not personally steal that information but rather purchased it from another thief.
This well-known tactic typically involves setting up a fraudulent Web site designed to look like the legitimate Web site of a bank or other financial institution, and then spamming out e-mails that appear to be sent from that legitimate institution. These e-mails urge recipients to click on the link to the fraudulent Web site (for example, by stating that the institution will cancel their account if they do not visit the Web site and "update their account information"). The fraudulent Web site records information entered by the victim (such as his or her login and password) and sends it back to the attacker, who either uses the information to access the victim's account or sells the information to other criminals.
Another common method of stealing financial information involves directly breaking into the network of a retailer or other possessor of such information. For example, Lowe's Hardware and TJX (the retailing giant that owns the T.J. Maxx and Marshall's store chains) fell victim to hackers who accessed their network via a wireless connection in one of their store parking lots.
One of the most sophisticated types of malicious code is a "keylogging Trojan horse"; this program automatically installs itself on the victim's computer and remains dormant until the victim visits one of a predetermined strings of Web site URLs (for example, a banking Web site). The keylogger then "activates" and stores the first few dozen or so keystrokes entered by the victim (a string that will include his or her login and password) and then sends it back to the attacker (typically via an IRC channel).
This is still (anecdotally at least) the most popular means of stealing financial information; it includes such tactics as installing "skimmers" on ATM machines that record information from cards inserted in the machine and waiters at restaurants stealing the information from credit cards used to pay for meals. Often, the thief does not directly exploit such information but instead sells it online in batches of dozens, hundreds, or even thousands of compromised accounts.