Romanian officials are voicing alarm at the growing rate of electronic-commerce fraud committed by Romanian hackers on the Internet. They say the growing incidence of crime threatens to cut off Romania from the potential for business offered by the Internet. The country is often singled out by international watchdogs as one of the main centers of electronic fraud. RFE/RL correspondent Eugen Tomiuc reports authorities are now preparing tough new laws against Internet criminals.
Prague, 4 March 2002 (RFE/RL) -- Romanian Communication and Information Minister Dan Nica has warned that the growing amount of Internet theft perpetrated by Romanians could leave the country "on the sidelines" of modern civilization.
In remarks last week, Nica said companies engaged in the growing business of electronic commerce -- buying and selling goods on the Internet -- are threatening to exclude Romania altogether.
The expansion of the Internet and the boom in electronic commerce have brought a sharp increase in new types of crimes, such as credit-card and e-trade fraud. The losses from theft are in the many millions of dollars annually.
Nica says various international Internet watchdogs rank Romania among the countries where most e-trade fraud originates.
He tells RFE/RL that Romania risks being placed on international e-commerce black lists and that several e-trade companies have already started a policy of rejecting all purchase orders coming from Romania.
"We [Romanians] have only just been removed from one black list -- the one which imposed visa restrictions to Romanians traveling to the [European Union members of] the Schengen [agreement zone.] And now we are risking being placed on another one, because some Internet [e-commerce] sites have made the decision to reject all buying orders for goods and services which originate from Romania."
One of the watchdogs, the U.S. Internet Fraud Complaint Center (IFCC) -- a partnership between the Federal Bureau of Investigations (FBI) and the National White Collar Crime Center -- last month published its first annual Internet fraud report, covering the period from May 2000 to May 2001.
In the report, based on complaints made by U.S. and foreign companies and individuals, Romania is ranked third among the top 10 countries for Internet fraud. Ukraine and Russia are also in the top 10.
The U.S., home to the majority of e-commerce companies, is number one on the list, accounting for more than 90 percent of all Internet-related fraud.
Romanian information technology journalist Ionut Ancutescu explains how much of Romanian Internet crime takes place.
He says criminals normally use stolen credit card numbers to place online buying orders. He says these criminals, known as "carders," obtain and exchange credit card numbers over Internet chat sites.
"The perpetrator, called a 'carder' in hacker slang, must first find credit card numbers to pay with. He finds these on specialized chat sites or on IRC [Internet Relay Chats], which are meeting points for [criminals called] hackers, crackers, and carders. [They] exchange information and renew their credit card numbers portfolio. After that, things are very simple."
Ancutescu says that carders typically go for small-value transactions -- under $100 -- to avoid raising suspicion.
Small computer parts, easy to transport and sell, are among the fraudsters' items of choice.
Ancutescu also says many of the larger online stores have now started to reject online orders sent from Romania. In response, the carders have turned their attention to smaller e-trade firms that lack the resources to quickly identify wrongdoers.
With the ongoing expansion of Internet trade, the world's largest credit card companies are increasingly paying more attention to e-commerce fraud.
Credit-card giant Visa -- the world's leading credit-card issuer -- has introduced a number of security initiatives, including a system that automatically flags any transaction begun over the Internet with a Visa card.
Visa, whose e-trade transactions amount to roughly 1 percent of its total worldwide transaction volume, is also monitoring suspicious chat rooms and has targeted certain Internet sites around the clock.
Visa tells RFE/RL that each time it acquires information about compromised card numbers on Internet websites, it immediately notifies issuing banks so that they can take appropriate action.
However, Ancutescu says web criminals are proving to be extremely adaptable, often shifting crime patterns and methods. This makes them especially difficult to spot.
Ancutescu says that credit-card fraud -- although the most common -- is not the most lucrative. He says "hackers," criminals who crack security codes, are more dangerous.
"These are 'carders,' the lower class, the pickpockets of the Internet thieves. There are other, more evolved, smarter thieves -- the 'hackers' and the 'crackers' -- who gain direct access to bank servers and archives, government and private archives, where they obtain first-hand credit-card numbers or other banking details. Carders are actually getting [their] information from these people."
Ancutescu says Romania, unfortunately, does not have sufficient laws on the books to fight Internet crime.
"Unfortunately, the obstacle which prevents us from [fighting more successfully against e-trade fraud] is the legislative aspect. We have lenient laws, or no laws at all."
Romanian minister Nica says parliament is working on a bill to regulate electronic trade that would provide for jail terms of up to 15 years for those found guilty of electronic fraud.
Nica says the law is meant to be especially tough to prevent what he calls a small minority from damaging Romania's image and its business interests.