IPcentral Weblog
  The DACA Blog

Monday, June 20, 2005

Honor Among Phishers
(previous | next)

Lee Gomes's WSJ article today on phishers -- the Internet scam artists who induce people to fraudulently disclose personal financial informs -- has fascinating insight into the structure of phishing. Amazingly, the structure of phishing is not necessarily hierarchical within a single criminal enterprise. There is a division of labor, where independent contractors acquire the data (acquirers) and then sell it to others (pillagers), who raid ATM's or otherwise empty victims bank accounts. The acquirers and the pillagers apparently enter into contractual relationships over Internet chat boards, agreeing to split the spoils pursuant to a negotiation.

What is interesting, Gomes notes, is how this market between acquirers and pillagers is maintained through reputational credibility. Obviously, contracts to consummate illegal acts are unenforceable at law. Furthermore, traditional means for criminal enterprises to enforce obligations – namely force and threat of bodily or other harm -- are not as readily available in these Internet contracts. Accordingly, a system of trust and reputational capital has appeared, where pillagers who do not share the ill-gotten gains with the acquirers are quickly flushed from the market through posts on message boards. By contrast, pillagers who do share with the acquirers get repeat business, and presumably a rather lucrative division of spoils thrives. As a matter of game theory, the key is that the players in this market are repeat transactors. For a one-time phishing pillager, it would make sense to cheat the acquirer out of his share.

To be sure, it is quite difficult to celebrate the ingenious market structure of the Internet's current criminal scourge. Nevertheless, the structure does make some sense when you think about it, and by how it takes advantage of the Internet's distributed, atomized nature. For prosecutors, it raises an interesting question of whether these phishing market relationships constitute a criminal enterprise under, say, RICO statutes. As for a curious instance of an spontaneous organization of a market, it shows in some sense how markets are natural and irrepressible. This market devised its own currency (reputation), defined its own property and contract rules, and apparently has a equilibrium for division of spoils.

Question: How do the phishing acquirers induce the pillagers to honestly report how much money they have stolen? Why wouldn't an pillager simply underreport to the acquirer how much they stole? There must be some sort of receipting-system that has been worked out, wouldn't you think?

posted by Ray Gifford @ 8:31 PM | Internet

Share |

Link to this Entry | Printer-Friendly

Post a Comment:

Blog Main
RSS Feed  
Recent Posts
  EFF-PFF Amicus Brief in Schwarzenegger v. EMA Supreme Court Videogame Violence Case
New OECD Study Finds That Improved IPR Protections Benefit Developing Countries
Hubris, Cowardice, File-sharing, and TechDirt
iPhones, DRM, and Doom-Mongers
"Rogue Archivist" Carl Malamud On How to Fix Gov2.0
Coping with Information Overload: Thoughts on Hamlet's BlackBerry by William Powers
How Many Times Has Michael "Dr. Doom" Copps Forecast an Internet Apocalypse?
Google / Verizon Proposal May Be Important Compromise, But Regulatory Trajectory Concerns Many
Two Schools of Internet Pessimism
GAO: Wireless Prices Plummeting; Public Knowledge: We Must Regulate!
Archives by Month
  September 2010
August 2010
July 2010
June 2010
  - (see all)
Archives by Topic
  - A La Carte
- Add category
- Advertising & Marketing
- Antitrust & Competition Policy
- Appleplectics
- Books & Book Reviews
- Broadband
- Cable
- Campaign Finance Law
- Capitalism
- Capitol Hill
- China
- Commons
- Communications
- Copyright
- Cutting the Video Cord
- Cyber-Security
- Digital Americas
- Digital Europe
- Digital Europe 2006
- Digital TV
- E-commerce
- e-Government & Transparency
- Economics
- Education
- Electricity
- Energy
- Events
- Exaflood
- Free Speech
- Gambling
- General
- Generic Rant
- Global Innovation
- Googlephobia
- Googlephobia
- Human Capital
- Innovation
- Intermediary Deputization & Section 230
- Internet
- Internet Governance
- Internet TV
- Interoperability
- IP
- Local Franchising
- Mass Media
- Media Regulation
- Monetary Policy
- Municipal Ownership
- Net Neutrality
- Neutrality
- Non-PFF Podcasts
- Ongoing Series
- Online Safety & Parental Controls
- Open Source
- PFF Podcasts
- Philosophy / Cyber-Libertarianism
- Privacy
- Privacy Solutions
- Regulation
- Search
- Security
- Software
- Space
- Spectrum
- Sports
- State Policy
- Supreme Court
- Taxes
- The FCC
- The FTC
- The News Frontier
- Think Tanks
- Trade
- Trademark
- Universal Service
- Video Games & Virtual Worlds
- VoIP
- What We're Reading
- Wireless
- Wireline
Archives by Author
PFF Blogosphere Archives
We welcome comments by email - look for a link to the author's email address in the byline of each post. Please let us know if we may publish your remarks.

The Progress & Freedom Foundation