BBC News
watch One-Minute World News
Last Updated: Thursday, 20 December 2007, 14:01 GMT
Smashing the criminals' e-bazaar
By Lucy Rodgers
BBC News

Bryn Wellman
Bryn Wellman was jailed for six years

Four Britons have been sentenced for their role in what has been described as one of the largest international online criminal networks stealing personal data.

They were members of Shadowcrew, but were unaware as they continued trafficking stolen bank and credit card numbers and personal information over the internet that their every move was being watched.

Two years after setting up one of the biggest-ever international identity-theft rings, the so-called "carders" were in the sights of US secret service agents who had established a gateway into their website,, to monitor its activities.

Then, in the autumn of 2004, with the help of a former gang member-turned-informant who would regularly entice high-ranking members to chat or join false sub-networks, one of the biggest-ever global cyber-busts was unleashed.

"One of the goals was to target the top-tiered people operating the site. There were thousands of members and it took a lot of time to locate the people we wanted to arrest," says an official at the US Department of Justice.

British connection

Twenty-eight people in seven countries - including the UK - were arrested as part of the year-long Operation Firewall. Many were still trading criminal information on their computers when the police arrived.

A book about identity theft (Picture: Soca)
An ID theft book was found at the home of one gang member

Among those caught as a result of the swoop were Britons Bryn Wellman, Richard Smith, Ibrahim Kotwal and Michael Murphy.

Wellman, 35, from Liverpool, was sentenced to six years in April this year for his part in the conspiracy. He was also jailed for a further six years for membership of another plot, which police say had the potential to earn him 10m.

Now Smith, 22, from Camberley, Surrey, Murphy, 24, from Northwich, Cheshire and Kotwal, 25, from Bolton, have been jailed for nine months each.

According to police the British arm of the Shadowcrew network was "in the fulcrum of the operation".

Use a firewall
Install good anti-virus and anti-spyware software
Secure wireless networks
Buy from reputable websites
Treat your identity as a precious commodity
Source: Get Safe Online

Wellman, Smith and Murphy acted as "moderators" of the Shadowcrew site - a senior role hosting online forums which shared criminal knowledge, while Kotwal was identified as a member of the network's European forum.

Smith also produced fake driving licences and domestic bills for use and sale, while Kotwal sold dates of birth to Wellman so that identities could be effectively hijacked.

By the time they were caught, this British wing of the conspiracy had managed to defraud 265,000, but according to the UK's Serious Organised Crime Agency (Soca) it had the potential to steal a total of 6m.

'Prince of thieves'

Investigators say the four spent their days hacking into banking systems or phishing for personal details they could use to obtain bank and credit cards.

Wellman, who went by the online name "prince of thieves", also used a Trojan virus, one of the most popular ruses used by criminals and hackers, which takes over computers and allows the sender to spy on users.

A forger's kit found by police (Picture: Soca)
A full forger's kit was discovered at the home of Smith

Once the gang had the required information, members would impersonate account holders, take over their accounts, change their mailing addresses and order extra cards. These would then be traded or used to buy goods.

In addition, the gang also created and traded in counterfeit ID documents, such as driving licences, which they used to rent property and open bank accounts.

But after investigations by US authorities and Soca, police closed in on the operation. Among the "huge amount" of uncovered forged material was a UK driving licence in the name of Tony Blair at the home of Smith, a Bristol University student.

Criminal bazaar

But the four British men were not acting alone, and formed part of what the US Department of Justice described as "one of the largest illegal online centres for trafficking in stolen identity information and documents". The website acted as a criminal e-bazaar - in effect an online auction site for the underworld.

By 2004 the international network had trafficked at least 1.7 million stolen credit card numbers and caused financial losses worth $4.3m (2.1m). Victims included banks and credit card companies as well as consumers whose identities were stolen.

Cards stolen in one country can, at the snap of your fingers, be used all over the world
US Department of Justice official

The bust found evidence against thousands of suspects based across the world, including Belarus, Poland, Sweden, the Netherlands, Ukraine and the UK.

So far, 13 of the American members of the gang have been sentenced, receiving between three years probation and 32 months in prison. A further six have been sentenced in related cases and two suspected members of the network are on the run.

For Sharon Lemon, head of e-crime at Soca, the way Shadowcrew worked - remotely, without ever needing to meet - is typical of how the new e-crime networks operate compared to the old-style "top down" organised crime groups.

Fake British driving licences (Picture: Soca)
The gang were making fake British driving licences

"People have been used for specific skills, rather than the usual pyramid structure," she says. "With one person providing the documents, another would buy credit card details, another would create identities while another would provide the drop address."

But it is the international scale of the such borderless networks that serves as the biggest challenge for authorities. For Soca, this makes liaison between countries - mostly resource-rich nations where most e-crime is carried out - essential.

There is, as it were, within cyberspace a vast darkness populated by shadowy individuals of which you became a part, working together sometimes for harmless fun but in this case clearly... working together to gain personal information with a view to tricking people out of their money and out of their identities
Judge Jonathan Durham Hall QC

"This is done without the people ever meeting," Ms Lemon says. "This requires complete international co-operation."

A US Department of Justice official adds: "What it represents is that individuals are now working together and that they are providing a black market for stolen information on a global level where information can be very quickly resold.

"Cards stolen in one country can, at the snap of your fingers, be used all over the world."

Passing sentence on Smith, Murphy and Kotwal, Judge Jonathan Durham Hall QC said: "There is, as it were, within cyberspace a vast darkness populated by shadowy individuals of which you became a part, working together sometimes for harmless fun but in this case clearly, regardless of the differences in your participation, working together to gain personal information with a view to tricking people out of their money and out of their identities."

"The internet and all that it involves is no doubt a marvellous tool but in the hands of those so motivated as you it became a malicious and sinister tool."

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific