I’ve been doing quite a bit of public speaking lately — usually about cybercrime and underground activity — and there’s one question that nearly always comes from the audience: “Why are these fraud Web sites allowed to operate, and not simply taken down?” This post is intended to serve as the go-to spot for answering that question.
Q: Why not take down the hundreds of sites now selling stolen credit cards and identity data?
For starters, it’s not always so easy to take these sites offline. Many of them rely on domain name registrars that routinely ignore abuse requests. The same goes for the organizations hosting a number of these unsavory markets.