Yesterday night I was following some security related forums and some person posted a phishing kit for a popular bank from Romania. A phishing kit is a collection of scripts to help a script kiddie launch a phishing exploit and steal data such as credit card information, passwords. While looking through the contents of this phishing kit, to my surprise I found a log file containing many valid credit card numbers and other sensitive information. The phishing kit author posted his own kit on the forums but forgot to delete the log file before doing so.
The log file contained the following information:
- Phone Number
- Credit Card Number
- Credit Card Expiry Month
- Credit Card Expiry Year
- CVV (Credit Card Code)
There is one piece of information that is more interesting than others; CNP. In Romania every citizen has a Personal Numeric Code (Cod Numeric Personal – CNP), which is created by using the citizen’s gender and century of birth, date of birth, the country zone, followed by a serial number and a checksum.
I’ve quickly made a Python script to parse the CNP data, validate it and extract the interesting information such as gender and date of birth, to get some interesting statistics. I’ve also computed the CNP checksum to make sure the number is valid and exclude bogus numbers. Below is what I got:
The first statistic is Male/Female distribution
The following table shows Birth year/age distribution.
|Birth year||Percent (%)||Age|
A quick glance shows that the oldest person has 52 years old and youngest one is 18 years old.
this statistics show that the big majority of people scammed are the younger generation, between 21 and 30 years old. This came as a surprise to me.
The last table shows distribution based on month of birth.
|Birth month||Percent (%)|
These statistics were constructed using data from a few hundred valid person records, and the phishing scam was targeted at Romanian people.