EDMONTON — Your credit cards are worth more than you think in the underground economy.

A recent report by security giant Symantec Corp. describes a booming online business where stolen credit cards and personal identity information are traded like legal commodities.

“It’s become a self-sustaining business worldwide,” said the report’s author, Calgary-based Dean Turner, director of Symantec Security Global Intelligence Network, Technology and Response. “What jumped out for us was how much money is being made in this underground economy.”

Turner described visiting online private chat rooms, where underground buyers and sellers did business from June 1, 2007, to July 1, 2008. Credit cards, thousands at a time, would sell or be traded in a matter of seconds.

They went from 10 cents to $25 per card, depending on credit limit, expiry date, and the security number on the back of the card.

Symantec estimates the sale value of credit cards in the underground economy was over $276 million US. But the potential spending spree on these credit cards would be $5.3 billion.

Turner said that compared to other illegal online sales, the financial information category ranking highest.

“They want to be able to quickly cash out the money with financial accounts and credit cards,” said Turner.

Phishing sites pretending to be online banks fool people into typing in log-in information. Social networking sites can direct users to unknowingly install spy software that monitors and sends out all transactions.

Turner said the underground economy is decentralized, with tens of thousands of worldwide participants. Countries like Romania’s prolific fake credit-card making business depend on North American cyber criminals which supply magnetic strip information.

Despite some success in shutting down suspicious sites, the underground activity keeps flourishing.

“Everything you need to be successful in the underground economy is available in the underground economy; it feeds itself,” said Turner.

New attack-tool kits sell for as much as $4,000, he said.

“We observed a little more than 69,000 distinct advertisers posting more than 44 million ads selling stolen information,” said Turner.

Most of the transactions happen on Internet relay chat rooms by invitation, with tens of thousands of buyers and sellers.

Symantec’s study did not include illegal music and movie sales and only looked at publicly available information, a small slice of the cyber crime pie.

“Cyber crime is a recession proof business, even in today’s uncertain economic climate,” said Turner. “When we’re talking about tens of billions of dollars of potential value in lost revenue for companies and individuals, it’s clear to me that this is an extremely serious problem.”

With cyber crime spiralling into a multimillion-dollar industry, you might wonder what chance the average computer user has against the Internet bad guys. Turner has some useful tips:

Remember that what you do online is not private. Participation in chat rooms, blogs and social networking sites such as Facebook, Twitter or MySpace can be viewed by others.

Use antivirus, parental control, firewall software and e-mail filtering solutions with regular updates. They can monitor suspicious threats, like phishing, and filter out spam e-mail.

Limit the amount of sensitive personal information stored on computers.

Utilize strong passwords and change them on a regular basis.

Do not store online account credentials using the web browser’s “remember password” feature.