A new trend has appeared on the cybercrime landscape that makes it seem as if some fraudsters may have a conscience … or none at all.According to researchers at Symantec, the security company has observed a growing tendency among cybercriminals to test out their stolen credit card numbers by — surprise of surprises — using them to donate money to charities.While it may seem like the identity thieves are engaging in an uncharacteristic show of kindness, Symantec concludes the obvious, that the criminals have actually identified the process of donating money as a useful test system for checking if their stolen accounts are still up and running, without drawing attention to themselves as quickly as if they used the swiped accounts in other settings. “In the world of carding, where stolen credit card information is bought and sold, carders need to know if the credit cards they are buying or selling can actually be used,” writes Yazan Gable, a researcher in Symantec’s Security Response group, in a blog on the company’s Web site. “It is sometimes difficult for them to verify this without raising any alarm bells and risking that their cards will be identified as stolen and disabled. As a consequence, a new trend is appearing.”In donating funds to charities online — notably, the Red Cross — cybercriminals can verify if their cards are working without raising the same hackles they might if they tried to buy something from an online retailer, as those companies are known to be working closer than ever with banks and card issuers to stop fraud as quickly as possible.The method may also be useful in evading systems that employ behavior pattern modeling to battle fraud. “Bank behavior monitors may be less likely to pick up on donations to charities,” Gable said. “Legitimate charitable donations are not daily transactions for anyone with a credit card, so it would be difficult to determine if they are out of the norm.”It is unclear whether the charities would retain any of the funds — which tend to be given over in relatively small amounts, according to Symantec — once the crimes have been uncovered. One can imagine, however, that if the practice becomes widely used, card companies may want to get their money back rather than simply write it off as their own donation.Gable said that Symantec researchers expect the problem to proliferate until something is done to prevent it. “It wouldn’t be too surprising to see this trend grow,” said Gable. “I guess the one thing to note here, though, is that at least some of the stolen money is going to a good cause.” Security