In the first half of 2019, more than 23 million credit cards with stolen personal details were put up for sale on underground darknet forums.
According to researchers from Sixgill, data of almost 15 million cards belong to users from the United States, which accounted for almost 64.5% of the total number of data put up for sale.While 15 million stolen cards might seem insignificant when we discuss a world with billions of cards (all in US), consider this: credit and debit card fraud costs American businesses and consumers approximately $12 billion annually”, — note Sixgill researchers.
On the second place by the number of compromised payment cards was the UK (7.43%). The third is India (3.78%), followed by Brazil (2.18%).
The attackers began to use not only underground markets as trading platforms, but also IRC channels and platforms with implemented encryption, such as Telegram.
In total, 57% compromised financial documents were associated with Visa cards, followed by Mastercard – 29%, AMEX accounted for 12%.
Read also: The attackers changed the DNS settings for 180,000 routers: how to protect against an attack?
Compromised payment card data is offered at underground sites for as little as five dollars. Researchers divide the information sold into two classes. The first includes data that includes a three-digit card authentication code located on the back of the card, and the second includes information stored on the magnetic stripe of the card that is needed to create cloned cards for making purchases.
The centralization of fraudulent activity on several underground sites reflects the situation in real financial markets. It seems that this phenomenon is an excellent opportunity for law enforcement agencies to curb a significant part of cybercrime activities. However, as shown by the example of such markets as Alphabay, Hansa and Silk Road, criminals quickly “move” to other sites”, — the researchers concluded.
What can financial institutions and consumers do about it?
Continuously monitoring dark web markets represents one of the best opportunities to intercept the data used in fraud, so that consumers can be protected. Financial institutions can prevent a significant amount of fraud by looking at the same information that the threat actors use, and major companies, including Fortune 500 banks and insurance firms, are already doing so to protect consumers proactively.
Consumers can protect themselves by setting up banking alerts that notify them when suspicious activity is detected, and by monitoring their accounts on a regular basis. They are also encouraged to contact credit reporting agencies (like Experian, Equifax, or TransUnion) if they suspect their information has been compromised.
