According to recent World Bank figures, there are currently around 3 billion active credit cards worldwide, so cybercriminal groups dedicated to cardholder fraud campaigns have a larger attack surface than ever before. One of the most common variants of fraud is identity theft, which constantly evolves to deceive users, banks and entrepreneurs.
As a sample of this trendy is the latest report by the banking security and cybersecurity specialist known as “Bank Security”, who claims to have found evidence that a threat actor (individual or group) is selling the information of more than 158,000 stolen credit cards to users in the United States and Canada. Bank Security is a recognized researcher of security incidents, mainly data breaches and theft of confidential information for sale on the black market.
The report mentions that the card numbers exposed do not include the verification code (CVV), although the data sold by the cybercriminal is sufficient and enough to deploy complex malicious campaigns.
Cybersecurity experts mention that stolen payment card information is often sold through clandestine hacking forums on the dark web, seeking to protect the anonymity of buyers and sellers. The cybercriminal community also resorts to the use of tools such as the Tor browser and payment in cryptocurrencies such as Bitcoin or Monero to concrete these transactions, as this makes it virtually impossible to track those involved in a buy-sell operation.
On the leak reported by Bank Security, it is not yet known how threat actors accessed this information; however, the investigator states that after a brief analysis he was able to confirm that the information is legitimate.
The specialist recommends that potentially affected clients verify their bank records for any suspicious transactions and, if such records are found, report this activity to their bank immediately. So far, the banking institutions that operate the compromised credit cards have not commented on it. There is also no information on the possible malicious use of the affected cards.
Millions of users are affected by such crimes each year, so it is now more than ever necessary to take a more proactive stance and ensure the prevention of these attacks. To learn more about computer security risks, malware, vulnerabilities and information technologies, feel free to access the International Cyber Security Institute (IICS) website.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.