Making Sense of the Credit Card Fraud Business

The plethora of password breaches in the last two years has helped cybercriminals diversify their products and services by adding a variety of new stolen credentials for sale.  However, the business of credit card fraud is still a thriving operation in the black market, complete with an entire ecosystem which offers trading of stolen credit cards and carded items, carding tutorials, carding services and much more.

Compromised cards are categorized in fraudster communities into two groups: ‘CVV2’ and ‘dumps’ depending on how they were compromised, and as a result, the type of data that was harvested.

‘CVV2’, in the fraudster community, refers to card data compromised through cyber attacks targeting online transactions or e-commerce, and thus includes CVV2 – the three digits on the back of a card. The data harvested also includes card number, full name, expiration date and billing address. The term ‘Dumps’ refers to card data compromised through skimming point of sale machines or ATMs and includes the card’s dump information which is stored on the magnetic stripe. This data can later be used to clone a physical card using an MSR device and plastic card blanks.

Making the Purchase

Cybercriminals often advertise their card data in forum posts, fraud groups and chat rooms, and it is a common practice to share CVV2 data as ‘freebies’ in order to increase their reputation in the fraud community and attract potential buyers. Since the underground is flooded with compromised data, and in order to facilitate the (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Heidi Bleau. Read the original post at: http://www.rsa.com/en-us/blog/2018-01/making-sense-of-the-credit-card-fraud-business.html