Bank Discovers Customer Credit Card Numbers Traded Online

Bank Discovers Customer Credit Card Numbers Traded Online
Michael Marriott
Read More From Michael Marriott
October 23, 2018 | 3 Min Read

Payment card fraud costs banks and merchants nearly $23 billion a year and rising. As consumers spend more money online, the opportunities for fraud increase and so does the level of sophistication threat actors employ to conduct card fraud. These cybercriminals don’t operate in a vacuum. They rely on a broad ecosystem and support network that provides a range of credit card details, fraud tools and online tutorials to hone their skills and increase their chances for success.

A SOC manager of a retail bank discovered that customer credit card numbers were being traded online and took a proactive approach to preventing fraud. Here’s how it unfolded.

IRC Channels – A Tool for Criminals…

Among the participants in the payment card fraud ecosystem, fraudsters are the individuals who use card details to buy goods and services for their own use or to resell at a discounted price. They run the greatest risk of getting caught by law enforcement and seek ways to stay below the radar. One tactic is to make sure cards have a worthwhile balance before using them. To do this, they take advantage of services offered on the Internet Relay Chat (IRC) channel that check the validity of credit card numbers in exchange for a nominal fee ($0.15).

IRC Channel

Figure 1: An IRC channel used to check balances of payment cards.

…and a Tool for Defenders

With annual online card spending expected to reach $6 trillion by 2021, detecting and stopping fraudulent transactions is a priority for banks and merchants worldwide. But the volume of activity to monitor can seem overwhelming. By understanding how this ecosystem operates, there are steps defenders can do to mitigate risk. In this case, the retail bank:

  • Monitored IRC channels to check for Bank Identification Numbers (BINs) and Issuer Identification Numbers (IINs).
  • Detected their customers’ credit card details being tested.
  • Disabled the impacted cards to prevent further fraud from occurring.
  • Alerted their customers, taking a proactive approach to preventing fraud.

It’s not only IRC channels where payment cards are tested and shared online. In order to gain good visibility into where your customers’ payment cards are being shared online, you also should monitor criminal forums and marketplaces.

Want to learn more about how this underground economy operates and how to use that knowledge to your advantage? See how Digital Shadows SearchLight™ helps clients investigate digital risks such as payment card fraud and enables organizations to proactively mitigate risk: Test Drive SearchLight™ Free Here.

 

To stay up to date with the latest digital risk and threat intelligence news, subscribe to our threat intelligence emails here.

Related Posts

3 Phishing Trends Organizations Should Watch Out For

3 Phishing Trends Organizations Should Watch Out For

May 20, 2020 | 16 Min Read

It’s only May, and is it just me, or has this...
The 2020 Verizon Data Breach Investigations Report: One CISO’s View

The 2020 Verizon Data Breach Investigations Report: One CISO’s View

May 19, 2020 | 6 Min Read

Sadly, Marvel’s Black Widow release date was...
A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

May 14, 2020 | 10 Min Read

Q1 2020 was packed full of significant...
BitBazaar Market: Deception and Manipulation on the Dark Web

BitBazaar Market: Deception and Manipulation on the Dark Web

May 12, 2020 | 8 Min Read

It's a BitBazaar that they thought they...