Cybercrime and Dark Web Research / Bank Discovers Customer Credit Card Numbers Traded Online

Bank Discovers Customer Credit Card Numbers Traded Online

Bank Discovers Customer Credit Card Numbers Traded Online
Michael Marriott
Read More From Michael Marriott
October 23, 2018 | 3 Min Read

Payment card fraud costs banks and merchants nearly $23 billion a year and rising. As consumers spend more money online, the opportunities for fraud increase and so does the level of sophistication threat actors employ to conduct card fraud. These cybercriminals don’t operate in a vacuum. They rely on a broad ecosystem and support network that provides a range of credit card details, fraud tools and online tutorials to hone their skills and increase their chances for success.

A SOC manager of a retail bank discovered that customer credit card numbers were being traded online and took a proactive approach to preventing fraud. Here’s how it unfolded.

IRC Channels – A Tool for Criminals…

Among the participants in the payment card fraud ecosystem, fraudsters are the individuals who use card details to buy goods and services for their own use or to resell at a discounted price. They run the greatest risk of getting caught by law enforcement and seek ways to stay below the radar. One tactic is to make sure cards have a worthwhile balance before using them. To do this, they take advantage of services offered on the Internet Relay Chat (IRC) channel that check the validity of credit card numbers in exchange for a nominal fee ($0.15).

IRC Channel

Figure 1: An IRC channel used to check balances of payment cards.

…and a Tool for Defenders

With annual online card spending expected to reach $6 trillion by 2021, detecting and stopping fraudulent transactions is a priority for banks and merchants worldwide. But the volume of activity to monitor can seem overwhelming. By understanding how this ecosystem operates, there are steps defenders can do to mitigate risk. In this case, the retail bank:

  • Monitored IRC channels to check for Bank Identification Numbers (BINs) and Issuer Identification Numbers (IINs).
  • Detected their customers’ credit card details being tested.
  • Disabled the impacted cards to prevent further fraud from occurring.
  • Alerted their customers, taking a proactive approach to preventing fraud.

It’s not only IRC channels where payment cards are tested and shared online. In order to gain good visibility into where your customers’ payment cards are being shared online, you also should monitor criminal forums and marketplaces.

Want to learn more about how this underground economy operates and how to use that knowledge to your advantage? See how Digital Shadows SearchLight™ helps clients investigate digital risks such as payment card fraud and enables organizations to proactively mitigate risk: Test Drive SearchLight™ Free Here.

 

To stay up to date with the latest digital risk and threat intelligence news, subscribe to our threat intelligence emails here.

Cyber Threats to the UEFA EURO 2020 Championship

Cyber Threats to the UEFA EURO 2020 Championship

June 9, 2021 | 7 Min Read

Payment card fraud costs banks and merchants...
The Business of Extortion: How Ransomware Makes Money

The Business of Extortion: How Ransomware Makes Money

June 9, 2021 | 8 Min Read

Payment card fraud costs banks and merchants...
Cryptocurrency Attacks to be Aware of in 2021

Cryptocurrency Attacks to be Aware of in 2021

June 8, 2021 | 10 Min Read

Payment card fraud costs banks and merchants...
The Top Three Cybercrime Takeaways from the 2021 Verizon DBIR

The Top Three Cybercrime Takeaways from the 2021 Verizon DBIR

June 2, 2021 | 4 Min Read

Payment card fraud costs banks and merchants...