WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 18, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
It’s that time of year again. Summer is drawing to a close and retailers are making the most of the rush to stock up on supplies and learning materials before classes begin. However, as we highlighted last year in our Inside Online Carding Courses Designed for Cybercriminals report, a market has emerged for a very different type of university experience.
Cybercriminals have been offering their own e-learning hacking and carding courses, complete with webinars, tutors and reading lists for some time. These types of courses were traditionally advertised across a wide range of marketplaces and forums; however, with the takedowns of AlphaBay and Hansa marketplaces in 2017, cybercriminals are incorporating other platforms to publicize their services.
In a recent development to the cybercrime university ecosystem, our Russian-language specialists unearthed new high-spec courses and tutors being advertised. Rather than rely on dark web marketplaces, however, sellers of these courses host free lecture videos on Telegram and then use these to further promote their cybercrime services. In Figure 1 below, a tutor held a botnet-related lecture on Telegram and then advertised their new University of Cybersecurity and Anonymity programme, complete with a dedicated website.
Figure 1: Plastikcash University of Cybersecurity and Anonymity website
With a slick website, experienced tutors, and course structure that would not look out of place for the most established and legitimate education providers, this example demonstrates how cybercriminals are looking to further professionalize their offerings and monetize their expertise by training less-sophisticated actors. To further entice students, the University of Cybersecurity and Anonymity has even produced its own minute-long video advertisement, which has been played over 3,000 on mainstream video sharing platforms. This particular programme is priced at 75,000 Rubles ($1,100 USD), payable in Bitcoin, and offers four different global courses, three practising tutors, 70 unique lectures and over 40 educational days.
Figure 2: Carding University course topics as advertised on Plastikcash website
Fraudsters within the carding industry will not necessarily remain fraudsters forever, often looking to move up the criminal hierarchy. This programme seemingly acknowledges this, with the courses offering much more than basic carding techniques; instead it includes lectures and workshops on currency laundering, cash withdrawal schemes, social engineering, botnet creation and use of exploits.
The University of Cybersecurity and Anonymity is a further example of the broad range in online courses and tutorials available to aspiring amateur criminals. As we detailed in our Online Carding Course whitepaper, there is a variety in quality and price of such services. At the lower end of the scale are guides offered for as little as $1, which typically involve no tutor interaction or course material. These are self-paced and generic tutorials, unlike the University of Cybersecurity and Anonymity, which claims to offer a fully-comprehensive, immersive and tutor-led experience.
While these course packages allow cybercriminals to make money from their expertise, online tutorials are also used as a bartering medium between actors on forums. In Figure 3 the forum user offers free carding tutorials specifically for eBay and PayPal, including both theory and practical elements. However, rather than asking for a pecuniary fee, users have to instead promise to write positive reviews of the user’s services on various platforms.
Figure 3: Free eBay and PayPal carding tutorials offered on a Russian-language forum
In the above example, the user ‘truefalk’ also attempts to upsell their other services. Here they request that carding tutees should purchase stolen payment card information directly from truefalk. This practice of using online tutorials as a freebie to then advertise a wider array of services is not uncommon. The user ‘Smart666tiger’, who was previously an active seller on the AlphaBay and Hansa marketplaces, has offered free carding tutorials on several online forums, and then used these posts to provide links to paid tutorials and carding services on their Satriale Silk Road marketplace shop.
Figure 4: smart666tiger advertising carding tutorial shared on Satriale’s Silkroad 3.1
Figure 5: smart666tiger paid carding tutorials offered for sale on Silkroad 3.1
The evolution of online cybercrime and carding courses is a worrying trend for organizations and consumers, with more amateur actors having access to the training needed to embark on a cybercriminal career. Nevertheless, a knowledge of these trends and the techniques being advertised in these courses gives us a valuable insight into the methods being used to target individuals and businesses. With this understanding, defenders can look to increase friction at every stage of the cybercriminal process – whether it’s training employees on how to avoid being the victim of the latest social engineering tricks or how criminals are bypassing anti-fraud and banking checks.
To learn more about the carding ecosystem, download our whitepaper, Inside Online Carding Courses Designed for Cybercriminals.