Sunday, July 21, 2024

Most Important Consideration For Credit Card Fraud You Need to Know To Secure You Transactions

Not even a pandemic can slow down, let alone stop, credit card fraud. A Wall Street Journal report reveals that the amount of fraudulent credit card charges rose by 35% year-over-year in April. This increase appears extraordinary given the significant reduction of consumer spending over the past months.

Credit card fraud or carding appears unstoppable. It is interesting how the crooks behind it are defying the pandemic and recession. There is more to know about this enduring and evolving cyber threat that affects over 100 million consumers in the United States alone.

1. Cybercriminals learn carding from the dark web

The dark web has long been associated with illicit and illegal activities. It is not surprising that it is used as a resource by wannabe cyber thieves. Felonious minds eyeing the menacing business of carding fraud have been signing up for online classes on how to commit this scheme.

According to Featurespace, a Cambridge-based tech firm, tutorials and references on carding are widely available on the dark web. These criminal resources, authored by self-confessed experienced cybercriminals, provide detailed instructions on how to commit the crime. They also present links to carding sites, which sell stolen credit card details.

“As more of this fraud is now being perpetrated by clued-up amateurs working out of their bedrooms, they are harder for financial institutions to spot and stop – their spending patterns often mimic those of their victims,” explains Sean Neary, a senior product officer at Featurespace.

2. Credit cards are better than debit cards, says a former cyberthief

The cases of credit card fraud are soaring, but this does not mean that consumers should switch to debit cards. Frank Abagnale, a fraud expert, who was once a cybercriminal himself, warns: “Want to avoid identity theft? Never, ever use a debit card.”

Abagnale describes debit cards as “certainly and truly the worst financial tool ever given to the American consumer.” For him, the use of debit cards puts one’s money and bank account at risk. Ironically, he promotes the use of credit cards even as carding fraud continues to be a major threat. The former professional impostor says credit cards are better because of laws that limit liability to a certain amount. Many card issuers also offer 0% liability under certain conditions.        

3. COVID-19 inspired credit card phishing schemes

Defrauders are doubtlessly ingenious that they managed to take advantage of the coronavirus pandemic to advance their schemes. The FBI, IRS, World Health Organization, and even the United States Secret Service have released separate warnings on various scams designed to take advantage of the COVID-19 noise. “Criminals seize on every opportunity to exploit bad situations, and this pandemic is no exception,” says IRS Commissioner Chuck Rettig.

Phishing cases, in particular, have increased significantly. These attacks are used to harvest sensitive information such as credit card numbers. Fraudsters may pose as charitable organizations that collect donations for the benefit of victims or those who fight the pandemic in the frontlines. Cybercriminals may also try to deceive people into divulging their credit card details by sending emails or making calls as the IRS or state unemployment insurance agencies.

Moreover, bad players offer at-home test kits, alcohol, hand sanitizers, face masks and shields, pills, and even vaccines. Many tend to readily pay for these items with their credit cards given the COVID-19 paranoia.

4. Cybercriminals don’t have to use credit cards to make money out of them

The most common ways to use stolen credit cards involve purchases or payments. They can also be used to make money indirectly. “Credit card numbers can be converted into cash by buying up gift cards and purchasing easily sellable items to resell through online marketplaces such as eBay,” according to cybersecurity specialist Joseph Steinberg.

However, making payments is not the only way for cybercriminals to cash in on the credit card information they managed to steal. They don’t have to swipe the plastics or have vendors charge specific card numbers. They can sell their stolen details to other cybercriminals on the dark web, for example.

According to Symantec, many are willing to pay at least $45 for the details of one credit card. Imagine how much cybercriminals make from the data of hundreds or thousands of cards. High-profile data breaches such as those suffered by Adult Friend Finder and Marriott International, both of which involve over 400 million accounts, may have made instant black market billionaires.

5. Credit card fraud is the most common form of identity theft.

Credit card fraud is a type of identity theft. In fact, it was the top form of identity theft in 2019 based on data from the Federal Trade Commission (FTC). The agency received more than 270,000 credit card fraud reports, which is more than 40% of the total number of identity violations in the past year.

Cases of fraudulent credit card transactions have been increasing over the years. A deceleration in the growth of cases seems unlikely. The best consumers can do is to become more cautious. It helps to get acquainted with the signs: bank/credit card statement errors, credit report discrepancies, failure to receive bills, and credit calls/reminders for unpaid bills. 

For businesses, the red flags include the following: high rates of shopping cart abandonment, low average shopping cart size, high frequency of failed payment authorizations, a surge in chargebacks, and several payment failures from the same user, IP address, and device ID or digital fingerprint.

Credit card fraud is nothing new, but its prominence during a pandemic and recession merits some attention. Its perpetrators constantly tweak and upgrade their attacks. They already employ bots and sophisticated strategies to mimic human activity. Also, newbie cybercriminals have access to effective guides on defrauding others. It’s only logical to be more mindful of the threat.


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles