One data feed firm has warned that stolen credentials are being sold on the open web. Despite this daylight trade of illicit goods, Webhose.io claims that no one is listening.
The firm warned of open web malicious activities, such as the selling of credit card information on public forums, which it claims are simply being ignored.
Despite assumptions of online criminality normally being reserved to the Dark Web, the firm says the surface web is rampant with malicious cyber-activity such as the sale of credit card information on public forums. What's more is that this market is often brazenly publicised on social media.
Recent webhose.io queries show active CC fraudsters over a 48 hour period by running the following API query: (dump OR dumps OR visa OR paypal OR amex OR mastercard)(ccv OR cvv OR ccv2 OR cvv2 OR icq)
Ohad Flinker, director of content at webhose.io, provided SC Media UK with a list of results which show open web forums trading credit card information. These offers apparently come from experienced hackers trading dumps of information in return for MoneyGram or Western Union payments.
Flinker said, “The process is simple as querying the webhose.io API and Twitter API for keywords related to credit card information, and identifying malicious content with links to known phishing sites”
Flinker spoke with SC and highlighted a 2015 paper in which researchers Omar Jaafor and Babiga Birregah from the University of Technology in Troyes, France relayed the way this information is then publicised.
The study, entitled “Multi-layered graph-based model for social engineering vulnerability assessment”, discusses how sharing illegal exploits on popular social media networks such as Twitter and Facebook comes with a risk of losing your account and followers.
If you boast about hacking publicly you risk losing your account and following (and financial gain as a result). For this reason, criminals tend to post highly explicit information on obscure blogs or message board comments, where the risk of exposure is far lower.
Jaafor and Birregah confirm that: “It is difficult to find malicious users on Twitter and Facebook as they publish many benign posts and try to hide their activities. This helps them build a good reputation.”
They continue: “It is much easier to trace their activities on other sites where their perceived risk is much lower. Even if these users attempt to hide their activities on blogs and forums, the probability of finding irregularities in their behavior patterns increases when analysing multiple platforms.“
In a recent blog post, Tim Dalgleish, systems engineer for RSA, estimates that the credit card fraud market at $5 billion AUD and is growing.
Dalgleish highlights that in Australia, for example, “in the twelve months ending June 2016, over two million fraudulent online credit card transactions were made, with a total fraud loss of $402 million AUD (£245,781,058 million GBP).”
That is is an increase of 24 percent on the previous year, added Dalgliesh, “and it will become a billion-dollar problem within 5 years, if no action is taken. In relative terms, the current per annum losses translate to $17 worth of online card fraud for every Australian.”