The volume of stolen cards available for sale on the dark web has reduced in the first half of 2020. This is due to a change in shopping patterns driven by COVID-19, according to Sixgill.
Cyber Intelligence company biannual Underground Financial Fraud report is obtained from its analysis of underground carding and other sites.
This analysis revealed that approximately 45.1 million cards were put up for sale in the first six months of 2020, this is a 41% decline from the 76.2 million offered on dark web sites in the last six months of the year 2019.
It was explained by the firm that much of the decline could be linked to uncommon police activity in Russia which has led to the closure of many underground sites during the period.
Although the Russian police is usually content to let cybercrime activity flourish inside the country as long as it is directed at foreign targets and not Russian nationals, police investigators arrested 25 people and shut dozens of online marketplaces back in March 2020.
These arrests and shutdowns accounted for 54% of the world’s stolen card trade, according to Sixgill.
According to cyber-threat intelligence analyst Michael-Angelo Zummo “It’s likely that many of the accused criminals had drawn the ire of authorities by violating domestic criminal laws,”.
“In arresting the suspects, police found illicit narcotics, firearms, fraudulent Russian passports and Russian law enforcement identification. In other words, these select criminals seemed to have violated the first rule of cybercrime: don’t hack where you eat.”
However, more dark web markets subsequently rose to take the place of those Russian authorities shut down.
However this dramatic drop in card volumes can’t be explained by increased Russian law enforcement activity alone.
A more likelier explanation is that, fewer people are now shopping in stores where point-of-sale malware and skimmers are installed to steal their payment card data, said Zummo.
These “dumps” are used to clone payment cards for face-to-face fraud, while only internet-based attacks like Magecart can harvest the card data Cyber criminals need to commit online fraud, he said.
In Europe, where EMVs are more widely spread, online attacks and fraud are by far the most popular type of attacks.
Zummo on why cards reduced
Zummo concluded by saying “Activity on dark web marketplaces shows that the coronavirus lockdowns have changed the fraud landscape. As in-person shopping declined, so did the types of credit card fraud that depended on it,”
“This sequence of events points to a shifting strategy for cybersecurity professionals, and consumers as well. Merchants need to make sure they have tools in place to prevent e-skimming attacks like Magecart, and, as in-person shopping continues to tick upward, retailers should only use chip-enabled point-of-sale systems.”
Cybersixgill on protecting Credit Cards in a Shifting Landscape
According to Cybersixgill activity on dark web marketplaces shows that the coronavirus lockdowns have changed the payment card fraud landscape. As physical shopping declined, so did the types of payment card fraud that depended on it to thrive.
This sequence of events caused by the coronavirus has lead to a shift in strategy for cybersecurity professionals, and consumers as well. Online merchants need to make sure they have tools in place to prevent e-skimming attacks from hackers like Magecart. And, as physical shopping continues to tick upward, retailers should only use chip-enabled point-of-sale systems.
For everyday consumers, it’s an excellent idea to change passwords on a regular basis, and avoid reusing old passwords, and to also keep an eye on bank statements for signs of unapproved activity. Consumers who receive an order/shipping confirmation email, should navigate to the site directly instead of clicking on the links in the email. This will help reduce the chance of being redirected to a malicious site.