China-based cybercrime groups are turning phished card data into mobile wallets, breathing new life into the carding industry, which was previously mostly operated by Russian hackers.
According to Krebs on Security blog, criminals are deploying novel techniques to maximize their profits.
Hackers typically target their victims with scam messages imitating the US post or toll road operators asking for a delivery fee.
Instead of using traditional SMS fishing, they send their spam messages through mass-created Apple and Google user accounts, urging users to visit external websites.
After users type their credit card data on these sites, which are operated by humans in China, users are asked to enter a one-time passcode. If the victim types the code, the card data is linked to a wallet from Apple or Google controlled by hackers.
Ford Merrill, a security researcher at SecAlliance, told Krebs on Security that criminals are cashing out on these wallets via transactions to their fake entities using Stripe or Zeller.
They also profit by obtaining real point-of-sale terminals and using tap-to-pay on a phone.
Merrill observed at least one group using so-called “ghost tap” software via the Android app “ZNFC,” which can transmit a valid NFC transaction anywhere in the world.
Some groups deploy additional methods to maximize their profits. For example, fake websites allow the capture of card data even before a user presses the “submit” button.
Sometimes, after a user types their card data into the fake website, an alert is displayed saying that the card can’t be processed, thus encouraging them to enter data from another card.
Krebs on Security estimates that criminals may earn $100-500 from one stolen card, while the overall profit of fraudulent schemes could reach $15 billion a year.
Your email address will not be published. Required fields are markedmarked