Online credit card fraud appears to be in decline, as seasoned cybercriminals warn novice crooks off “carding” on dark web forums observed by analyst Digital Shadows.
The apparent downturn in this once fruitful means of turning a dishonest buck is most likely driven by government crackdowns earlier this year on popular carding forums such as Trump’s Dumps, Ferum, and Sky-Fraud, said the security analyst.
“Without some of the most reliable shops, threat actors were left with limited options for credit card purchases,” said Digital Shadows. “The crackdown also made carders wonder if the potential punishments for their illicit activity outweighed the profits.”
As such, more experienced cybercriminals have been taking to dark web chat groups and advising entrants into a life of digital crime to steer clear of the practice.
“Traditional threads in which beginner carders seek assistance in how to start out in the game suddenly began to receive responses advising those early in their cybercriminal career to choose another type of malicious activity because of the high prices of stolen payment card details,” said Digital Shadows.
Whereas ‘articles’ on such forums used to boast of earnings from carding as high as $5,000 – over what time period, the threat actor did not specify – nowadays, even a measly grand is hard to come by.
“There is no doubt that the carding ecosystem has become more complicated and less appealing for cybercriminals,” said Digital Shadows, adding that the once-straightforward crime had morphed into “a multi-stage operation with many barriers to entry and many points of potential failure.”
The development may be bad news for those on the wrong side of the law, but it should have the rest of us breathing a little more easily: bad enough in itself, carding can also facilitate further types of cybercrime involving identity theft. For instance, by gaining access to an online retailer’s payment processing system, carders can intercept log traffic containing personal data such as customer usernames, passwords, and social security numbers.
Conmen complain of being “scammed”
Digital Shadows reached its conclusions after observing two popular carding forums, Bankomat and Bat Market, which were criticized by users complaining about the poor quality of the cybercriminal ‘services’ on offer.
One disgruntled crook described the former platform as a “waste of time” after checking 50 stolen card numbers offered for sale and finding only one to be valid – despite BatMarket’s claims of a minimum 50/50 ‘success’ rate. Other criminals complained of being asked to pay $50 upfront to register with the site.
Bankomat received mixed reviews, with some users claiming it was the best carding forum on the web but another saying just four out of 34 cards purchased had turned out to be active.
“I hope your scam project goes down,” this user posted in Russian – suggesting that while cybercriminals can dish it out, they aren’t so good at taking it.
However, Digital Shadows also warns against jumping to any conclusions about the “death” of carding, with some cybercriminals observed trying to up their game by developing better “skimmers” – devices that siphon information from a card’s magnetic strip when it is inserted or swiped – and other tools used to clone cards.
“The frequent appearance of new carding shops indicates that the demand for carding is still there, and that at least some threat actors still believe they can make money from this type of cybercrime,” it added. “We saw one forum member commenting, ‘people are prepared to buy anything and anywhere, in the hope of finding something suitable,’ suggesting that desperation may still fuel sales.”
More from Cybernews:
Subscribe to our newsletter