This article explains what is cardinghow hackers can obtain payment details and tease out the impact of a cyber attack on a business.
There will be 230,937 credit card fraud reports in the US alone in the first six months of 2022, highlighting the growth of credit cards as a threat vector
This article will explore grooming, how it works, and its disruptive impact on eCommerce businesses.
- What is grooming and why should you learn about it?
- How can an attacker obtain detailed information to check in?
- Biden’s cash swiping incident
What is grooming and why should you learn about it?
Carding refers to transactions over the internet and the unauthorized use of stolen credit card details. Card details can be obtained by hackers during a data breach and used to commit financial fraud. To cover their tracks, hackers can use stolen details to buy prepaid gift cards.
Carding marketplaces are the dark web where stolen credit card numbers are traded, allowing those who download the details to use card stuffing techniques to commit financial fraud.
credit card plug is a technique used by hackers to repeatedly try to authorize stolen credit card details. Carding is often performed by automated systems as it allows them to enter numbers quickly.
How can an attacker obtain detailed information to check in?
Malicious actors can use several threat vectors to obtain credit details. The following are examples of the main techniques used in this cybercrime.
Phishing is social engineering A tactic in which hackers attempt to obtain personal or confidential information by impersonating a victim as a legitimate company.
Malicious actors can send phishing links using a variety of channels, including text, social media messages, and email. In fact, I recently received an email from hackers trying to phish me by pretending to be Apple.
The email is designed to stir strong emotions in the recipient, making them click the link and enter whatever information it asks without thinking. Using a deceptive “no reply” email address and reference number can also help make it look more legitimate.
In this case, the hackers wanted my Apple ID credentials, including my email and password. If they impersonate an eCommerce site or any other entity asking me to enter my payment card info, they can steal it this way.
Hackers can also harvest credit card information by sending phishing links to companies that store customer payment details to harvest employee logins. This information can then be used to access internal data storage systems to steal all or some of the card details.
Web skimming involves malicious party insertion Malicious code Go to a website that handles payment card information, such as an e-commerce site. The malicious code extracts data entered by customers in HTML form (ie payment card details) into the site and forwards it to the hacker.
The hacker group used software called Magecart to steal payment details from e-commerce sites, with the main victims being the merchandise sites of US online retailer Newegg and conspiracy site InfoWars.
Bank Identification Number (BIN) An attack in which incomplete bank card details (i.e. the first six digits of the card) are taken and automated software is used to randomly generate the rest of the required information in a phishing or social engineering attack.
Malicious actors will then use the e-commerce site to test that the details are correct or that the card is valid. If yes, they can sell the details or use them to buy gift cards.
How does grooming impact businesses?
As with any cyberattack, grooming can have lasting effects on a business. Research by the Ponemon Institute found that 65 percent of businesses report that data breaches have negatively impacted how customers perceive them, leading to lost customers and lower profits.
The institute also found that the average cost of a data breach to a business was $4.24 million, with $1.61 million (38 percent) of that coming from lost business following a data breach. If a business suffers a carding attack and customers’ details are stolen, they may feel that the company mishandled or did not adequately protect their data. That could lead to them filing a class action lawsuit against the company.
Furthermore, if customers do fall victim to further cybercrime such as financial fraud as a result of card-based cyberattacks, this will further negatively impact their perception of the brand, potentially leading to further losses. That’s why more than seven in 10 (71%) CMOs believe the biggest impact of a data breach is loss of brand value.
Biden’s cash swiping incident
⚠️ #BidenCash 4 months later, new credit card dump shared by over 1 million users!
i️ These cards are mainly from web skimmer!
🚨 Archive contains: PAN, CVV2, Expiry Date, First Name, Last Name, Shipping Address and Email!
We are analyzing the data and will provide more details later! pic.twitter.com/bR1NuNdeSF
— D3Lab (@D3LabIT) October 7, 2022
In October 2022, the darknet card marketplace BidenCash released full details of more than 1.2 million stolen credit cards for free.
A file containing 1,221,551 credit card information, mostly from within the United States, with expiration dates from 2023 to 2026. The post also contained other details needed to conduct online transactions, including victim names, bank names, social security numbers, email addresses, phone numbers, and addresses.This post is also shared with others Hacking and Carding Forum.
BidenCash has been in operation since June 2022, when it leaked the details of thousands of cards to promote the site.
Since BidenCash was forced to roll out a new URL in September following a series of denial-of-service (DDoS) attacks, the new, wider release of credit card information may also be a way to promote the site’s domain name.
Credit card information may have been stolen by several threat vectors, including malware or hacked e-commerce sites. Additionally, some details in this release may have been salvaged from older releases, including the All World Cards version, which saw details of more than 1 million stolen credit cards posted on a hacking forum in August 2021.