If you’ve ever wondered where your stolen credit card turns up, a cybersecurity firm is offering hard proof, according to a recent article published in www.news.com.au/.
During the holiday season, cybercriminals turn to e-skimming, Greg Foss, Senior Cybersecurity Strategist at VMware Carbon Black, told Fox News.
A screenshot from the Russian Market, a forum that specialises in carding and related services.
“Magecart is one of the most prominent [criminal] groups behind this activity [to] siphon off sensitive card data,” Mr Foss said.
Recently, Magecart has been impersonating legitimate payment applications using homoglyph attacks – for instance, creating a website “g00gle.com” instead of google.com – which fools victims into visiting the malicious site, Mr Foss explained.
The endgame for cybercriminals is peddling stolen credit cards that go for an average rate of $10 to $20 per card on the dark web, according to Mr Foss. PayPal accounts sell for $2 to $10 per account, with accounts holding more money costing even more.
The stolen credit card data is typically offered in a shopping cart format, where the “buyer” can check off which credit cards they want to purchase based on a menu of available credentials.