By: Alexandra Gheorghe Posted on 9/25/2014
Everyone feels a nagging sliver of doubt when they hear about high-profile breaches like those of Target, Neiman Marcus or Home Depot. Is my data in the hands of thieves? Is it safely hidden in the sea of stolen data? So what really happens with the millions of stolen credentials?
Obviously, cyber-thieves prefer to target large numbers of users with a single attack rather than go after one at a time – it saves them time and money. They also rarely view data as an end-goal; they often exchange it for other goods or cash.
Where is your credit card data “dumped”?
Trading CVV numbers, PIN numbers and other sensitive data takes place on online marketplaces, communities that act just like reputable ones, with verified dealers, vendors and sellers. Some sites are public and buyers can register for free. Other markets, such as the notorious Silk Road, are in the so-called dark web, which means they don’t show up in Google search results. Through Tor, buyers browse and make illegal purchases anonymously using electronic currencies, without facing the risk of being identified by authorities.
http://www.hotforsecurity.com/wp-content/uploads/2014/09/cards.jpg
Typical of most card shops, the home page features the latest additions of stolen cards, as well as price discounts on older batches of cards. The marketplace is usually organized by the items available for sale, including CVV numbers, passwords, PayPal accounts, hacking tools and premium credit cards. Users can search for cards by city, state and ZIP number. If they don’t find what they’re looking for, they can place an order for a specific set of data.
Just as respectable retailers do, “black markets” have clear terms and conditions, refund and replacement policies. Some sites put it straight: “No money back. We are not a bank.” Others are more flexible: the batches of stolen cards, known as “dumps,” can be replaced within 48 hours if buyers complain the batch doesn’t include valid, active bank accounts. And you don’t have to be a hacker to test it – anyone can pick a CVV from a list and initiate an online purchase.
Full Article here/ http://www.hotforsecurity.com/blog/what-happens-to-your-stolen-credit-card-data-a-glimpse-into-underground-markets-10205.html
What Happens to Your Stolen Credit Card Data? A Glimpse into Underground Markets
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.