What is the carding money transfer and how to protect yourself from hacking?

The volume of the carding money transfer for 2021 increased by 116% compared to the previous year: criminals are finding new ways to access other people's money. What is this type of fraud and how not to become its victim?

1.What is carding?

Carding money transfer is a type of fraud in which hackers perform an operation using a payment card without the participation of its owner.

One way to access the card is to hack into an online store where users make online purchases. In this case, nothing depends on the victim - she can comply with all security measures, and information about the bank card will still be in the hands of intruders, and they will be able to withdraw money from her. One such hacker group infected 571 sites between 2017 and 2020. Fraudsters were detained in 2021.

Money transfer carding method appeared along with the beginning of e-commerce in the 1990s. Then online stores did not wait for scammers and rejoiced at every purchase made in their new niche. That's what the carders used. They created maps of non-existent people with the help of special generators and paid for purchases with them. Online stores willingly accepted them. The deception was discovered only at the end of the month, when stores asked banks for transfers to pay for goods. Then it became clear that in these cases non-existent cards were used, and the store did not receive money.

When buying online, the transaction is carried out using special gateways of banks in a secure mode, if the site works over the HTTPS protocol. And yet, in 2020, according to research firm Aite Group, only U.S. banks suffered losses from carding ria money transfer worth about $ 11 billion.

2. What is carding like?

According to the mechanics of hacking, carding ria money transfer is of two types: attack with physical access to the card or ATM; remote attack.

In the first case, a skimming device is used or bank employees participate. Skimming is the theft of card data using a miniature device attached to an ATM.

According to the European Association for Secure Transactions (EAST), the number of attacks with physical access to cards in Europe is decreasing. This is explained by the change in the culture of using cards and ATMs. Most often, attacks with physical access to a card or ATM involved employees of companies with access to the terminal. Now they bring it to the customer in not pick up the card.

The level of atm security system has increased - they are put physical and electronic means of protection to detect skimmers. All this contributed to the reduction of fraud with physical access to an ATM or card.

However, fraudsters are also improving technology. EAST reports that the number of ATM malware and logic attacks on ATMs has increased dramatically.

The most dangerous attacks of the BlackBox class are that a miniature computer connects to the ATM via wire and forces it to give out all the available money. The number of attacks of this type is growing. EAST experts counted 35 such attacks in the first half of 2019. In the first half of 2020, there were already 129 of them. Losses from this type of attack rose from less than €1,000 ($1,200) in the first half of 2019 to more than €1 million ($1.2 million) in 2020.

The problem is that ATM manufacturers consider the losses from this type of hacking to be less significant than the cost of modifying the software. As a result, modern ATMs are practically not protected from the threat of BlackBox.

In the case of a remote attack, you can get card data in any way. It is enough to have a card number, a service termination date and a three-digit CVV code. They can be stolen in any way - finding lost plastic, capturing them in the picture, phishing (the user goes to a fake site and himself indicates them, thinking that he is buying a product or service).

However, according to the ultimate goal, remote attacks on bank accounts can be divided into two types:

Hacking the site with the ability to pay for goods or services;
User hacking.

In the first case, web skimming is used. Attacks of this type are carried out using Magecart software (the first attacks with such mechanics were aimed at online stores that used Magento software). In 2018, 380,000 card details were stolen from British Airways using this type of attack. Map data from her site was successfully collected over a period of three weeks.

Web skimming is gaining popularity. Many attackers turned to him amid the pandemic, when the number of purchases on the Internet has increased dramatically.

Web skimming is used to hack websites, usually using malicious JavaScript code. Stores built on Magento are still the main target of hackers, but attacks of this type are dangerous for any website where an attacker can access JavaScript code.

Banking Trojans are used to attack the card user. They infect users' computers and smartphones, then infiltrate a web browser to steal passwords, credit card numbers, and any other sensitive information that is entered on any of the target websites.

3. What do carders do with data?

According to the ultimate goal, carding is divided into two types: sale on the darknet; cashing out savings.

The stolen information allows you to create a "digital twin" of the victim. This allows the criminal to withdraw money while maintaining anonymity. Card data is sold on darknet forums or specialized carder sites.

See also: What is the darknet and why our data is sold there

You can purchase data in bulk or request a specific card. In the second case, the price will be lower. The cost of the card depends on how much money is stored on it - the more, the more expensive.

4. How do carders work?

According to the report Hi-Tech Crime Trends 2020/2021, the volume of the carding market for 2020 increased by 116% compared to the previous year - from $ 880 million to $ 1.9 billion. The number of text data offered for sale increased by 133% - from 12.5 to 28.3 million cards, and dumps by 126% - from 31.2 to 70.4 million.

The largest case of carding was reported in 2007. Hacker Albert Gonzalez obtained information about more than 135 million credit and debit cards of customers of the American technology and payment processing provider Heartland Payment Systems, retail stores 7-Eleven and Hannaford Brothers, as well as two unidentified companies.

After receiving the data, he put them up for sale on his own carder exchange Shadowcrew. Other attackers could buy them for subsequent fraudulent actions. Gonzalez received 20 years in prison.

See also: Ten of the most high-profile hacker attacks of the XXI century.

Another well-known attack was on the Royal Bank of Scotland's WorldPay payment system in 2008. A group of hackers led by Russian Viktor Pleshchuk withdrew more than $ 9 million from 2 thousand ATMs in 280 cities around the world. The attack took place in less than 12 hours. The identity of the attackers was established only a year later.

In 2012, information about 40 million cards was stolen as a result of a hack by the manufacturer of software for processing files Adobe Systems. According to the head of security, the information included customer names, encrypted payment card numbers, expiration dates and order information.

5. What does carding mean?

Clothing money transfer carding method of cashing money out of hacked bank accounts. Carder buys goods, gift certificates, subscriptions and services using other people's bank details. To do this, fraudsters only need a card number, date and three-digit code (CVC). In some cases, you may need the owner's name, address, and phone number. The more information is known about the victim, the easier it is for the attacker to work.

After the goods have arrived at the specified address, fraudsters either send it to buyers, who pay, on average, 30% of its full value, or send it through shipping points (official sites that have nothing to do with fraudulent activities) to addresses to which they usually have access. Resell such goods on trading floors (Amazon, Ebay, Avito, Yula) or in social media groups.

6.How not to become a victim of carding?

Use antiviruses. To steal your credit card number using malicious software, the victim needs to be forced to download it. The virus may be in a ZIP archive. Antiviruses for the computer in most cases automatically detect the Trojan and block its installation;
Keep your device software up to date. Updates increase the level of its protection from hacking;
Recognize phishing. Do not follow links or download attachments from unknown sources;
Turn on notifications from mobile banks. They allow you to identify fraudulent payments. You will receive a message every time your card has been used for an online purchase. The faster you detect a hack, the higher the chance of saving money.

Comments 0

Leave a comment

Cancel reply

Login to leave a comment