Via InfoWorld -
A new trend has appeared on the cybercrime landscape that makes it seem as if some fraudsters may have a conscience ... or none at all.
According to researchers at Symantec, the security company has observed a growing tendency among cybercriminals to test out their stolen credit card numbers by -- surprise of surprises -- using them to donate money to charities.
While it may seem like the identity thieves are engaging in an uncharacteristic show of kindness, Symantec concludes the obvious, that the criminals have actually identified the process of donating money as a useful test system for checking if their stolen accounts are still up and running, without drawing attention to themselves as quickly as if they used the swiped accounts in other settings.
"In the world of carding, where stolen credit card information is bought and sold, carders need to know if the credit cards they are buying or selling can actually be used," writes Yazan Gable, a researcher in Symantec's Security Response group, in a blog on the company's Web site. "It is sometimes difficult for them to verify this without raising any alarm bells and risking that their cards will be identified as stolen and disabled. As a consequence, a new trend is appearing."
In donating funds to charities online -- notably, the Red Cross -- cybercriminals can verify if their cards are working without raising the same hackles they might if they tried to buy something from an online retailer, as those companies are known to be working closer than ever with banks and card issuers to stop fraud as quickly as possible.
The method may also be useful in evading systems that employ behavior pattern modeling to battle fraud.
No comments:
Post a Comment