With the latest retail breach at Home Depot, attention has again turned to credit card black markets, the clearinghouses that sell these stolen cards to the highest bidder. These are no fly-by-night operation. In fact, the largest of these markets have some sophisticated features that any e-commerce site would tout, including
Integrated Bitcoin funding
Good customer support
Good commerce features
It appears these new batch of cards are selling for $50-100 each, though we believe those prices are likely to come down faster than in the past, as the window of opportunity to profit from stolen cards has shrunk. This has happened because financial institutions have become smarter about dealing with these attacks.
Featured Download: CISO Data Breach Guide
For example, black market sites used to allow you to ‘test’ a stolen card, charging a small amount on it before committing to purchase, in order to prove it was a valid card. Since the Target breach, banks have improved their detection methods to look for these kinds of charges (as an indication of likely potential new fraud), so these sites no longer offer this service.
In addition, more banks are monitoring the black markets themselves, either on their own or through services like Easy Solutions provides, as an early warning system for stolen cards.
We expect we’ll continue to see these large scale retail breaches continue, as a result of wide open POS devices, combined with the incredible difficulty of discovering a large, sophisticated breach. The hope here though is that banks and retailers are becoming faster to respond, and are improving their detection methods, thereby shortening the window of opportunity for these criminals, and reducing the exposure and hassle to consumers.
[wp_ad_camp_4]
By Daniel Ingevaldson, CTO, Easy Solutions
About Easy Solutions
Easy Solutions a security vendor focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds. Our products range from fraud intelligence and secure browsing to multi-factor authentication and transaction anomaly detection, offering a one-stop shop for end-to-end fraud protection. The online activities of over 60 million customers at 220 leading financial services companies, security firms, retailers, airlines and other entities in the US and abroad are protected by Easy Solutions Total Fraud Protection® platform.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.