Vishing: To Have Your Identity Stolen, Press One

Of all the terms describing identity theft methods, “Vishing” (which stands for “Voice Phishing”) is perhaps the most ambiguous one. A simple Google query for the definition of the term shows just some of its multiple interpretations. But why are fraudsters using this type of attack?

For Fraudsters by Fraudsters: iFrame Traffic Shop Opens for Business

A new iFrame traffic service opened for business to service cybercriminals came from an underground operator who apparently wished to provide his fraudster-buyers with an easy online platform through which they could buy or sell web traffic. Evidently, when used in the context of fraud, one can expect to see junk traffic leading to exploit kit infections, Trojan drive-by download sites, and live phishing pages.

Underground Credit Card Store Operators Aggregate Their Stolen Data

The constant hustle and bustle of underground fraudster markets is a bountiful source for any and all types of fraud commodities and partnerships formed between seemingly anonymous criminals in the virtual world. And yet, one very prominent vertical, if we may, stands far out from the rest—credit card shops and just about everything that has…

Where do Fraudsters Learn About New Attacks? From the Good Guys

Looking to maximize their profits, fraudsters need to do a whole lot of learning. They can either learn techniques of areas they have not focused on thus far, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use. A lot of this learning is done through trial and error. That’s how fraudsters discover vulnerabilities in banks’ processes that allow them to cash out a lot of money with relatively little effort.

Shop Safe on Cyber Monday

So Cyber Monday has arrived, and tens of millions of consumers will be hitting the cyber waves to shop for the best holiday deals around. Most of them will be doing it on company time (myself included, I admit), but hey, my son really wants that video game and I can save 50% today only. But while Cyber Monday is packed with unbelievable deals for holiday shoppers, it is also a time when consumers need to take notice to ensure they don’t fall victim to fraud, and retailers and banks need to be on guard.

Underground Forums Open Official Credit Card Stores

In the short time I’ve been blogging, I’ve written relatively often about automated CC stores. These websites offer fraudsters an automatic way of buying stolen credit cards – simply fund an account with e-currency, choose which type of card you would like, pay and receive the full credential. Their popularity has reached such a fever pitch. Recently, we’ve encountered a new development in the underground in regards to these sites – forums opening “official” stores.

The Value of Free in the Underground Economy

Whenever we present about the underground and mention that fraudsters often post compromised credit cards for free we often get the question “Why would they do that?” Considering that unlike the hacker communities of years past, the underground economy is all about the money (and not bragging rights), this is a very legitimate question. After all, if the fraudsters’ goal is to maximize profit, why would they give away stuff they can otherwise sell? The answer is pretty straightforward.

Ice IX – Zeus v2.0 Derivative Does Not Cut Any Ice

Since the Zeus source code was leaked, one of the predictions security researchers were convinced of was that independent code writers, wishing to enter cybercrime coder’s world, would be glad to do it by using a ready-made baseline. One such code to have surfaced in underground and hacking forums soon after the code leak was Trojan Ice IX. But is it all what it is cracked up to be?