The European Cybercrime Centre has again acted against credit card fraud and is poised to reveal success on a similar scale to its 2020 campaign that prevented €40 million of losses.
Jorge Rosal Cosano, a team leader at the European Cybercrime Centre (EC3), today told CyberCrimeCon 21 – an event convened by threat-hunting and security software company Group-IB – that 2021 has seen an increase in denial-of-service attacks accompanied by ransom demands. Another very 2021 attack is phishing that fakes messages from parcel delivery firms.
Credit card fraud has also persisted, with crims conducting ongoing campaigns to acquire card numbers and use them to make unauthorised purchases. Cosano related how EC3 resolved to reduce the impact of carding by trying to find card numbers before they're used so the Centre can inform banks and victims as soon as possible.
Carders know they need to protect the haul of card numbers obtained from e-shops with shoddy security, so much of the data they store is masked to hide the fact it records credit card numbers. Cosano said Group-IB helped to find masked data.
Sometimes, a popped shop still has unmasked data available for EC3 to view.
- Shocked I am. Shocked to find that underground bank-card-trading forums are full of liars, cheats, small-time grifters
- Russian bloke charged in US with running $20 million stolen card-as-a-service online souk
- Charmin'. Garmin admits customers' full credit card data nicked from South African web store
However the data is obtained, Cosano said this year's campaign has again delivered strong results. 2020's effort saw 90,000 pieces of card data analysed and €40m of losses prevented, and Cosano predicted "We hope to have similar results in coming days.”
Group I-B has already claimed it helped a three-month campaign that avoided €14 million of losses for European banks. ®