[Full-disclosure] Re: [apwg] Graph analysis of stolen credit cards

It makes me feel both happy and very uneasy when Discover Card is not on
the list. Just to clarify, when you say stolen cards, you really mean
stolen card data, correct? In addition, in your analysis of the carder
forums, can you tell if the majority of the card data is obtained by the
carders via phishing and pharming, hackings, or both?

Thanks.
(Embedded image moved to file: pic29711.jpg)



Lance James
<phishing@secures
cience.net> To
"Malicious Activity Awareness &amp;
05/26/2006 12:56 Response Discussions"
AM <general-discussion@xxxxxxxxxxxxx>,
Phish-Net <phish-net@xxxxxxxxx>,
Apwg <apwg@xxxxxxxxxxxxxxxxxxxxx>,
phishing@xxxxxxxxxxxxxxxxx,
bugtraq@xxxxxxxxxxxxxxxxx,
"full-disclosure@xxxxxxxxxxxxxxxxx"
<full-disclosure@xxxxxxxxxxxxxxxxx>
cc

Subject
[apwg] Graph analysis of stolen
credit cards










Hi all,

We took one sample of one carding/phishing forum that our Global
Surveillance Center was monitoring and sampled the set into a graph that
lists the top 10 banks and the losses over the last month. As you can
see, it's obvious who the top credit card companies are out there, but
at the same time, we can see an ever increasing on the top targets but
not necessarily an increase on the lower tiers over the entire three
months, but in the first two we see a significant increase in success
with stolen credit cards in general. In this case, the loss that we
captured (which probably isn't nearly the number captured by this forum)
was a little over 21,000 credit cards.

Thought this might interest some, and if this is interesting, we are
going to be providing a graph of the losses of top targets with malware
in the upcoming weeks.

Attached is the chart.

--
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://securescience.net/home/news/phishingexposed.html
**********************************************
* New IntelliFound Service 2 weeks free *
* Real-Time Identity Surveillance Service *
* https://slam.securescience.com/signup.cgi *
**********************************************

(Embedded image moved to file: pic09317.gif)

Attachment: pic29711.jpg
Description: JPEG image

Attachment: pic09317.gif
Description: GIF image

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: See what I mean?
    ... Current technical attacks seem to mainly focus on faking PIN responses at terminals for stolen cards. ... Most bank fraud is done by phishing atack where the user is tricked into giving away their password and PIN by cunning social engineering. ... This can include ringing you up to tell you your card has been stolen after they steal it and before you notice. ... You will notice that I don't hide my Email address or ISP. ...
    (uk.rec.gardening)
  • RE: Stolen Card Purchases
    ... > - The person or persons using these stolen cards had all the correct ... Just because the credit card thief can pass Address Verification Service ... For more information on this free incident handling, ...
    (Incidents)
  • Re: Northern Rail (Self Service) Ticket Machines
    ... of Hot & Stolen Cards are downloaded to the PDA's every night ... The only info the machine needs to know is the 16-digit card number. ... The amount of data you'd need to download every day would be 165 ... John Band ...
    (uk.railway)
  • Re: The Most Expensive Tap Water In The World
    ... the paradise for those using stolen cards? ... you're not asked for a pin. ... They read the card and have you sign the receipt, while giving you a copy to take with you. ... .....And presumably compare the signed receipt with your signature on the card, before handing it back to you. ...
    (rec.travel.europe)
  • Re: Credit card reform: Read the fine print
    ... card offers. ... » ANNUAL FEES: The free ride is likely to end for many who use their ... assessed annual fees and lose rewards programs, said Kansas City, Mo., ... credit cards currently carry annual fees, ...
    (soc.retirement)