Category Archives: CREDIT CARDS

How do hackers get the three security numbers from the back of your credit card >>CVV shops:

man handing over credit card image www.intelagencies.com

Stolen card info, particularly from non-chip cards, is great for making phoney cards for use in stores. But how do crooks spend stolen money online?

A longtime reader recently asked: How do online fraudsters get the 3-digit card verification value (CVV or CVV2) code printed on the back of customer cards if merchants are forbidden from storing this information? The short answer: if not via phishing, probably by installing a web-based keylogger at an online merchant so that all data that customers submit to the site is copied and sent to the attacker’s server.

Kenneth Labelle, a regional director at insurer Burns-Wilcox.com, wrote:

“So, I am trying to figure out how card not present transactions are possible after a breach due to the CVV. If the card information was stolen via the point-of-sale system then the hacker should not have access to the CVV because its not on [the card data]. So how in the world are they committing card not present fraud when they don’t have the CVV number? I don’t understand how that is possible with the CVV code being used in online transactions.”

First off, “dumps” — or credit and debit card accounts that are stolen from hacked point of sale systems via skimmers or malware on cash register systems — retail for about $US20 ($25.80) apiece on average in the cybercrime underground. Each dump can be used to fabricate a new physical clone of the original card, and thieves typically use these counterfeits to buy goods from big box retailers that they can easily resell, or to extract cash at ATMs.

However, when cyber crooks wish to defraud online stores, they don’t use dumps. That’s mainly because online merchants typically require the CVV, and criminal dumps sellers don’t bundle CVVs with their dumps.

Instead, online fraudsters turn to “CVV shops,” shadowy cybercrime stores that sell packages of cardholder data, including customer name, full card number, expiration, CVV2 and postcode. These CVV bundles are far cheaper than dumps — typically between $US2–$US5 apiece — in part because they are useful mainly just for online transactions, but probably also because overall they are more complicated to “cash out”, or make money from them.

The vast majority of the time, this CVV data has been stolen by web-based keyloggers. This is a relatively uncomplicated program that behaves much like a banking trojan does on an infected PC, except it’s designed to steal data from web server applications.

PC trojans like ZeuS, for example, siphon information using two major techniques: snarfing passwords stored in the browser, and conducting “form grabbing” — capturing any data entered into a form field in the browser before it can be encrypted in the web session and sent to whatever site the victim is visiting.

Web-based keyloggers also can do form grabbing, ripping out form data submitted by visitors — including names, addresses, phone numbers, credit card numbers and card verification code — as customers are submitting the data during the online checkout process.

These attacks drive home one immutable point about malware’s role in subverting secure connections: whether resident on a web server or on an end-user computer, if either endpoint is compromised, it’s ‘game over’ for the security of that web session. With PC banking trojans, it’s all about surveillance on the client side pre-encryption, whereas what the bad guys are doing with these website attacks involves sucking down customer data post- or pre-encryption (depending on whether the data was incoming or outgoing).

KrebsOnSecurity

3r5g6yu

www.creditcardseasy.net

www.scamsfakes.com

Henry Sapiecha

Philippines call centre worker stole Australian Citibank customer details for Sydney crime gang, police say

Arrested One of four men arrested for allegedly buying bank customers credit card details from a call centre worker. Photo NSW Police image www.intelagencies.com

Arrested: One of four men arrested for allegedly buying bank customers credit card details from a call centre worker. Photo: NSW Police

An overseas call centre employee allegedly collected banking details of Australian Citibank customers and sold them to a Sydney crime syndicate, which then used the details to defraud the customers of more than $1 million, police say.

Police allege the worker, employed by a firm in the Philippines that carries out customer relations for a number of Australian-based companies, collected banking information, passwords and personal details for the syndicate.

The syndicate then allegedly used the details to make withdrawals and order new credit cards

The alleged identity fraud racket came unstuck last month when police pulled over a car at Beverly Hills, in Sydney’s south, for a random breath test and found a number of allegedly fraudulent documents and other “suspicious items” in the vehicle.
Advertisement

Officers matched details in the documents with frauds against banking customers reported to police by Citibank, sparking an investigation by St George police and the Fraud and Cybercrime Squad.

Four male members of the alleged Sydney syndicate, aged between 23 and 38, were arrested in raids on two homes at Liverpool and West Hoxton on Thursday morning.

They have been charged with multiple fraud offences including using false documents to obtain financial advantage and knowingly dealing with proceeds of crime.

Arrested One of four men arrested for allegedly buying bank customers credit card details from a call centre worker. Photo NSW Police image-2 www.intelagencies.com

“I’d like to congratulate those officers for their initiative in searching the vehicle and linking the items found with the reports made by the financial institution,” St George Local Area Command Superintendent Dave Donohue said.

“Their proactive work has played a critical role in the dismantling of a syndicate targeting unsuspecting banking customers, and has potentially prevented many more potential victims from suffering significant financial loss.”

A spokesman for Citibank said it had worked with police to identify those allegedly responsible and that no customer would be “financially impacted”.

“Citi has identified a limited fraud committed against a small number of customer accounts and immediately reported the matter to the NSW Police Fraud Squad,” a spokesman said.

“We are co-operating fully with the police investigation and are satisfied that all those responsible have been identified.”

Police said inquiries into the call centre and other possible victims were continuing.

The four men will appear in Parramatta Bail Court on Friday.

ooo

Henry Sapiecha