:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/WUPO3UC6TBES7AN5QL4NCPB3LU.jpeg)
Personal data is the “oil of the 21st century”. For this reason, the cybercriminals They look for a way to get them to continue getting money. These also look for ways to steal our credit card data, to buy things without users realizing it until it’s too late.
Cybercrime moves billions of dollars a year. Cybercriminals frequent dark web sites, where they buy and sell vast amounts of stolen data, as well as the tools needed to obtain it. It is estimated that there are as many as 24 billion illegally obtained usernames and passwords currently circulating on such sites and among the most sought after is card data, which scammers buy to commit identity fraud.
In countries that have implemented the chip and PIN system (also known as EMV), it is a challenge to convert this data into cloned cards. That’s why it’s more common to see online attacks targeting cardless transactions. “Fraudsters could use the data to purchase luxury items for later sale, or to purchase gift cards in bulk, which is another popular way to launder ill-gotten funds.. The scale of the card market is difficult to estimate. But the managers of the world’s largest underground store recently walked out after earning an estimated $358 million. commented Camilo Gutiérrez Amaya, head of the ESET Latin America research laboratory.
LOOK: Five uses that you can give to the USB ports of your television if you do not know why they are there
What are the five most common ways cybercriminals use to steal credit card data?
1.Phishing: One of the techniques most used by cybercriminals to steal data. In its simplest form, it is a scam in which the cybercriminal poses as a legitimate entity (for example, a bank, e-commerce provider, or technology company) to trick a user into entering their passwords. personal data or download malware inadvertently. These messages often encourage people to click on a link or open an attachment. Sometimes, they direct the user to a fake page that appears legitimate, where they will be asked to enter personal and financial information. Despite being a well-known form of attack, it reached an all-time high in the first quarter of 2022.
Phishing has evolved giving rise to similar forms of attack. Instead of an email, victims can also receiving a malicious text message (SMS), known as ‘smishing’, where a cybercriminal can impersonate, for example, a package delivery company, a government agency, or another trusted organization. Fraudsters can even call you on the phone, in a form of attack known as ‘vishing’, where they again pretend to be a trusted source with the aim of convincing the individual to share their card details. Smishing doubled in 2021, while vishing also increased.
2.Malware: Different types of malicious code designed to steal information have been developed. Some may record the victim’s keystrokes; for example, while typing card details on a banking or e-commerce site. Cybercriminals place these malware on devices through phishing emails, text messages, or through malicious advertisements. In other cases, a website that receives many visits is compromised and users are expected to enter the site to infect them. Some malicious code is automatically downloaded and installed on the computer as soon as the user visits the compromised site. Information-stealing malware is also often hidden within malicious mobile apps that appear legitimate.
LOOK: What devices help reduce the digital divide in older adults?
3. Web-skimming: Cybercriminals also install malware on checkout pages of legitimate e-commerce sites. These malicious codes are invisible to the user, but steal card details as they are entered. In these cases, according to ESET, they recommend the user to buy from trusted sites and use reputable payment applications, which are probably more secure. Web skimmer detections increased 150% between May and November 2021.
Four. Data breaches: Sometimes, card data is obtained not from users, but directly from companies with which some type of transaction or business is made. It could be from a healthcare provider, an online store, or a travel company. This way of obtaining data is more profitable from the perspective of criminals, because through an attack a large amount of data is gained. On the other hand, with phishing campaigns, although they are attacks that are launched in an automated way, they have to rob individuals one by one.
5. Public Wi-Fi networks: When you’re away from home, it can be tempting to surf the web using public Wi-Fi hotspots – be it in airports, hotels, cafes, and other shared spaces. Even if you have to pay to join the network, it may not be safe if cybercriminals have done the same, as access to a network can be used to spy on third-party data as it is entered.
LOOK: WhatsApp: now you can pixelate the photos you share with these steps
How to fight cybercriminals looking for our credit card data?
LOOK: Cybercriminals would have stolen the data of a billion Chinese to sell them for ten bitcoins
Source: Elcomercio
I have worked as a journalist for over 10 years and have written for various news outlets. I currently work as an author at 24 News Recorder, mostly covering entertainment news. I have a keen interest in the industry and enjoy writing about the latest news and gossip. I am also a member of the National Association of Journalists.
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/IFCFUGC55NHVXPN7A7BCPUE6N4.jpg)
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/2BNQZ53KKFEIJGBAJ4CSEXD4W4.jpg)
