Scribd
Upload
602 views33 pages

Credit Card Fraud Ecosystem

The document summarizes the underground ecosystem of credit card fraud, including how point-of-sale malware works to steal card data, how stolen data is sold on online forums and shops, and how different actors in the fraud economy like buyers, runners, droppers, and shoppers collaborate to commit fraud. It also discusses trends in supply and demand for stolen cards, challenges in preventing fraud, and potential solutions like chip-and-pin cards and RFID cards.

Uploaded by

Kann Brauche
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
602 views33 pages

Credit Card Fraud Ecosystem

The document summarizes the underground ecosystem of credit card fraud, including how point-of-sale malware works to steal card data, how stolen data is sold on online forums and shops, and how different actors in the fraud economy like buyers, runners, droppers, and shoppers collaborate to commit fraud. It also discusses trends in supply and demand for stolen cards, challenges in preventing fraud, and potential solutions like chip-and-pin cards and RFID cards.

Uploaded by

Kann Brauche
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

The Underground Ecosystem Of

Credit Card Frauds

Abhinav Singh
@abhinavbom
#malwaremustdie
Agenda
• Brief Introduction to Card based Payment Systems.

• POS Malwares and the Data dumps.

• Understanding the Underground Shopping Mall.

• Money flow, Demand & Supply

• Future Scope, Challenges & Solutions


Processing Card Payments
Key Components
POS RAM Scrapping Malware In a Nutshell

RAM

ERTFDFDGF!@DF$#%RTF^TRYRTY^&HYT&^FGFDGFY^T
GTQAQ#@@%B4096654104697113^SINGH/ABHINAV^ RAM Temporarily Stores
0806101273590052100000000000000?
;4096654104697113=08061012735900521000000?#1
12$$&&5yygfrbg*7567 the Unencrypted Data

MAL.EXE Starts Reading the


data in the Primary Memory
M
A
L
Meaningful Data is
Running Processes written on Disk
Dumped Data

%B4096654104697113^SINGH/ABHINAV^
0806101273590052100000000000000?

;4096654104697113=08061012735900521000000?
Inside the Plastic Card

Image source: Blog.cisco.com


Track 1 & 2 Block Diagram

%B4096654104697113^SINGH/ABHINAV^0806101273590052100000000000000?;4096654104697113=08061012735900521000000?
3 Steps to Multi Million Dollar Fraud
• Attack

• Sell

• Shop
The Underground Shopping Mall

• Malware Authors, Phishing Attackers,


Skimmers, Exploiters Etc.

• Forums and Online Shops

• Buyers

• Specialized Services
Malware Authors, Phishing Attackers,
Skimmers, Exploiters

• Financially Motivated.

• Insider threat, 3rd Party IT Service Provider,


Outsider threat

• Background in Payment Processing and


related service development
Forums and Online Shops
Buyers
• Profile ranges from Newbies to Regular and experienced customers.

• Can Buy single CC, Dumps of Fullz.

• Can purchase cards with specific options like Country and City of issue, Card Issuer
Bank, Brand(Visa, Master, Amex etc), Genre(Classic, Platinum, Gold etc)

• Purchase is made using Crypto currencies, wire transfer or money transfer.

• The price of a single card detail would depend on factors like Brand, Genre, expiry date
etc.

• The cost of dump is calculated based on number of CC details it has.

• Fullz can be slightly more expensive than others as it contains more detailed
information about the card owner.
Online
Carding

Buyer
Offline
Carding
Online Carding
• Process of using the stolen credit card details for purchasing
goods online.

• “Fullz” or details including CVV, Registered Address, Phone


etc. is required.

• Finding a “Cardable” Website.


Cardable Website
Offline/In-store Carding
• Generating Counterfeit cards.

• Choose shop/cash-out options.

• Pick up specialized services based on fraud


options.
Generating Counterfeit Cards

•Magnetic Stripe Reader.

•Plastic cards/Expired cards/Counterfeit printed cards.

•Encoder Software.
Generating Counterfeit Cards
Software: MSRE, TheJerm, Exeba etc.
Specialized Services in Fraud
Ecosystem

• Runner

• Dropper

• Shopper
Runners
• Individual or group specializing in ATM cash withdrawals.

• Often generate multiple counterfeit cards for single card to do


multiple withdrawals In a go.

• Have Fake digital wallet, crypto currency, online money


transfer accounts to safely withdraw money from stolen cards.

• Runners are the risk bearers; hence their profit margin is also
high. They usually charge the carder between 40 to 60
percent of the money stolen in a single run.
Droppers
• Serves as the drop point for goods purchased online, thus
securing the identity of the actual buyer

• Works by renting apartments, finding empty houses,


registering PO Boxes on fake IDs.

• Since the Dropper bares a fair amount of risk, his profit


percent varies between 30 to 50 percent.
Shoppers
• Shopper specializes in shopping with the counterfeit cards provide by the
carder.

• The Shopper can be an individual or a group that specializes in conducting


nervousness-free shopping of goods using the fake cards.

• The shoppers also have Fail-safe techniques to doge the payment


supervisor in case the card fails to authenticate.

• Profit cut in the range of 10 to 20 percent.

• The profit margin for Shoppers depends on the type of good the carder
wants them to purchase. Expensive luxury items would require a larger
profit share to be paid to the shopper.
Demand & Supply
• Any new disclosure about POS breach suddenly raises the
demand for fresh CC dumps in the market.

• This leads to a rise in price of new dumps.

• The problem arises when the demand is less and supply is


huge.

• to keep up the momentum, the shop owners and sellers


begin lowering the price of their dumps and cards. This
brings down the market valuation thus creating deficit.
Demand & Supply

Cost Time
(per set of (in months)
100 dumps)

Supply (per 1000 cards) Cost


(per 100 dumps)
Credit Card fraud Ecosystem in a Nutshell
Future Scope, Challenges & Solutions
• Credit card fraud has been around for years now and with time, the
model has grown stronger and better with each passing day.

• The major challenge that this ecosystem faces is double fraud.

• The payment industry has been dealing with this issue seriously but
the problem lies in the widespread reach of card usage.

• Enforcing a global policy is not easy.

• Solutions like EMV or Chip-and-Pin cards and RFID cards exist.


Questions

You might also like