A recent study by Digital Shadows, a digital risk management company, is shedding light on the sophistication and growing complexity of cyber criminal organizations, especially as they pertain to the world’s financial conglomerates.
The research has revealed an educational network where would-be cyber thieves pay tuition to learn how to hack into financial accounts. A Russian-language program is available that lasts six weeks and offers twenty lectures. There are a total of five instructors who train enrolled students how to acquire credit card numbers from all over the world.
The course includes webinars and detailed notes. The cost is roughly $950. This tuition fee is quite small compared to the very lucrative market the students plan to pursue, which is estimated at $24 billion annually.
Another digital advisory firm, Javelin Strategy & Research, says that while point-of-sale (POS) credit card fraud is on the decline, card-not-present (CNP) scams are on the rise, and will continue to increase. Javelin calculates that CNP schemes will total $19 billion by 2018. The research company also predicts that account takeovers and new account scams will increase in the future.
Javelin believes the transition to chip-enabled cards will make POS fraud less common. The EMV technology makes any information accessed from hacked terminals unusable for future transactions. Merchants that haven’t switched to chip-enabled machines could still be a target for thieves, however.
When cyber criminals access credit card data, they usually don’t use it, according to Digital Shadows. Instead, they sell it on the dark web, the place on the Internet where much criminal activity takes place. Here, credit card numbers are literally for sale. A recent investigation by Digital Shadows found 1.2 million card numbers (with cardmember details) on two card forums. The average asking price was just $6 each.
Prices for stolen cards do vary depending on a number of factors. The cheapest cards are the ones that require more authentication for a transaction to complete. Usually, this is the all-important PIN, which requires more time and work to discover if it’s not included with the card number.
Although the cyber gangs look rather daunting, Digital Shadows believes consumers can protect themselves and their financial lives by taking a few simple precautions. In particular, the company recommends the following strategies to maintain a fraud-free plastic lifestyle:
• Be choosey about whom you shop with. Buy from trusted retailers and pay attention to the news to learn more about what specific companies are doing to protect your information. When buying a product or service from a new merchant in cyberspace, Digital Shadows recommends using 3-D Secure, a technology that adds a second layer of safety to on-line transactions.
• Check your statements regularly. Go over your financial statements every month and identify any transactions you’re not familiar with. Alert your bank to unrecognized purchases, including ones for trivial amounts.
• Safeguard your Personal Identification Number. Don’t share your PIN, even with someone claiming to work for the financial institution that issued your card. Don’t send your PIN through e-mail, either.
• Be cautious when booking hotels and travel reservations. Cyber criminals have frequently targeted this industry. Use a reputable travel agent when making reservations. In a survey conducted by the American Hotel & Lodging Association, 6% of travelers had booked a room on a fraudulent website. Make sure the site you’re using has a secure connection (it will have the letter ‘s’ in the https).
Also remember to monitor your credit reports frequently and alert the banks and credit bureaus to any suspicious activity. You can freeze all three major reports if fraudulent accounts are being opened in your name. Moreover, there are a variety of credit monitoring services, which for a monthly fee, will help you keep track of your financial accounts and combat the crime syndicates that are trying to capture them.