Earlier today, the External Threat Assessment Team at Secure Science Corp. emailed an image taken from a Phishing/Carding group website. The question is, what is this image for or what purpose does it serve?
Because these groups are comprised of people who engage in fraud, and break laws, often the biggest obstacle to them cooperating with each other is the fact no one trusts the other.
This image is apparently used to confirm and advertise this groups abilities to people who might work with them and prove they are capable of conducting fraud — it’s a kind of "show me the money" amongst criminals.
Here is a quick Q&A explaining more details about the image:
jono2u: Regarding the image with all the hundred dollar bills, where did you obtain it?
SSC: [URL to carding group removed] Editor’s Note: This site also contains BIN to Bank numbers so the carders know what card goes with what bank and other suspicious/stolen data.
jono2u: What is the primary type of criminal activity is this group engaged in?
SSC: e-Bay and miscellaneous online bank phishing, Carding and cashing out.
jono2u: Do you have any idea how this group is transferring/dropping/moving this money around? How does it get from a victim to them?
SSC: They use Western Union for picking up the cash, and utilize fake merchant accounts to authorize and spend on the cards. Money mules help them transfer money to Western Union from bank accounts they transfer to.
If you are interested in the technical details on Phishing attacks, take a look at the book written by Secure Science’s lead researcher: Phishing Exposed
All well and good and ZA recognizes phishing and reports it/stops it.
However, you stopped me from forwarding a phishing email for Fifth Third bank to the security/fraud desk at 53.
(You didn’t stop me from opening the email in question and I didn’t try to click on any of the links…. but how am I to notify 53 that their customers are under attack?)
Phishing Exposed is a great artcile. As hard as it can be to comprehend that people fall for these Phishers, they do and consumers need to be protected.
re: [URL to carding group removed]
“You cannot see this” mentality will just encourage people to seek out your ‘self censoring’. Almight Evil Google to the rescue!
P.S. that money is moved around with e-gold