Stealing, skimming and scams are nothing new in the credit card industry. But a new report by Reason Labs shows new twists to a credit card scam. In 2022, the cybersecurity world is no stranger to phishing attacks, credit card scams, virus distribution, and identity theft. They are ongoing on a daily basis and we have almost reached the point where we think we have seen it all. However, researchers have just uncovered potentially one of the largest fraudulent online credit card schemes active today. This significant and widespread global credit card scheme appears to have been operating since 2019. They estimate it has amassed tens of millions of dollars in fraud from tens of thousands of families and individuals and estimate it is operated by a crime syndicate and found evidence that it originated in Russia. The scam seems to abuse several security brands, such as McAfee and ReasonLabs, to execute fraudulent credit card charges. The infrastructure is built on top of Amazon Web Services and uses GoDaddy to circulate hundreds of domains. The fraudster’s strategy includes operating a massive fake network of dating and adult websites with functional customer support capabilities. Once the sites are live, the scammers coerce payment providers to gain the ability to accept credit card payments. At this point, the fraudsters search the darknet and acquire thousands of stolen credit cards and charge them to their fake website’s services.
This link: IR-22-270-002_CC_Scam.pdf breaks down how this elaborate scheme has been operating in three integral stages and offer possible ways for consumers to protect themselves to combat such schemes in the future.