SIM swapping is a form of identity theft through social engineering, in which an attacker convinces a wireless carrier to port a phone number from the victim’s SIM card to a SIM belonging to the attacker. Once in posession of the victim’s phone number, the attacker can take control of any account that uses an SMS/call to authenticate login or reset passwords, including email, bank accounts, and cryptowallets.
Fowl Play: Threat Actors Also Preparing to Celebrate During Thanksgiving Holiday
As the holiday shopping frenzy officially begins around the Thanksgiving period, many consumers will turn to e-commerce stores to make their purchases. Given the increase in commerce during the holiday period, threat actors will capitalize on this increased spending for their own gain.
The Ultimate Guide To Dark Web Intelligence
What kind of activities are really happening on the Dark Web? How much is myth and how much is real? Organizations from all industries need to understand the importance of monitoring the Dark Web to prevent future threats and attacks that could be costly and tarnish their reputation.
Download our Ultimate Guide To Dark Web Intelligence
Death by a Thousand Clicks
Autoclickers are software that simulates clicking, i.e. user interaction, with a computing device. While they can have legitimate uses, threat actors have found several ways to improve and weaponize them. Sixgill has identified many autoclickers distributed on the underground, including some that employ sophisticated methods to mimic human actions and bypass antivirus software.
Sniffing in the Dark
Credit card sniffers are relatively few lines of malicious code that are injected into payment pages of e-commerce sites. Sniffers copy input credit card information and send it to the attackers’ servers. These attacks are difficult to detect, as sniffers are generally small and stealthy, blending in with legitimate elements of a website. While making a purchase on a reputable site, an e-commerce client can unknowingly be victimized by this type of attack.
Underground Financial Fraud: H1 – 2019
The criminal cyber-underground has long been fertile ground for financial fraud. With increasing overall activity in underground forums and the global transition to economies based on payment cards, malicious activity targeting compromised credit cards is as rampant as ever.
In the first six months of 2019, 23,319,701 compromised credit cards were offered for sale in the underground deep and dark web stolen credit card markets monitored by Sixgill.
Sixgill White Paper: Prioritizing CVEs: A New Approach to an Old Problem
CVEs (Common Vulnerabilities and Exposures) are lists of publicly available vulnerabilities and exposures related to software and hardware. Their purpose is to facilitate the sharing of data and to alert users of required actions to mitigate potential threats in the cyber world.
Nowadays, CVE identification and prioritization have become a prominent part of every vulnerability management tool, and an integral component in any risk assessment.
Test Before You Buy: Credit Card Checkers
Cybercriminals dedicated to the practice of carding have proven their resiliency over the years, developing new techniques to successfully circumvent the continuously evolving anti-fraud measures deployed by the financial and retail industries, and adapting many of the old techniques they employ. With the introduction of EMV card technology in 2015, the United States witnessed a decrease in fraud rates for card-present transactions. Nevertheless, the business of online carding has remained as relevant as ever. Credit card checking tools have remained a key element in sustaining high success rates of online carding.
CARDING AND THE DIGITAL GAMING INDUSTRY
The Digital gaming industry grossed over $100 billion in 2017. With more than 125 million players and revenues of over 300 million dollars every month, the online multiplayer game “Fortnite” has rocketed to the top of the online gaming industry, surpassing established giants like “World of Warcraft” and “Minecraft”. Fortnite’s format and popularity have drawn the attention of cyber criminals, and resulted in a thriving criminal eco-system around the game.