The abundance of password breaches in the last two years has helped cybercriminals diversify their products and services by adding a variety of new stolen credentials for sale.
However, the business of credit card fraud is still a thriving operation in the black market where users can trade stolen credit cards, join "carding" tutorials, partake in "carding" services and much more.
In fraudster communities, compromised cards are categorized as the following by the type of data harvested:
CVV2: This is card data compromised through cyber-attacks targeting online transactions or e-commerce, and thus includes CVV2 - the three digits on the back credit cards. The data harvested also includes card numbers, full names, expiration dates and billing addresses.
Dumps: This refers to card data compromised through skimming point of sale machines or ATMs, and includes the credit card dump information that is stored on the magnetic stripe. This data can later be used to clone a physical card using a MSR device and plastic card blanks.
Cybercriminals often advertise their card data in forum posts, fraud groups and chat rooms, and it’s common to see CVV2 data promoted as "freebies" in order to increase their reputation in the fraud community and attract potential buyers.
In order to facilitate trading, fraudsters utilize online stores to buy and sell in bulk, especially because the underground is flooded with compromised data. For the most part, these stores look and feel exactly like legitimate e-commerce sites where buyers can simply add their [stolen] merchandise to a shopping cart and check out.
Another source spreading the sale of stolen data are social media sites. About
When it comes to compromised cards, there is no standard price. Final price varies greatly and is influenced by a range of criteria, including the source from which the card was obtained, the expiration date, card level and available balance, and the issuing country.