Security & Fraud

Hackers Sell 1M Consumers’ Bank Details On Open Internet

A pretty significant criminal enterprise is taking place online, and those behind the operation aren’t being particularly shy about it.

On Saturday (Feb. 13), The Times in the U.K. reported that information from more than 1 million stolen debit and credit cards worldwide — including those belonging to 100,000 Britons — is being sold on the open Internet (rather than on the harder-to-access “Dark Web,” where the fruits of fraudulent activities of similar magnitude are more commonly traded).

For as little as £1.67 (or $2.42), the outlet discovered (and whose investigation was subsequently shared by The Telegraph), the stolen banking details of any one of the million-plus victims can be purchased on a site called Bestvalid.cc, which appears to have been in operation since June 2015.

The Telegraph shares The Times‘ findings that the site puts forth the appearances of a standard online retailer — including features like customer assistance and offering refunds for ineffective products — while selling the personal information of others, such as mother’s maiden name (which the outlet notes is commonly required security information in online banking transactions).

A Times reporter was granted permission from one of the alleged victims of Bestvalid.cc to purchase her stolen information, which the reporter was able to do with bitcoin. In return for payment, the reporter was given a package that included the victim’s debit card number (including its security code and expiration date), mobile phone number and physical address.

The woman commented to the outlet: “I don’t feel like the police are able to protect anyone from online fraud. If they were, these types of sites would not exist in the first place.”

Keith Vaz, chairman of the home affairs select committee, expressed to The Times his shock that the site — which he fears could be funding terrorism and organized crime — was being allowed to conduct its illicit business in such an open manner.

“The National Crime Agency must act immediately to get this site closed. I will be writing to the NCA to bring this issue to their attention,” he commented.

——————————–

Featured PYMNTS Study: 

With eyes on lowering costs to improving cash flow, 85 percent of U.S. firms plan to make real-time payments integral to their operations within three years. However, some firms still feel technical barriers stand in the way. In the January 2020 Making Real-Time Payments A Reality Study, PYMNTS surveyed more than 500 financial executives to examine what it will take to channel RTP interest into real-world adoption. Here’s what we learned.

TRENDING RIGHT NOW