What better way to promote a business than a giveaway, right? Well, it seems some criminals think just that way, as a group that recently set up a new underground website for stolen credit cards just started promoting a giveaway of a million cards.
As reported by BleepingComputer, the group behind the newly set up AllWorldCards website took to multiple forums to promote their new “business”. In these promo posts, the group said all the card details were stolen between 2018 and 2019.
They also said they randomly sampled 98 cards and found that more than a quarter (27%) were still active. Security experts D3Labs, BleepingComputer further found, claim roughly half of all cards are still active.
- Here’s our list of the best password managers right now
- We’ve built a list of the best security keys on the market
- Check out our list of the best identity theft protection available
"At present, the feedback returned to our analysis team is still limited, but they are showing an incidence close to 50% of cards still operational, not yet identified as compromised." reported D3Lab in a blog post about the leak.
It was also said that the leak contains all the data needed to make a purchase online: credit card numbers, expiration dates, CVVs, names, countries, states, cities, addresses, zip codes, and email and phone numbers.
Criminals usually use stolen credit cards to purchase gift cards, as those are quite hard to trace - and although yet unconfirmed, it seems that the State Bank of India has the highest number of compromised cards, followed by JPMorgan Chase Bank, BBVA Bancomer, the Toronto-Dominion Bank and the Poste Italiane.
The AllWorldCards site has more than two million credit cards on sale, with most of them costing between $3 and $5. The cheapest cards on the site cost $0.30, while the most expensive ones are $14.40. At the moment, there are more than two million cards for sale on the site, with the majority (more than a million) being from US banks.
- Here’s our rundown of the best data loss prevention services out there
Via: Bleeping Computer
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.