Data Breach Threats

Decoding Credit Card Fraud on the Dark Web

Decoding Credit Card Fraud on the Dark Web

Credit card fraud has become a global pandemic in recent years. According to the Nilson Report, the cost of credit card fraud worldwide in 2024 stands at a staggering $35.79 billion , and it is projected to eclipse over $40 billion by 2026. Have you ever wondered where these massive volumes of credit card details are traded and exchanged?

The dark web, shrouded in anonymity and lacking regulation, serves as a breeding ground for criminal activity. Just in the last 3 months millions of unique credit card credentials have circulated across the deep and dark web.

Join us as we break down and discover the methodologies of card fraud using our dark web monitoring tool, Lunar.

The chart shows a rising number of credit cards being shared on the deep and dark web over the last few months, shown on Lunar
The chart shows a rising number of credit cards being shared on the deep and dark web over the last few months, shown on Lunar

In the following table you can see the number of leaked credit cards per company in the first quarter of 2024:

CompanyNo. of Leaked Credit Cards
Visa2,429,934
Mastercard2,406,221
American Express532,755

What type of stolen credit card information is traded on the deep and dark web

Credit Card Details

Full or partial credit card details, also known on the dark web as CVVs and CCs. These listings can include information such as the BIN number, credit card number, expiration date, and CVV number.

 In addition to just selling credit card details, some threat actors offer a “complete package” often referred to as “Fullz”. Fullz includes full personal details as well as financial details such as bank account details or social security numbers, which can be used for a full account takeover or identity theft.

A fullz information package being shared on the Pro Crax carding forum, found on Lunar.
A fullz information package being shared on the Pro Crax carding forum, found on Lunar.

Dumps – magnetic stripe data

This category, known as Dumps on the dark web, encompasses the raw magnetic strip data of credit cards. It includes critical information such as the bank account number, account balance, service code, PIN code, and card verification code. These details are primarily sought for physical use, enabling activities such as cash withdrawals from ATMs.

A member of a carding forum providing a guide for converting "Dumps" data into a usable fake card
A member of a carding forum providing a guide for converting “Dumps” data into a usable fake card

Credit card and BIN (Bank Identification Number) checkers

Alongside the trade of credit card data on the dark web, complimentary tools named checkers are often offered and sold on the dark web. Checkers are tools used by individuals and organizations to verify the validity and authenticity of credit card information and are used by threat actors to check the illicit information they purchase.

An example of checkers taken from Cracked
Example of checkers taken from Cracked

This stolen information is exploited by threat actors for financial gain through unauthorized charges, account takeover, and identity theft. The resulting financial loss is tremendous not only for the individual victim but also for the financial provider and any involved organizations. 

Where is credit card theft taking place on the deep and dark web?

This stolen data is readily available across various platforms on the dark web:

Credit Card Shops

Card Shops are a type of dark web marketplace that hosts the trade of credit cards and other stolen financial information. These platforms serve as hubs for cybercriminals to easily buy and sell compromised payment card details, including credit card numbers, CVV codes, expiry dates, and cardholder information.

Listings of stolen credit cards found on popular carding shop Brian's Club.
Listings of stolen credit cards found on popular carding shop Brian’s Club

Carding forums

Unlike carding shops, which primarily focus on the trade of information, carding forums serve a broader purpose within the cybercriminal community. On these forums, actors will often share techniques, hacking tools, strategies, and resources for conducting fraudulent activities.

A section in the carding forum BidenCash focusing on carding guides and assistance
A section in the carding forum BidenCash focusing on carding guides and assistance

Telegram carding groups

Leaking credit card credentials has become a very common phenomenon on chat applications, particularly Telegram. In fact, the overwhelming majority of leaked credit cards in past months originate from Telegram channels. Carding groups and channels reach up to tens of thousands of members, as they are easy to navigate and readily accessible. This makes these groups a growing threat.

Member of a Telegram carding group sharing credit card details including the full number, expiry date, CVV, issuer, and country.
Member of a Telegram carding group sharing credit card details including the full number, expiry date, CVV, issuer, and country

Taking back control: Protecting your business

In the ever-evolving landscape of cyber threats, businesses face not only financial losses but also significant reputational damage when targeted by fraud actors on the dark web. Monitoring the deep and dark web becomes imperative for proactive defense against such threats. Lunar, our dark web monitoring tool is designed to empower individuals and businesses in this battle against cybercrime. With features like real-time alerts, data breach monitoring, and comprehensive dark web post monitoring, Lunar helps organizations stay ahead of deep and dark web threats in an increasingly hostile digital environment.

Spread the News

Not subscribed to our Dark Web Pulse updates?

By submitting you agree to Webz.io's Privacy Policy and further marketing communications.

Feed Your Machines the Data They Need

Feed Your Machines the Data They Need

GET STARTED
Join our webinar to learn how transparent risk scores can speed up your incident response

Expose Hidden Risks to Your Domain

Uncover dark web threats with Lunar, the next gen dark web intel platform

Subscribe to our newsletter for more news and updates!

Ready to Explore Web Data at Scale?

Speak with a data expert to learn more about Webz.io’s solutions
Create your API account and get instant access to millions of web sources