New research from Armor illustrates the evolution and industrialization of fraud and other cyber crimes. While traditional means of monetizing stolen information online persist, Armor’s analysis found new schemes packaging fraud for less sophisticated thieves.
Armor’s Threat Resistance Unit (TRU) research team took inventory on 12 different dark marketplaces under the Black Market umbrella to see what services and information are selling for in today's underground.
Popular core items, such as bank account credentials, credit card numbers, full identity packets, and DDoS and spamming services, continue to do well. But the TRU team also found new offerings this year, including cash for pennies on the dollar, log-in credentials for unhacked Windows servers for use with Remote Desktop Protocol (RDP), and articles of incorporation.
One service spotted for sale is a scheme where a criminal buyer can pay a criminal seller $1000 in Bitcoin and have $10,000 transferred to a bank account of their choice or wired to them via Western Union.
“For those scammers who don’t possess the technical skills and a robust money mule network to monetize online bank account or credit card credentials, this is an offer that can be very attractive,” said Chris Hinkley, head of Armor’s TRU Team. “The threat actors are still selling financial account and credit card credentials outright, but this clever service gives them an additional channel for monetizing the large amounts of financial data available on the underground. Plus, they still reduce their risk because ultimately they are not taking possession of the stolen funds.”
Fraudulent banking and credit card schemes this year include selling articles of incorporation and sole proprietorship papers.
"These documents enable a money mule (a person who transfers illegally acquired money on behalf of or at the direction of another and typically get paid for their services with a small part of the money transferred) to apply for an Employer Identification Number (EIN), which in turn lets them open a business bank account," said report authors in a release on the findings. "A business bank account allows a criminal to move larger amounts of money in and out of the account, making it less likely that the bank’s fraud alerts will be triggered. The money mule bank accounts are so integral to the success of online financial fraud, such as Business Email Compromise (BEC) and payroll attacks, it makes sense that the TRU team would see these items become a staple in the underground."