South African credit card details are being sold on the dark web: analyst
The dark web, currently hosting tens of thousands of listings for a variety of illicit goods and services’, has finally come to the attention of the South African market according to Simeon Tassev, Managing Director at Galix Networking.
As a result, South African citizens now have a target on their back with criminals targeting credit card information, databases and Point-of-Sale (PoS) systems carrying this information.
“Whether due to lack of interest or just plain ignorance, some organisations have been ‘slow on the uptake’ when incorporating and implementing the appropriate prevention technology and processes,” he said.
“In today’s cyber-climate organisations should be preparing themselves, instead of acting like the dark web is just another episode of Mr. Robot.”
Is there a target on my back?
Tassev noted that while many people believe that hackers target specific people looking to steal credit information, it was much more likely that these malicious entities were accessing their information, alongside thousand of others, from company databases.
“In this way, once a hacker has access to these card numbers, the hacker can maximise his or her return on investment by selling this information on the dark web and minimise the risk,” said Tassev.
“It is safe to say that hackers (usually) don’t mean it personally when they steal credit card information. The reality is, many if not most payment card breaches hit retail and hospitality businesses.”
“In recent years, these breaches were the result of attackers infecting PoS systems with memory-scraping malware.”
Ignorance is not bliss
Although some aspects of the dark web can be like Google, where one can go and search for a site and buy goods, the dark web primarily uses unknown sites that are available to the public as a host for a portal, said Tassev.
“In saying this, yes, there are business that are able to monitor the dark web,” he said.
However, even though accessing the dark web may not be as hard as it once sounded, nothing can be done once the information has already been loaded – other than cancelling the credit card, he noted.
“Organisations need to stay up to date with the latest fraud scams including the theft of customer credit card details that are sold on the dark web.”
“Attacks on businesses are becoming an increasing problem in South Africa, and no one can claim to know the future.”
Read: SA businesses aren’t obligated to tell you if your data has been ransomed
Loading ...