11-19-2020, 10:36 PM
Double-dipping scammers don't need malware
to grab card numbers and turn a profit
https://www.cyberscoop.com/china-based-e...-advisory/to grab card numbers and turn a profit
Directly stealing your credit card number might no longer be the only way hackers can rob you.
CyberScoop Wrote:A China-based e-commerce scam appears to be harvesting payment information not through direct hacks on companies or using pernicious malware to skim data, but with a simpler approach. The fraudsters set up hundreds of websites that appear to sell legitimate goods, but instead capture card numbers for sale on the dark web.
In addition to vending the card data and other information about shoppers in cybercriminal forums, they also collect money for items that are faulty, counterfeit, or nonexistent.
Tens of thousands of payment records from the U.S. and elsewhere have been exposed.
You know, it's weird to see how easily they can grab your money. There gotta be an explanation on how they successfully hide their funds, right?
CyberScoop Wrote:An operation like this takes some infrastructure, of course. To appear as legitimate merchants while hiding their connections to the larger scam, each of the sites needs a unique merchant name and merchant identification number (MID). Getting an MID “requires either a direct partnership with an acquiring bank or a relationship with a third-party merchant company that works with a dedicated acquiring bank,” Gemini notes, adding that “nearly 200 of the scam sites from the identified group were linked to the Chinese acquiring bank Jilin Jiutai Rural Commercial Bank Co., Ltd.”
But that's not the only way they can pretend to be legitimate businesses.
CyberScoop Wrote:Gemini says there are about 600 associated web addresses, and most of them are registered through China’s ename.net. The fake stores generally use the e-commerce platform OpenCart, because it’s open source — as opposed to a platform like Shopify, which has fraud monitoring and mitigation policies in place. The group also relies on web infrastructure from Cloudflare to hide its IP addresses for all of its sites.
So visiting those sites means they can flood them with malware and you wouldn't notice it in time. Even so they have another method to trick you in no time if you're weak and can be easily tempted by a good offer.
CyberScoop Wrote:The sites use Google Ads and social media advertisement campaigns to attract customers with offers for products at a discount below market deals. The sites’ advertisements almost always indicate that the deals are part of a limited-time sale to pressure potential customers into making a purchase.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE