Credit and debit card data are time and again sold on the darknet. We spoke to Rolf Nägeli, Head of the Prevention Department, Zurich City Police, about the role the Darknet plays in connection with card fraud.
21.06.2023 –An analysis by NordVPN looked at the data of six million credit cards on the darknet. Over 5,000 of them belong to people in Switzerland. But how do fraudsters get hold of such information?
Usually via phishing attacks. They target their victims with sophisticated phishing emails and ask them to reveal information such as their name, address, birthday, card and CVV number, card expiry date, etc. Although the scam has been around for a long time, card owners regularly fall for it and pass on this private information.
The perpetrators then later offer the data on the darknet. Most attacks take place in English-speaking countries, especially in the USA. But there is also a risk of becoming a victim of card fraud in Switzerland. More details
We spoke to Rolf Nägeli, Head of the Prevention Department, Zurich City Police, about the role the Darknet plays in connection with card fraud.
According to media reports, the credit card data of more than 5,000 Swiss citizens are circulating on the Darknet. What is your experience with stolen data?
The use of stolen data by cybercriminals is undoubtedly a growing problem. It requires both individual users and companies to pay more attention to the security of their data and to implement appropriate security measures to prevent such attacks or minimise their impact.
What do the perpetrators use the stolen data from the Darknet for?
It is important to note that the use of stolen data is not limited to financial aspects. Often, stolen data is also used for other criminal activities, such as social engineering attacks (deceitful tricks that coax you into helping scammers and fraudsters), phishing attempts, blackmail or the sale of sensitive information.
By accessing personal information such as names, addresses, dates of birth and national insurance numbers, cybercriminals can create fake identities or impersonate someone else. These stolen identities can then be used for fraudulent activities such as opening bank accounts, taking out loans, buying goods and services or accessing sensitive information. Victims of identity theft can face significant financial losses and personal stress.
Are the police actively working against card fraudsters on the Darknet and what does this work look like?
It is correct that the police actively pursue cybercriminals and use repressive measures such as prosecution. However, there are challenges in combating perpetrators who operate internationally, especially when they operate from abroad. In such cases, effective and rapid international cooperation and legal assistance is crucial. Unfortunately, this cooperation isn’t always smooth, which makes it difficult to prosecute international cybercriminals.
It is therefore important to take preventive and proactive measures to counteract the phenomenon. Potential victims should be educated about the risks as well as precautionary measures to protect themselves from card fraud and other types of cybercrime.
However, proactive measures in which the police share the data used by perpetrators (such as stolen credit card data or bank accounts used) with the relevant service providers are more effective. This allows the service providers to check the data and, if necessary, freeze the accounts of the perpetrators. It is important to note, though, that in some countries this may present legislative obstacles. The police ordinances or data protection laws of some cantons may not sufficiently take into account or allow the transfer of data to service providers for the purpose of prevention and proactive measures.
It is extremely important to continuously review and update the cooperation between police and service providers to meet the ever-changing challenges of cybercrime. Close cooperation between law enforcement, governments and businesses is crucial to develop and implement effective solutions to combat cybercrime.
How can cardholders protect themselves from card fraud?
- Protect your card information: Never reveal your card number, expiry date, security code or other personal information unless you are on a trusted and secure website or in a store. Be careful when handling your card information and do not share it lightly.
- Ensure secure online shopping: When shopping online, you should only buy from trusted shops with a secure website. Look for the lock symbol in the browser address bar and check whether the URL contains “https” instead of “http”. Use strong and unique passwords for your accounts and use additional security measures such as two-factor authentication where possible.
- Monitor your accounts regularly: Regularly check your bank statements and transfers to spot suspicious activity. Use online banking and mobile apps to monitor your accounts in real time. Report suspicious transactions to your bank or credit card company immediately.
- Update your security software: Make sure you have up-to-date antivirus and security software installed on your computers and mobile devices. Keep your operating systems and applications up-to-date to close security gaps.
- Be wary of phishing attempts: Be alert to phishing emails, text messages or fraudulent calls that try to steal your card information. Never give out personal information unless you are sure the request is legitimate. Be especially careful with links in emails or messages and always check the authenticity of the sender.
- Report suspicious activity: If you suspect that you have become a victim of card fraud, inform your bank or credit card company immediately. The quicker you react, the better they can take action to limit the damage and stop the fraudulent activity.
Get full report on: https://nordvpn.com/research-lab/6-million-stolen-credit-cards-analyzed/