Dark Web Experts: ID Fraudsters Unaffected by Police Efforts

Dark Web Experts: ID Fraudsters Unaffected by Police Efforts

Identity fraudsters are getting smarter, more organized and harder to track down, despite two major dark web takedowns last year, according to an online intelligence vendor.

Terbium Labs uses its flagship Matchlight technology to scour the dark web for sensitive data that may have been stolen from its clients. Its work in doing so has also revealed some interesting trends in cybercrime on the non-indexed web.

AlphaBay and Hansa were thought to be two of the largest dark web marketplaces in the world, facilitating the trade of over 350,000 illicit commodities including drugs, firearms and malware.

However, despite the fanfare that greeted their demise at the hands of global law enforcers, these efforts have only disrupted drug dealers and others who populated these forums.

There has been little impact on carding and identity theft communities, according to Munish Walther-Puri, Terbium Labs’ chief research officer.

“These communities often operate in their own venues on the dark web; they persist and innovate despite the upheaval in the broader ecosystem,” he explained.

“Fraudsters go to numerous boutique markets to buy and sell stolen data, so it is harder to get insight into what this underground economy looks like by simply looking at one or two markets. You have to look across a broad range of forums and markets, which is what we do.”

The fraudster community is actually expanding and sharing information on an ever-growing scale, such as via online guides which detail how to target specific types of organization and circumvent anti-fraud filters.

One group has been monitoring banks and targeting those that have failed to update their security policies, the firm explained.

Anti-fraud service provider ThreatMetrix claimed global fraud has soared 100% over the past two years to reach 700 million attempts in 2017 alone.

The rise is being fueled by the deluge of breached data on the dark web and the use of automated bots to test stolen identities, hijack accounts and open new ones. The firm blocked 1.5 billion bot attacks in 2017.

Source: Information Security Magazine