Experts find stolen credit cards on the dark web increased to 76 MILLION at the end of 2019

The number of stolen credit cards for sale on the dark web saw a massive spike in the second half of 2019, it has emerged.

Security experts reported more than 76 million compromised cards were available for purchase in the last six months of the year – three time more than what appeared in the first half.

The team also found that 64 percent of them were linked to US accounts and more than 54 percent were Visa credit cards.

The report suggests that because Americans have multiple cards and more wealth, they are more attractive targets to digital thieves.

US banks and card issuers were also late to adopt EMV technology, which was implemented across the world years before, has also made American citizens more vulnerable.

Scroll down for video 

Security experts reported more than 76 million compromised cards were available for purchase in the last six months of the year – three time more than what appeared in the first half. The team also found that 64 percent of them were linked to US accounts and more than 54 percent were Visa credit cards

The data was uncovered by Sixgill, a cybersecurity intel startup, which wrote: ‘This report analyzed different trends related to underground financial fraud in H2 – 2019, focusing on the 76,230,127 compromised cards that were offered for sale in illegal credit card markets monitored by Sixgill in the deep and dark web.’

‘Compared to the 23,319,701 cards observed for sale in H1-2019, the 3.25X increase underscores the upward trend of cards being offered for sale on the underground.’

The team found that cards originating from the United States were at a much higher rate than any other country.

‘From the 76,230,127 cards that were in circulation on the deep and dark web during H2-2019, 49,190,022 belonged to U.S. accounts (64.5 percent).

Sixgill found four major payment networks were among the 76 million – Visa, Mastercard, American Express and Discover. Visa had 54 percent of the market, followed by Mastercard with 34 percent and American Express and Discover trailed far behind – they had seven percent and two percent

‘There are several possible explanations for this.’

The team explained that US payment issuers offer benefits to customers, such as points or cashback, which results in many Americans having more than one credit card.

And they have higher incomes compared to the rest of the world, making  them attractive targets.

‘American banks and other U.S. card payment issuers were late adopters of EMV technology, which is used in Europe and other parts of the world, the reports also notes as a reason to why most of the compromised cards belong to Americans.

The report suggests that because Americans have multiple cards and more wealth, they are more attractive targets to digital thieves. US banks and card issuers were also late to adopt EMV technology, which was implemented across the world years before, has also made American citizens more vulnerable

‘EMV chips offer a security enhancement against physical carding techniques such as skimming and allow for cards to avoid using the magnetic strip at in person Point of Sales systems.’

Sixgill found four major payment networks were among the 76 million – Visa, Mastercard, American Express and Discover.

Visa had 54 percent of the market, followed by Mastercard with 34 percent and American Express and Discover trailed far behind – they had seven percent and two percent.

What is ‘phishing’ and how do you avoid getting scammed?

Phishing involves cyber-criminals attempting to steal personal information such as online passwords, bank details or money from an unsuspecting victim. 

Very often, the criminal will use an email, phone call or even a fake website pretending to be from a reputable company. 

The criminals can use personal details to complete profiles on a victim which can be sold on the dark web. 

Cyber criminals will use emails in an effort to elicit personal information from victims in order to commit fraud or infect the user’s computer for nefarious purposes 

Some phishing attempts involve criminals sending out infected files in emails in order to take control of a victim’s computer.   

Any from of social media or electronic communication can form part of a phishing attempt. 

Action Fraud warn that you should never assume an incoming message is from a genuine company – especially if it asks for a payment or wants you to log on to an online account. 

Banks and other financial institutions will never email looking for passwords or other sensitive information. 

An effected spam filter should protect from most of the malicious messages, although the user should never call the number at the bottom of a suspicious email or follow their link. 

Experts advise that customers should call the organisation directly to see if the attempted communication was genuine.  

According to Action Fraud: ‘Phishing emails encourage you to visit the bogus websites. 

‘They usually come with an important-sounding excuse for you to act on the email, such as telling you your bank details have been compromised, or claim they’re from a business or agency and you’re entitled to a refund, rebate, reward or discount.

‘The email tells you to follow a link to enter crucial information such as login details, personal information, bank account details or anything else that can be used to defraud you.

‘Alternatively, the phishing email may try to encourage you to download an attachment. The email claims it’s something useful, such as a coupon to be used for a discount, a form to fill in to claim a tax rebate, or a piece of software to add security to your phone or computer. 

‘In reality, it’s a virus that infects your phone or computer with malware, which is designed to steal any personal or banking details you’ve saved or hold your device to ransom to get you to pay a fee.’ 

Source: Action Fraud