Cybercriminals are perfecting the automated systems they use to verify stolen card data by exploiting charitable websites that accept debit and credit card donations. PhishLabs’ research team reported the discovery of a new interactive bot script that enables cybercriminals to automate their card verification processes in a virtually undetectable way.
The bot, which is programmed to automatically log on to online chat channels in search of instant messages containing payment card data, is being used by cybercriminals to share and test stolen card numbers.
Julie Conroy, a financial fraud expert who’s an analyst at the consultancy Aite, says fraudsters’ card testing activity is up across the board, hitting e-commerce retailers at an unprecedented rate. But most retailers have implemented strategies to detect and stop these testing schemes, she says.