Stolen credit cards remain a lucrative business for bad actors and this recent report puts thie payment card details theft market at an all-time high.
According to NordVPN, there are about 4 million stolen credit cards available on the Internet and the dark web. 1.6 million of them are in the US.
They analyzed statistical data gathered by independent researchers specializing in cybersecurity incident research from markets where payment card numbers are being sold. Their findings?
On average, each stolen credit card resells for just $10, a meager sum compared to the pain of having to lose your earnings and reporting your card stolen to the bank.
Even more, cybercriminals don’t have to break into a database to steal your credit card number – they can simply guess it.
Using simple brute force attacks, cybercriminals can make thousands of guesses a second, even on the security number on the back (CVV). Since card number formats are standardized, with Visa or Mastercard having the same digits in the beginning on each card, the bad actors have an easier time with the rest of the numbers. Since their software makes guesses en-masse, you don’t have to be targeted directly by a cybercriminal but fall prey to them in a large-scale attack.
According to researchers at Newcastle University, back in 2016 an attack of this type could be carried in as few as 6 seconds.
With hardware and software advancements since, that time could be even shorter now.
So, what can you do to protect yourself against having your credit card stolen?
NordVPN, along with the majority of security experts, insist you enable two-factor authentication on your banking app and cards.
That way, even if your card is stolen and shows up on the dark web for sale, attackers won’t be able to spend your funds unless they have the 2FA code as well. Since that usually comes as a text message on your phone and they don’t have access to it, it will keep you safe from large-scale attacks like this.