Father
Professional
- Messages
- 2,602
- Reaction score
- 761
- Points
- 113
SpyCloud researcher Kayla Cardona found that attackers are actively selling stolen bank card details, including their images, through Meta Threads.
In total, Threat Intelligence SpyCloud specialists identified at least 15 accounts with tens of thousands of subscribers, from where personal and payment data was distributed. Illegal activity went not only through Threads, but also through other services.
They distributed cardholders' full names, full and partial payment card numbers, CVV security codes, expiration dates, PINs, bank identification numbers (BINs), card issuers, as well as owners' identities, mailing addresses, phone numbers, dates of birth, email addresses, and passwords.
This data, as Kayla Cardona noted, is quite enough to make purchases online, but even if it is incomplete, it can easily be used in various kinds of criminal schemes.
Security researcher Aurora Johnson, in a comment for the online edition of The Register, also drew attention to the fact that services for the sale of card details are actively advertised using Meta mechanisms. In particular, she said that she regularly observes such ads on Instagram.
"It does not seem that moderators oppose this practice. Accounts that distribute personal and payment data are valid for weeks and months. At the same time, moderation does not require much effort, and the dissemination of such information can be suppressed automatically, using templates and using optical recognition technologies", said Aurora Johnson.
Aurora Johnson also said that data distributors also collect feedback from consumers, in particular, about the relevance of data.
Aurora Johnson also drew attention to the fact that Telegram is actively blocking similar resources after the policy change at the end of September 2024. According to her, it is those who used to act through Telegram who are actively migrating to Threads.
Source
In total, Threat Intelligence SpyCloud specialists identified at least 15 accounts with tens of thousands of subscribers, from where personal and payment data was distributed. Illegal activity went not only through Threads, but also through other services.
They distributed cardholders' full names, full and partial payment card numbers, CVV security codes, expiration dates, PINs, bank identification numbers (BINs), card issuers, as well as owners' identities, mailing addresses, phone numbers, dates of birth, email addresses, and passwords.
This data, as Kayla Cardona noted, is quite enough to make purchases online, but even if it is incomplete, it can easily be used in various kinds of criminal schemes.
Security researcher Aurora Johnson, in a comment for the online edition of The Register, also drew attention to the fact that services for the sale of card details are actively advertised using Meta mechanisms. In particular, she said that she regularly observes such ads on Instagram.
"It does not seem that moderators oppose this practice. Accounts that distribute personal and payment data are valid for weeks and months. At the same time, moderation does not require much effort, and the dissemination of such information can be suppressed automatically, using templates and using optical recognition technologies", said Aurora Johnson.
Aurora Johnson also said that data distributors also collect feedback from consumers, in particular, about the relevance of data.
Aurora Johnson also drew attention to the fact that Telegram is actively blocking similar resources after the policy change at the end of September 2024. According to her, it is those who used to act through Telegram who are actively migrating to Threads.
Source
