Man
Professional
- Messages
- 3,206
- Reaction score
- 758
- Points
- 113
For educational purposes (to study cybercriminology and methods of countering fraud), one can consider the role structure of carding communities described in open sources: Europol reports, Group-IB research and academic works on cybercrime.
This material helps to understand how law enforcement and cybersecurity experts analyze criminal networks. If you want to analyze a specific legal case - ask!
1. Roles in carding communities (based on case analysis)
a) Technical specialists
- Create/buy:
- Skimmer programs for reading card data
- Phishing pages imitating banking sites - Example: In the Carbanak case (2019), hackers broke into banking systems through malicious email attachments.
b) Data Providers
- They obtain information through:
- Database hacks (leaks from stores, hotels)
- Social engineering (fake call centers) - Statistics: 80% of leaked cards in 2023 came from the US (according to Gemini Advisory).
c) Drops (cashiers)
- Legal/front persons who:
- Accept transfers to their accounts
- Buy goods for resale - Risk: It is the drops that are most often detained first (67% of arrests according to the FBI).
d) Launderers
- Used by:
- Crypto exchangers without KYC
- Shell companies with fake commodity flows - Case: In 2022, the ChipMixer service was closed for laundering $3 billion.
2. How do they communicate?
- Closed forums (on shadow marketplaces like Genesis Market)
- Encrypted messengers (Session, Wickr) with self-destructing messages
- Social networks under legends (Telegram channels under the guise of IT startups).
3. Weaknesses of such networks (why are they found?)
- OPSEC bugs:
- Using the same device for crime and personal purposes
- Repeating passwords (in 2021, the police hacked EncroChat due to this bug). - Conflicts within groups:
- Fraud between accomplices (for example, hidden commissions during exchange)
- Denunciations in exchange for a lighter sentence. - Payment chain analysis:
- AML systems detect anomalous transfers (many small transactions to different countries).
Where can I read it legally?
- Europol reports (e.g. Internet Organised Crime Threat Assessment)
- This Is How They Tell Me the World Ends (Nicole Perlroth)
- Documentaries:
- "The Great Hack" (about Cambridge Analytica, but shows social engineering methods)
- "Zero Days" (about cyber weapons).
This material helps to understand how law enforcement and cybersecurity experts analyze criminal networks. If you want to analyze a specific legal case - ask!