The Intelligence Corner

Our experts’ unique discoveries, observations, and opinions on what’s trending today in Business Risk Intelligence and the Deep & Dark Web.

Search results
Posts of Liv Rowley

Latin American “Bineros” Ramping Up Fraudulent Activity

Fraudulent activity among Latin American cybercriminals, known as bineros, continues to plague online streaming services and retailers operating in the region. The source of this death-by-a-thousand-cuts type of fraud is an undetermined issue with the validation of BINs. Bineros operate in Spanish-language (and some Portuguese-language) Latin-American underground communities and focus on the hunt for security […]

Read more

Fraudsters Leverage HTTP Injectors to Steal Internet Access

Threat actors are seeking and exchanging HTTP injectors in order to gain unpaid mobile access to the internet, defrauding service providers and telecommunications companies in the process. Flashpoint analysts have observed widespread chatter pertaining to the use of HTTP injectors, which modify HTTP headers on network requests with malicious code that tricks captive portals into […]

Read more

Inside the Underground Trade of Prescription Drugs

March 22, 2018

Flashpoint analysts have observed a thriving prescription drug trade on both the surface web and the Deep & Dark Web (DDW), with vendors advertising everything from high-risk, controlled substances such as Xanax and OxyContin to more benign medications, such as inhalers and eye drops. Surface-Web Pharmacies Surface-web pharmacies are online stores that sell a variety […]

Read more

Refund Fraud and Fake Receipts Proliferate on the Deep & Dark Web

Recognizing customer satisfaction as a key driver of retention, many retailers have implemented generous refund or replacement policies. Unfortunately, these policies can be susceptible to various forms of merchant abuse. Refund fraud is a pervasive form of merchant abuse in which a threat actor purchases a product from an online store and has it shipped […]

Read more

The Proliferation of Carded Purchases in the Spanish-Language Underground

January 25, 2018

Purchases made with compromised payment card information, known as compras among Spanish-speaking cybercriminals, are a frequent subject of chatter in Spanish-language Deep & Dark Web (DDW) communities. Since late 2015, fraudulent activity related to stolen card information has become increasingly pervasive across the Spanish-language underground, primarily originating from Latin America. Compras vendors can obtain compromised […]

Read more

Cybercriminal Abuse of Rewards Points

November 20, 2017

Cybercriminal interest in stolen data is not solely limited to financial or personally identifiable information. In fact, Flashpoint analysts have observed Deep & Dark Web chatter pertaining to the exploitation of rewards points programs, especially those associated with travel. This chatter aligns with cybercriminals’ interest in fraudulent booking services for hotels, airline tickets, and car […]

Read more

“Ultimate Anonymity Services” Shop Offers Cybercriminals International RDPs

October 24, 2017

Dark Web marketplaces selling access to compromised Remote Desktop Protocol (RDP) servers have become increasingly popular in the cybercriminal ecosystem over the past several years. UAS — which stands for “Ultimate Anonymity Services” — is one such popular cybercriminal RDP shop that has been online since February 16, 2016.  UAS offers SOCKs proxies in addition to over […]

Read more

Fentanyl Sales in the Deep & Dark Web

July 28, 2017

As the U.S. opioid epidemic persists, the drugs that are fueling the crisis have found a customer base in Deep & Dark Web (DDW) marketplaces. Fentanyl, a synthetic opioid more potent than heroin, is one such drug that is being sold in underground marketplaces. Fentanyl is sold in various illicit marketplaces. For years, surface web […]

Read more