Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

Inside the Underground Trade of Prescription Drugs

March 22, 2018

Flashpoint analysts have observed a thriving prescription drug trade on both the surface web and the Deep & Dark Web (DDW), with vendors advertising everything from high-risk, controlled substances such as Xanax and OxyContin to more benign medications, such as inhalers and eye drops. Surface-Web Pharmacies Surface-web pharmacies are online stores that sell a variety […]

Read more

Reddit in Cat-and-Mouse Game with Fraud-Related Accounts, Subreddits

Once authorities shut down the AlphaBay market last July, fraudsters went scurrying elsewhere to advertise the sale of illicit and dangerous goods, personally identifiable information (PII), stolen banking credentials, and to connect with other vendors and customers. Reddit is one surface-web avenue abused by criminals once the extensive Deep & Dark Web (DDW) marketplace went […]

Read more

Refund Fraud and Fake Receipts Proliferate on the Deep & Dark Web

Recognizing customer satisfaction as a key driver of retention, many retailers have implemented generous refund or replacement policies. Unfortunately, these policies can be susceptible to various forms of merchant abuse. Refund fraud is a pervasive form of merchant abuse in which a threat actor purchases a product from an online store and has it shipped […]

Read more

SDA Protocol Payment Cards Remain a Target for Cybercriminals

Despite the heralded security of chip-and-PIN payment cards that follow the EMV (Europay, Mastercard and Visa) standard, some EMV cards are still undermined by the continued use of the static data authentication (SDA) protocol. SDA is one of three protocols that can be used to authenticate transactions, along with dynamic data authentication (DDA) and combined […]

Read more

Assessing Threats to the Pyeongchang 2018 Winter Olympics

Olympic events are high-budget, high-profile convergences of elite athletes and global media organizations that tend to carry inherently geopolitical undertones. As such, they can be seen as appealing targets for various cyber and physical adversaries motivated by financial or political gain. The 2018 Winter Olympics in Pyeongchang, South Korea are no exception, with the precarious […]

Read more

Tax Season is Prime Time for Business Email Compromise

February 15, 2018

Business Email Compromise (BEC) is somewhere north of a $5 billion annual global criminal enterprise, according to the FBI’s Internet Crime Complaint Center (IC3), dwarfing most other threats in terms of dollar losses, including ransomware and prolific banking malware such as GameOver Zeus. And right now, we’re in one of the criminals’ most lucrative periods […]

Read more

Targeted Attacks Against South Korean Entities May Have Been as Early as November 2017

On January 31, 2018, KrCERT/CC, the Republic of Korea’s (South Korea) Computer Emergency Response Team, released a notice regarding an Adobe Flash vulnerability, designated CVE-2018-4878. The notice stated that this zero-day vulnerability affects all versions of Adobe Flash Player ActiveX up to 28.0.0.137, which Adobe released on January 9, 2018. KrCERT/CC recommended uninstalling Flash Player […]

Read more

The Many Faces of Cryptocurrency

January 29, 2018

While it may be a bit harsh to label it the currency of crime, Bitcoin and its dozens of cryptocash cousins certainly have an underworld appeal. Profit-motivated cybercriminals are drawn to its decentralized nature and the anonymity that it affords. Cryptocurrency also simplifies cashing out for the bad guys, and the potential for extortion through […]

Read more

The Proliferation of Carded Purchases in the Spanish-Language Underground

January 25, 2018

Purchases made with compromised payment card information, known as compras among Spanish-speaking cybercriminals, are a frequent subject of chatter in Spanish-language Deep & Dark Web (DDW) communities. Since late 2015, fraudulent activity related to stolen card information has become increasingly pervasive across the Spanish-language underground, primarily originating from Latin America. Compras vendors can obtain compromised […]

Read more