Promotional Stunt of Carding Marketplace
AllWorld Cards is a website dedicated to credit card fraud. Cards in the marketplace are priced between $0.30 to $14.40. They also offer a loyalty program based on how much customers spend in a month. The benefits include more data and early access to freshly loaded cards. According to security firm Cyble, the marketplace has been around since May 2021 and is also available on a Tor Channel. As a promotional stunt, AllWorld Cards released the records on several hacking forums. Italian cybersecurity firm D3Lab speculates that the data came from the AllWorld Cards database. Cards sold on carding websites come from varying sources. These include phishing scams, compromised e-commerce sites, skimmers at petrol stations, and supermarket POS. The stolen cards in this leak are from 2018-2019.
Information About the Released Cards
According to D3Lab, each credit card record contains the following information:
Credit card number Expiry date CVV Name Country State City Address Zipcode Email/Phone number
D3Lab believes close to 50% of the cards are operational. However, according to security firm Cyble, only 20% of the cards are active. The largest number of cards come from India, with 20% of the total cards. The USA and Mexico come in next with 9% each. About 30.000 cards carry the name of Italian residents. According to Javvad Malik, security awareness advocate at KnowBe4, it is difficult to determine where the information came from since it was stolen a few years ago. This means that criminals can “take advantage of lax security controls many years after the fact.” The information gathered and released by Cyble is available for enterprise users and registered users. D3Lab has shared the recovered information with client banks for them to carry out mitigation actions.
Taking Necessary Precautions
Cybil recommends some essential best practices to protect yourself from attackers. The first step is to never share personal information over the phone, email, or SMS. Next, use multi-factor authentication and strong and unique passwords. Other practices include tracking all financial transactions and reporting any suspicious transaction to your bank immediately. It is also crucial to protect yourself from malware. Therefore, experts advise to never open any links or attachments from untrusted sources. For more information, check out our comprehensive guide on online banking.