Beware Of ‘How To' Guides To The Dark Web

Uploaded on 2019-05-03 in TECHNOLOGY--Hackers, FREE TO VIEW

Cyber-criminals are doing a roaring trade in “how-to” fraud guides for their fellow scammers, although many are out-of-date and incomplete, according to new dark web research from Terbium Labs.

The cyber-intelligence firm analyzed nearly 30,000 of these guides to compile its latest report, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data. These online documents typically include instructions on specific fraud capabilities such as account takeover, phishing, cashing out, doxing, synthetic fraud, account creation and so on.

They could feature instructions, personal notes from the author on their experiences of what works and what doesn’t, social engineering and technical advice, and more. However, while it appears to be an ominously thriving industry, it’s unclear exactly how much value these guides are offering to the typical fraudster.  

According to Terbium Labs, over a quarter (26%) of guides are more than a decade old, and there are more out there from 2010 than 2017 and 2018 combined.

“Any guidance or information from within a few years is bound to still be helpful for criminals looking to get started, but once we get five or 10 years out, the value certainly decreases,” Terbium Labs VP of research, Emily Wilson, told reporters from Infosecurity.

“If buyers think they’re getting the most up-to-date methods in these major fraud collections, they’re going to be surprised and disappointed. These collections represent the information gathered over a couple of decades, rather than a highly curated group of the most recent materials.”

What’s more, three-quarters (75%) of those analyzed were found to be duplicates which have simply been repackaged and resold, at an average of £6 each.

“What we see here is a criminal community gathering information over time, and then doing what vendors do best: repackaging it and reselling it under their own name, looking for a new way to turn a profit,” Wilson continued.

“These guides require little work to gather, and even less work to throw into a zip file and market under your own brand. They’re in business to make money, and what better way to make money than to repackage someone else’s work and pass it off as your own?”

In addition, some 11% of fraud guide purchases the researchers attempted to make on the dark web turned out to be scams, the report revealed.However, despite all the scams and the old and incomplete data found in many guides, the info gathered by the dark web intelligence vendor could still be useful for organizations trying to get inside the fraudster’s head. It could even be used by risk teams to help evaluate current fraud controls and detection services, for example.

Terbium Labs also ran a check on the appearance of personal and financial information in the guides to see what was of greatest interest to fraudsters. Surprisingly, email addresses came out top, ahead of payment card data and other PII, according to the report.

Infosecurity

You Might Also Read:

Hackers Delight: Poor Password Security:

 

 

« Cyber Criminals Are Catching Up With Nation-state Hackers
AI Will Shape The Future 6G Network »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NetMotion Software

NetMotion Software

NetMotion Software specializes in mobile performance management solutions to manage, secure and support the mobile enterprise.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

MNCERT/CC

MNCERT/CC

MNCERT/CC is the national Computer Emergency Response Team for Mongolia.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

bwtech@UMBC

bwtech@UMBC

The bwtech@UMBC Cyber Incubator is an innovative business incubation program that delivers business and technical support to start-up and early-stage cybersecurity/IT products and services companies.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

nsKnox

nsKnox

nsKnox is a fintech-security company, enabling corporations and banks to prevent fraud and ensure compliance in B2B Payments.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

Veriti

Veriti

Veriti is a unified security posture management platform that integrates with your security solutions and proactively identifies and remediates potential risks and misconfigurations.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

Zluri

Zluri

Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management and Identity Governance.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.