Beware Of ‘How To' Guides To The Dark Web

Cyber-criminals are doing a roaring trade in “how-to” fraud guides for their fellow scammers, although many are out-of-date and incomplete, according to new dark web research from Terbium Labs.

The cyber-intelligence firm analyzed nearly 30,000 of these guides to compile its latest report, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data. These online documents typically include instructions on specific fraud capabilities such as account takeover, phishing, cashing out, doxing, synthetic fraud, account creation and so on.

They could feature instructions, personal notes from the author on their experiences of what works and what doesn’t, social engineering and technical advice, and more. However, while it appears to be an ominously thriving industry, it’s unclear exactly how much value these guides are offering to the typical fraudster.  

According to Terbium Labs, over a quarter (26%) of guides are more than a decade old, and there are more out there from 2010 than 2017 and 2018 combined.

“Any guidance or information from within a few years is bound to still be helpful for criminals looking to get started, but once we get five or 10 years out, the value certainly decreases,” Terbium Labs VP of research, Emily Wilson, told reporters from Infosecurity.

“If buyers think they’re getting the most up-to-date methods in these major fraud collections, they’re going to be surprised and disappointed. These collections represent the information gathered over a couple of decades, rather than a highly curated group of the most recent materials.”

What’s more, three-quarters (75%) of those analyzed were found to be duplicates which have simply been repackaged and resold, at an average of £6 each.

“What we see here is a criminal community gathering information over time, and then doing what vendors do best: repackaging it and reselling it under their own name, looking for a new way to turn a profit,” Wilson continued.

“These guides require little work to gather, and even less work to throw into a zip file and market under your own brand. They’re in business to make money, and what better way to make money than to repackage someone else’s work and pass it off as your own?”

In addition, some 11% of fraud guide purchases the researchers attempted to make on the dark web turned out to be scams, the report revealed.However, despite all the scams and the old and incomplete data found in many guides, the info gathered by the dark web intelligence vendor could still be useful for organizations trying to get inside the fraudster’s head. It could even be used by risk teams to help evaluate current fraud controls and detection services, for example.

Terbium Labs also ran a check on the appearance of personal and financial information in the guides to see what was of greatest interest to fraudsters. Surprisingly, email addresses came out top, ahead of payment card data and other PII, according to the report.

Infosecurity

You Might Also Read:

Hackers Delight: Poor Password Security:

 

 

« Cyber Criminals Are Catching Up With Nation-state Hackers
AI Will Shape The Future 6G Network »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

Cyberint

Cyberint

Cyberint, the Impactful Intelligence company, fuses open-deep-and darkweb Threat Intelligence with Attack Surface Management to deliver maximum protection from external threats.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Center for Cyber Safety and Education

Center for Cyber Safety and Education

The Center for Cyber Safety and Education works to ensure that people across the globe have a positive and safe experience online through our educational programs, scholarships, and research.

CMMI Institute

CMMI Institute

CMMI Institute enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, data management and cybersecurity.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

GM Security Technologies

GM Security Technologies

GM Security Technologies provides leading managed security services of the highest quality to every type of individual and organization in Puerto Rico, Caribbean and Latin America.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Rhino Security Labs

Rhino Security Labs

Rhino Security Labs is a top penetration testing and security assessment firm, with a focus on cloud pentesting, network pentesting, web application pentesting, and phishing.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

ADL Consulting

ADL Consulting

ADL Consulting provide information security-related consultancy and training support to businesses across the UK. Our services include ISO27001, GDPR, Cyber Essentials and training.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.