Home Depot Breach: Time to Value of Black Market Cards Changes as Banks and Retailers Improve Detection

Share Button

home depot teaching kids to buildWith the latest retail breach at Home Depot, attention has again turned to credit card black markets, the clearinghouses that sell these stolen cards to the highest bidder. These are no fly-by-night operation. In fact, the largest of these markets have some sophisticated features that any e-commerce site would tout, including:
• integrated Bitcoin funding
• good customer support
• good commerce features

 

 


It appears these new batch of cards are selling for $50-100 each, though we believe those prices are likely to come down faster than in the past, as the window of opportunity to profit from stolen cards has shrunk. This has happened because financial institutions have become smarter about dealing with these attacks.

For example, black market sites used to allow you to 'test' a stolen card, charging a small amount on it before committing to purchase, in order to prove it was a valid card. Since the Target breach, banks have improved their detection methods to look for these kinds of charges (as an indication of likely potential new fraud), so these sites no longer offer this service.

In addition, more banks are monitoring the black markets themselves, either on their own or through services like Easy Solutions provides, as an early warning system for stolen cards.

We expect we'll continue to see these large scale retail breaches continue, as a result of wide open POS devices, combined with the incredible difficulty of discovering a large, sophisticated breach. The hope here though is that banks and retailers are becoming faster to respond, and are improving their detection methods, thereby shortening the window of opportunity for these criminals, and reducing the exposure and hassle to consumers.

Related Posts

Top 5 Banking Trojan Trends of 2018 (So Far) Banking Trojans are a type of malware frequently used to steal sensitive information such as banking credentials.
Customer Success Story: How Scanning the Dark Web Has Changed Elements Financial’s Security Scanning the dark web for stolen credentials isn’t necessarily on the radar of every financial institution – but it should be.

Leave a Reply

Your email address will not be published. Required fields are marked *