Carders scam spammers

Philching

By John Leyden • Get more from this author

Posted in Spam, 24th May 2006 21:02 GMT

Free whitepaper – Avoiding 7 common mistakes of IT security compliance

Fraudsters who deal in stolen credit card data have devised a means to extract money from sponsors of junk mail campaigns.

Carders have signed up as affiliates to spam campaigns, but instead of sending out junk mail themselves they are using stolen credit card data to make purchases from the sponsors of spam campaigns, such as online pharmacies.

The carders earn a cut of these sales of anything between 40 to 50 per cent, the Washington Post's security blog reports, more than enough to make the scam¹ viable.

But the sponsors of spam campaigns end up losing out because of charge backs generated when fraudulent purchases are identified. Higher incidents of charge-backs result in higher merchant fees while drawing the attention of banks and credit cards sponsors to dubious businesses. Far from benefiting from increased sales, spam sponsors end up losing out. In this way, card fraudsters are scamming the backers of spam.

Spam sponsors are complaining about been ripped off, a factor that allowed net security firm CipherTrust to identify the new ruse during the course of its work monitoring online spam and fraud forums.

"Basically, we're seeing the carders and phishers starting to look for other ways to make money and starting to discuss new methods of making profits from their scams," CipherTrust research scientist Dmitri Alperovitch said. ®

¹ The scam doesn't have a name as yet, but it's surely only a matter of time before it finds a catchy moniker. Philching, pharding and pstinging are among the early suggestions...

Free whitepaper – Vulnerability management buyer's checklist