Step right up! Credit card details for sale!
In the middle of dinner with friends on the weekend, my phone made the "ker-ching" sound. That’s the sound for when I make a payment. Thinking it was odd, I checked my banking app. An ATM withdrawal in Aruba had been declined.
I froze my card straight away. Another ATM withdrawal was attempted and declined. Then the fraudster tried to go out on the town and use my card to get into a club.
I was really confused. My card was in my possession, so how could someone in the ABC islands have its details? Where could they have got hold of it?
Probably the dark web. According to an article in The Guardian from 2015, UK credit card details were being offered for sale in bundles of 100 for $150 a pop, provided payment was made in Bitcoin. The site, which was registered in Russia, also offered PayPal accounts as well as counterfeit notes.
What is this strange place in which credit card numbers are sold in job lots?
File sharing (29%) and leaked data (28%) are the most popular dark web activities
The Dark Web report by Equifax earlier this month offered a helpful image that equated the web to an iceberg with the deep web under water and the dark web at the very lowest point. Financial fraud was reported to be the third most popular activity on the dark web, with 12% of websites pedalling nefarious monetary services. File sharing at 29% and leaked data at 28% are the two most popular categories.
The report also revealed that average prices for ill-gotten details were significantly higher than in 2015. The average price for a Visa Premium with user data was between £35 and £42, while the less lucrative Visa Classic and Mastercard with user data was going for £28.
The dark web is accessible by browsing the internet through privacy tool Tor. It is a non-profit organisation and its network anonymises users’ identities and browsing histories by moving traffic through multiple services and encrypting it.
Unfortunately, it seems criminals are becoming more brazen and are selling credit card details on the surface web - the bit of the iceberg above the water. An investigation by The Times claimed the card numbers of 100,000 thousand Britons were for sale for as little as £1.67 each. Pages offering stolen credit card details were even being advertised on Facebook, according to Business Insider.
Was there anything I could have done to prevent this happening? I’ve already lined my wallet with foil, but that only prevents fraudulent tap-and-go payments. Then I remembered that, a week ago, I had left my wallet unattended in full view in a semi-public place for almost an entire day. I got it back and nothing was missing.
But then my phone started registering phantom payments. So, my small nugget of wisdom is to cancel all cards if they are ever out of your possession for a minute or a day.