How hackers hack credit cards

Have you ever wondered how hackers get value from millions of stolen credit cards and debit cards?

In short, there’s a big global market for stolen credit card numbers. When you hear about a data breach in which millions of credit card numbers here is what usually happens.

Hackers use a number of tools to steal data. 

• For instance, a Remote Access Trojan (RAT) conceals itself inside legitimate software and, once installed, gives a hacker complete remote control of the victim's system.
• Another popular tool is something called Angler exploit kits. These are programs concealed in websites which look for weaknesses in the security of a computer system to install malicious software. 
• There are other methods too, and it’s fair to say that the hacker’s arsenal is constantly evolving though they do rely on tools that can exploit unprotected computers.

And these credit card hacks can be big, sometimes involving millions of credit card numbers. 

Generally, these stolen credit card numbers are offered for sale in online markets located on the dark web. ​

• These markets are sometimes called carding forums.
• The stolen credit card numbers will generally be offered for sale in batches.
• On these forums are people who make fake cards. They take the card numbers and any other information such as the name of a bank, the card issuer, the name of the card holder, and create legitimate looking credit cards.
• These cards are then resold to an army of buyers who use them to make purchases from shops.
• These sales are often supplemented with information on how to use the cards, their expected shelf life, and what to do if a user is questioned by a store employee, for instance, because the card is setting off alarms.
• That said, large criminal enterprises also have an army of soldiers who are trained in exploiting the fake cards.
  

Alternatively, some dark web buyers just buy up lots of stolen credit card information and use it to make online purchases. ​

• This is often for high-end goods such as electronics and luxury items.
• These items are shipped to a number of temporary addresses — the exact number depends on the scale of the operation.
• The goods are collected and then resold

Sometimes these goods are offered for sale in dark web online stores. 

• For instance, a popular smartphone might retail for around $1,000.
• The dark web online store might offer it for half the price.

These themes vary, but the point is that there is a vast and thriving global underground market for stolen credit card information. 

• Law enforcement sometimes poses are buyers on these forums to buy up the stolen information.
• Banks have also been known to buy up stolen information to minimize the cost of fraud following a major hack.

Cyber threats have evolved, and so have we.

Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.

Try Norton 360 with Lifelock.

Learn More Learn More Learn More Learn More Learn More