A Russian carding site is selling 554 stolen Australian credit cards with full details for $4.50 per record.
The online cybercrime bazaar listed Mastercard and Visa cards stolen from each Australian state and territory.
Each record contained the victim’s first name, partial card number, state and city. About 135 cards were stolen from victims in NSW, a hundred from Victoria, 60 from Queensland and 40 from Western Australia.
The Australian cards were the second largest cache of credit cards available on the site, behind some 1600 cards stolen from United States.
It was slightly more than the 537 cards on offer stolen from German victims.
The $4.50 price tag seemed cheap compared to other underground carding websites which list Australian cards from upwards of $10 each.
Price can be affected by credit limit, and that value of the affected cards was unknown.
For the US records, Mastercard credentials were sold for $2 each while American Express was on offer for $4.50 each.
The site, established as a business between a group of Russian hackers in July last year, had guaranteed the validity of the cards.
Each was tested via payment sites like Authorize.net and was backed by a refund guarantee.
The site appeared to be hosted in the US by Glowhost.com.
The stolen cards may reflect a rise in fraud against Australian-issued EMV cards which increased from $12.9 million in 2010 to $16.4 million in 2011, IDG News Service reported.
Card schemes say the chip – a gold square on the face of bank cards – dramatically reduced the amount of information available to fraudsters and cannot be replicated.
All terminals that process Visa payments were meant to be chip-enabled by April next year and all cards from the provider would be chipped and work only with a PIN number a year later. But the industry imposed deadlines have been passed over and extended previously.
Last year, Visa had identified some 40,000 small businesses across Australia that were at higher risk of fraud because they were large enough to process some 20,000 transactions but too small to properly secure their networks.
Copyright © SC Magazine, Australia
Issue: 336 | March 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.