Social media attracts all kinds. These sites are used for catching up with friends on Facebook, instant news dissemination on Twitter, partisan political viewpoints expressed in online forums, real-time reach outs on Snapchat, professional networking on LinkedIn - and now, not surprisingly, they're used as global havens for cybercrime.
With the release of the second part of the "Hiding in Plain Sight: The Growth of Cybercrime in Social Media" series, it is clear that the volume of visible fraud activity on social networking platforms is a global epidemic. The second report is focused on Russian and Chinese-speaking fraud groups which accounted for about 40% of the groups studied.
The question most often asked since the release of the report is "Where did the idea originate?" This project came about as a result of a typical intelligence investigation for one of our FraudAction customers. In tracking one particular cybercriminal back to Facebook, our intelligence analysts uncovered a plethora of fraud groups selling and sharing massive amounts of stolen credit card data with PII and authorization codes as well as cybercrime tutorials, malware and hacking tools, DDoS kits, and cashout and mule services. Six months later and more than 220,000 individual fraudsters investigated, we have uncovered a new cybercrime reality operating in plain sight.
Another interesting finding of the report was how many fraud communities which tend to target victims within their own countries. The map below shows the top countries where fraudsters prefer to commit fraud at the regional level by attacking local retail businesses, banks, and consumer accounts.
In the meantime, I would invite you to explore the prevalence of cybercrime on social media for yourself. Open up Facebook and type 'cvv' or 'cvv2' into the search bar and see the results you get. It will quickly become apparent that social media now allows you to find a stolen credit card easier than you can find an old friend.
RSA has made reasonable attempts to contact the respective legitimate parties mentioned in this report prior to publication. RSA has notified and provided this report to the appropriate law enforcement agencies.
About RSA FraudAction
RSA FraudAction is a managed threat intelligence service which provides global organizations with 24x7 protection and shutdown against phishing, malware, rogue mobile apps and other cyber attacks that impact their business. Supported by 150 analysts in RSA's Anti-Fraud Command Center, the FraudAction service analyzes millions of potential threats every day and has enabled the shutdown of more than one million cyber attacks.
For more information, please contact FAS.Inquiries@RSA.com.