The dark web has grown to become a notorious fraud ecosystem.
For years, fraudsters have exploited features of the dark web to engage in their operations and elude the long arm of the law.
The dark web is filled, neck high, with the buyers and sellers of stolen data and other illicit goods.
This platform offers the regular fraudster a chance to achieve significant economic benefits owing to the presence of encrypted channels that support online trade.
Arguably, dark web fraudsters make money in three main ways.
The first revenue stream is through creating and distributing code and software that assist other people to hack systems and thus committing crimes successfully. In the same breath, these fraudsters sell training materials and tutorials, which empower aspiring hackers with skills that would elevate them to the fraudster status.
The second money conduit is the trade in stolen personal data. Mainly, dark web fraudsters deal in stolen credit card details. Such credit cards are usually sold to particular traders or private individuals that intend to use the information for fraudulent schemes. Interestingly, most of the people trading in stolen data are typically scammers.
The third money stream is the use of stolen cards to buy items that would then be resold. In this respect, such a fraudster would be out to make quick money.
A Little Background
Worldwide banks have evolved over the past years. This kind of corporate evolution has been necessary for streamlining operations and curbing financial crime. Notably, financial institutions have exhibited a paradigm shift by embracing the applications of embedded chip technology.
This technology is used in credit and debit cards and has been known to mitigate criminal attacks from hackers and fraudsters effectively.
In the United States and Europe, it has been known that embedded chip technology has been widely accepted across the financial spectrum. In the past, American banks had issued millions of citizens with the credit and debit cards armed with computer chips that promote the safe purchasing of goods in-store.
Additionally, credit card companies urged merchants to enhance their payment terminals with the aim of being able to scan these chips. This was seen as an essential step towards the achievement of credit card security across all boards.
But what exactly is embedded chip technology?
In simple terms, this technology surrounds itself on the creation of the smart card. Smart cards are, fundamentally, credit and debit cards that possess a computer chip in the card.
This means that the easy way to differentiate the smart card from its magnetic stripe predecessor is through the primary appearance of the card’s face.
Magnetic stripe technology has been discredited as being easy to hack, and it is for this reason that the world has embraced the smart card wholeheartedly.
But How Do Fraudsters Hide Their Tracks?
The inception of the embedded chip technology begs the question of whether this mechanism is fraudster-proof.
Unfortunately, dark web fraudsters are now using tools such as AntiDetect to obtain funds from stolen cards (See screenshot below.)
A dark web vendor speaks about his use of AntiDetect in a forum.
AntiDetect performs many actions. First, it tricks online marketplaces through a disguise. In this way, the e-commerce sites fail to identify the users as criminals. Additionally, this tool conceals a criminal’s digital fingerprints and therefore prevents such sites from establishing a track of them.
Browsers are essentially designed to have digital fingerprints that are created to assist banks in tackling financial crime. The primary concern raised by these institutions is fraud. The typical user’s digital fingerprint can be used to trace critical information borne in the individual’s browser.
This aspect ranges from their operating system to the particular user’s time zone. Furthermore, the technology is meant to detect the plug-ins installed in the subject’s browser with the aim of possibly establishing a history of site visits.
Banks and other financial institutions have been accorded the power to flag transactions owing to the outcomes of analyses done on digital fingerprints. By so doing, the banks can be able to identify browsers that have not been related to a customer’s bank account.
Online marketplaces are typically able to stop transactions that are deemed suspicious and associated with formerly identified fraudsters.
Recently, significant media attention has been leveled towards a tool called FraudFox, which was said to aid criminals to circumvent digital fingerprinting to stay entirely anonymous.
Interestingly, FraudFox is just a new market entrant in an already established environment that has long been dominated by AntiDetect. This tool has, for ages, been the favorite of dark web hackers who have made fortunes out of credit card fraud.
But what exactly is AntiDetect?
According to a Krebs on Security post, AntiDetect is a popular tool on hidden online platforms. It has been on the market for a considerable amount of time.
According to the AntiDetect Browser website, the old 220.127.116.11 version was capable of tricking mainstream browsers like Mozilla and Google Chrome.
In fact, the release was able to manipulate the features of their systems with the sole aim of avoiding digital fingerprinting.
AntiDetect has been said to be the only software globally that can naturally paralyze fingerprinting to the most effective extent. This tool has shadowed the new market entrant, FraudFox, through its diverse abilities.
An AntiDetect user has the luxury of amassing digital fingerprints for purposes of sorting and dumping in the config grabber. Mainly, this kind of fingerprint spoofing is carried out in a strictly orderly manner through the assemblage of profiles.
AntiDetect collects profiles through a built-in Canvas Fingerprint Validation. This technology allows the users to sieve genuine profiles from their counterfeit counterparts. It is for this reason that the tool has not managed to accumulate a massive collection of profiles.
A specialized algorithm works to authenticate browser snippets from various workstations that would then be analyzed to identify the valid ones.
Ideally, the tool boasts of about 30 percent of profiles that have been authenticated and activated. Seemingly, the figures appear to rise by each passing day.
In a nutshell, AntiDetect promises the following offerings:
- Precision: The delicate process of validating profiles means that the principles of Canvas Fingerprinting Validation have been adhered to the latter. This begets the accuracy of system operations.
- Speed: This tool possesses technology that efficiently identifies and categorizes profiles. This reality translates to a highly efficient system with incredible working rates.
- Enhanced coverage: The combination of precision and speed translates to increased coverage.
AntiDetect is technically easy to use and efficient in the execution of its functions. The dark web seems to have tapped into this efficiency owing to the continued proliferation of carding criminal syndicates.
As a selling point, the AntiDetect browser website claims that the tool is foolproof, and would hinder any online vendors from controlling online trade or cashing out from illicitly obtaining credit cards.
To conclude, it is agreeable that the industry expects to see the emergence of additional anti-fingerprinting software. The dark web market will naturally stimulate this occurrence.
Furthermore, the germination of card-not-present criminal techniques is bound to erupt in nations relying on the technology of chipped cards.
The critical concern in this context is whether the dark web and other online marketplaces have braced themselves for an oncoming super fraud wave.
Latest posts by Cherry Pepper (see all)
- The Process of Crawling the Deep & Dark Web - March 19, 2019
- Dark Web a Point of Focus in Annual Intellectual Property Report to Congress - February 28, 2019
- Silk Road Founder Loses Bid for New Trial - February 18, 2019