Russia-based credit card theft service Caramel is growing in popularity

Bitdefender Total Security Online India

Online shopping is at an all-time high. With the rise of e-commerce during the pandemic, threat groups specialized in skimming-as-a-service are gaining traction on dark web forums, offering low-skilled cybercriminals the tools they need to commit fraud.

According to researchers at Domain Tools, CaramelCorp, a Russia-based credit card stealing service has been growing in popularity in the underground marketplaces.

Aspiring cybercriminals can pay just a few bucks to access skimmer services. A lifetime subscription for the Caramel credit card skimming activities is only USD 2,000 and, according to researchers, the threat group is careful when choosing its customers.

“They appear to screen prospective customers carefully and are reluctant to interact with non-Russian speakers,” the researchers explained. “Further, CaramelCorp generally refuses to sell licenses to inexperienced carders, likely in order to mitigate potential exposure arising from customer incompetence.”

Booby-trapping e-commerce websites with malicious code to capture credit card details and other personally identifiable information is a very common attack vector of threat groups around the world.

E-commerce skimming can lead to serious consequences for unsuspecting shoppers who fall victim to identity thieves and fraud. More often than not, troves of stolen credit card data are traded on dark web forums without users’ knowledge.

E-skimming attacks can go undetected for months before e-commerce platforms become aware of the breach. By then, attackers can gather thousands of credit card details from customers.

Has your financial information been exposed in e-skimming attacks?

Time to find out with Bitdefender Identity Theft Protection. Our new service is part of the online privacy and security mega suite that includes advanced malware protection for all major operating systems, VPN, Password Manager and Identity Protection with real-time fraud, data breach, and dark web monitoring to alert you whenever your data ends up in the wrong hands.

The dark web monitoring feature scours the dark web to detect the illegal sale of personal information, including your credit card details, alerting you of any suspicious activities so you can take immediate action and minimize the damages.

Check our Ultimate Security pack today and benefit from all-in-one protection for your digital self!