
Cybercriminals are increasingly targeting both physical and digital payment systems, with over 269 million stolen cards and 1.9 million checks available on the dark web, according to Recorded Future’s latest fraud report.
The report identifies a threefold increase in Magecart e-skimmer infections, driven largely by the CVE-2024-34102 vulnerability, known as “CosmicSting.” Exploited in Adobe Commerce and Magento platforms, the vulnerability has facilitated unprecedented levels of data theft. Recorded Future notes, “Altogether, the volume of unique e-commerce domains suffering from newly detected e-skimmer infections approached 11,000 — the highest ever observed in a single year.”
Despite technological advancements, check fraud remains a uniquely American challenge. Approximately 1.9 million stolen U.S. bank checks were posted for sale, with nine out of ten being reposts, suggesting a rampant recycling of stolen data. The U.S. East Coast accounted for 60% of all stolen checks, far exceeding its population share of 35%.
Dark web marketplaces continue to dominate the fraud ecosystem. Threat actors use these platforms to sell stolen card data and conduct validation activities. Telegram, despite increased scrutiny following the arrest of its founder Pavel Durov, remains a significant source of card data. Recorded Future notes, “The total quantity of new, unique records posted on Telegram remained stable, indicating the source will likely continue to be used for fraud in the near future.”
Fraudsters are leveraging advancements in artificial intelligence to refine their attack strategies:
- Digital Wallet Exploits: Threat actors increasingly abuse digital wallets through phishing and OTP interception. The report warns, “Fraudulent provisioning attempts and cash-out schemes will likely intensify as fraudsters continue targeting payment mechanisms.”
- Scam E-Commerce Networks: Over 1,200 scam domains linked to fraudulent merchant accounts were identified, primarily in the UK and Hong Kong. These operations combine subtle social engineering with advanced transaction laundering to evade detection.
- Sophisticated Money Laundering: Fraudsters continue to exploit cryptocurrency mixers and transaction laundering workflows, making it harder for financial institutions to trace stolen funds.
The report outlines three major fraud trends for 2025:
- Digital E-Skimming Acceleration: New vulnerabilities and e-skimmer kits will amplify data compromise events, particularly targeting digital wallets.
- Dark Web Market Dominance: Despite crackdowns, the dark web will remain a hub for fraud, while Telegram continues to attract less experienced threat actors.
- Persistent Check Fraud: While check fraud is unlikely to abate, improved intelligence and proactive measures will empower financial institutions to minimize losses.
Related Posts:
- Checkout Catastrophe: MageCart Skims Credit Cards from WordPress Stores
- From Magecart Mayhem to Ransomware Revamp: Inside ESET’s H2 2023 Cyber Threatscape
- Uncovering Deceit: Strategies for Unearthing Fraudulent Activity