- Joined
- Dec 3, 2020
- Messages
- 1,783
If you are fond of frequent forums, you will know that it is easy to find ads offering packs of dumps with pin, from a variety of countries at reasonable prices as if it were an auction. In this post, we will explain what many online sites refer to with these types of ads and the surprises they hide.
Clarifying concepts:
Without going into many details, we can say that a dump of the magnetic strip of a card with its corresponding track 1 and 2 complete and ordered. Obtaining the dump, along with its corresponding PIN can come from four sources:
• Skimmers installed at ATMs.
• Malicious POS.
• Sniffing.
• Other ingenious devices such as skimmers at gas stations and vending machines, or even fake ATMs.
The truth is that having a few dumps with PIN, perfectly operational and without blocking, is like reaching the Holy Grail of technological crime. This is because their monetization is much simpler and direct than online banking credentials or the different types of carding. While with the rise of EMV technology these attacks are beginning to get complicated, still many banks and countries have not implemented this technology.
Once we have these data of Dumps with a PIN, converting them into money is quite simple. Using the appropriate material the dumps are recorded on a blank card. Once this is done, discreetly go to a cashier avoiding security cameras and with the PIN successive withdrawals of money are made until the daily limit of the card is exhausted.
That said the interesting thing is that very few sellers actually offer the coveted dumps with pin. Criminals who have the knowledge and infrastructure to obtain this information also have it to monetize them without having to sell them to third parties. This way they obtain much greater benefits and avoid the possibility that the buyer does not pay. That means, that these ads are an attempt to deceive 99% of the time.
The dynamics of the cybercrime ecosystem share the same characteristics of the legitimate market. There are sellers, buyers, bargain hunters, deposit and guarantee agents, distributors and specialized suppliers in a specific segment of the market.
Clarifying concepts:
Without going into many details, we can say that a dump of the magnetic strip of a card with its corresponding track 1 and 2 complete and ordered. Obtaining the dump, along with its corresponding PIN can come from four sources:
• Skimmers installed at ATMs.
• Malicious POS.
• Sniffing.
• Other ingenious devices such as skimmers at gas stations and vending machines, or even fake ATMs.
The truth is that having a few dumps with PIN, perfectly operational and without blocking, is like reaching the Holy Grail of technological crime. This is because their monetization is much simpler and direct than online banking credentials or the different types of carding. While with the rise of EMV technology these attacks are beginning to get complicated, still many banks and countries have not implemented this technology.
Once we have these data of Dumps with a PIN, converting them into money is quite simple. Using the appropriate material the dumps are recorded on a blank card. Once this is done, discreetly go to a cashier avoiding security cameras and with the PIN successive withdrawals of money are made until the daily limit of the card is exhausted.
That said the interesting thing is that very few sellers actually offer the coveted dumps with pin. Criminals who have the knowledge and infrastructure to obtain this information also have it to monetize them without having to sell them to third parties. This way they obtain much greater benefits and avoid the possibility that the buyer does not pay. That means, that these ads are an attempt to deceive 99% of the time.
The dynamics of the cybercrime ecosystem share the same characteristics of the legitimate market. There are sellers, buyers, bargain hunters, deposit and guarantee agents, distributors and specialized suppliers in a specific segment of the market.