This is part three in our four-part series on credit card fraud, specifically focusing on the Russian carding landscape. In part one, we gave an overview of carding as an attack type and drilled into some key terms from the Carder’s Dictionary. In part two, we looked more closely at the motivations behind Russia being a hotbed of carding activity.

Until recently, Netflix wasn’t too concerned about its members sharing their accounts with friends and family. In a 2016 statement, Reed Hastings, Netflix CEO said “password sharing is something you have to learn to live with, because there’s so much legitimate password sharing, like you share with your spouse, with your kids… so there’s no bright line, and we’re doing fine as it is.”

In part one of this four-part series on card cracking fraud, we covered the basics of what carding is, how carders use bots to power their attacks, and defined the most important terms and phrases within the carding vocabulary in our Carder’s Dictionary. Click here if you missed it or need a recap. In part two, we’ll be talking more specifically about the carding landscape in Russia and on Russian-speaking forums and online communities.

Carding fraud is a financially devastating attack made more damaging by bot-based automation that allows it to run at scale. Russian cybercriminals are especially prolific in the carding space. The Netacea threat research team recently conducted an in-depth investigation into this notorious carding fraud ecosystem.

Bots are ubiquitous across the web. If your business has an online presence, it’s being targeted by automated attacks. So, it’s unsurprising to us at Netacea that in the Gartner Hype Cycle for Application Security 2023, bot management is classed as an early mainstream technology – less than two years from reaching full maturity. The nature and purpose of bot attacks depends on many factors including industry, seasonality, and even the functionality of the target.

Businesses are realizing the value of bot management tools as part of their application security strategy, with the control set expected to mature towards mainstream adoption in less than two years. This is according to the latest Hype Cycle™ for Application Security by Gartner®, released this month.

The rollercoaster ride of Elon Musk’s Twitter buyout has taken another twist, as the social media platform looks poised to be rebranded “X”. Should we be worried about the security and privacy implications of Musk’s “everything” app?

Taylor Swift’s Eras tour has literally been the hottest ticket in music over the past few months, with millions of fans scrambling for their spot in arenas and stadiums around the world. But many “Swifties” have been left heartbroken as the demand far outstrips the number of tickets available. To make the pill even more bitter to swallow, there are plenty of tickets available to buy for the sold-out shows – but at many times their face value, on secondary markets.

Netacea is proud to announce that six months on from completing SOC 2 Type 1 compliance, we can now confirm SOC 2 Type 2 compliance as well, further demonstrating our commitment to data security and protecting our customers.

If you’re shopping around for a way to stop bots damaging your brand – be that through enabling automated fraud, hoarding your stock, scraping your content or prices, or just eating up server resources – you’ve probably seen vendors advocating the use of “client-side detection”. They’re probably telling you it’s necessary for accurate bot detection.