The stolen information is used to steal funds or sold to their peers in the underground crime market. A recent report by security solutions provider Panda Security has found that cybercrime black market is witnessing expansion. One of the reasons for the growing black market is evolvement of new techniques, availability of automated toolkits and growth in malware such as Trojans, botnets and key loggers. The report indicates that number of malware strains identified has grown over 6 times in the last 7 years to around 60 million.
The new forms of malware help criminals in gaining access to credentials, stealing money and identity theft. Cybercriminals now function like an organized business spread over the world with members having different roles such as distribution of stolen information, committing fraud, providing illicit content servers, tech experts, information sale, conducting wire transfers and money laundering among others.
The underground cybercrime market operates as a continuous cycle of creating malware, identifying potential victims, inserting malware, stealing information, selling the stolen credentials and money laundering through money mules. Criminals take advantage of negligence in adhering to security fundamentals by Internet users to trick them into visiting well-crafted but fake websites or clicking on fake banking and social media links.
The black market which until a few years back was confined to selling credit card and banking information has expanded to include sale of physical credit cards, card cloners, fake ATMs, fraudulent bank transfers, card cloning, online payment accounts, fake online shops, counterfeit pay platforms, leasing spams and mail transfer protocols. Interestingly, they also provide trial offers and customer support. The prices range from as low as $2 for credit card information to around $35,000 for fake teller machines. The market has differential prices for cards originating from different countries.
Both businesses and individuals are targeted by cybercriminals. IT security awareness education may help employees to get an update on the security threats, safe online practices.
Banks may educate customers on the sophisticated threats through online training videos, tutorials and case studies.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences.
# # #
iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).