Cybercriminals are compromising US consumers and business workers on a large scale, able to steal personal information and payment details in bulk. Home Depot was compromised and 56 million payment card numbers and 53 million email addresses were taken in a single breach alone, along with Target, Neiman Marcus, and a number of retailers also falling victim.
However, trying to make use of stolen information forces cybercriminals to act quickly - if 10,000 cards are compromised, only around 100 could cash out, with an estimated 10 cars actually working, according to Alex Holden, from Hold Security.
"Cybercriminals don't have enough resources to monetize stolen data in big volumes," said Andrew Komarov, IntelCrawler CEO, in a statement to PCWorld. "It really has a small margin, and it is pretty complicated to resell it in big amounts."
Due to the amount of records being stolen, cybercriminals are trying to find new ways to generate revenue while not having to rush to get the job done. One such tactic is to directly blackmail the victim, as the hackers already have payment information and email addresses. Another increasing strategy is to cash out stolen accounts by creating fake merchant accounts that can be used with payment processors - a tactic that works until banks and credit card companies are able to cancel the fraudulent activity.