Compromised payment card records posted for sale on the dark web dropped from nearly 100 million in 2021 to 59.4 million in 2022, with U.S. financial entities behind 70% of the exposed payment card records, according to The Record, a news site by cybersecurity firm Recorded Future.
While small restaurants and bars continued to be affected by card-present breaches last year, such attack prevalence was a 62% decrease, compared with 2021, a report from Recorded Future's Insikt Group revealed.
Such a steep decline in carding volumes has been due to the cybercrime crackdown of Russia, as well as its war against Ukraine, researchers noted.
"As war in Ukraine hampered cybercriminals ability to engage in card fraud, one top-tier carding shop exploited the lull in supply by flooding the market with recycled payment card records," said researchers.
The report expects that world events would continue to impact the card fraud market this year.
"Should war continue, threat actors ability to engage in card fraud will likely remain degraded. Should it end, a renewal or increase in payment card fraud may follow," researchers added.
The rise of the internet and the enormous amounts of personal data – both public and stolen – about individuals that can now be found on the internet makes it easier than ever to identify a target, where they work and where they live. That can make attacks like swatting a relatively low-effort, high-impact form of harassment.