What’s new
We’re excited to announce that Flashpoint Fraud Intelligence now includes data from infostealer logs, with a particular focus on compromised credit card information. This update introduces a new source type: “Credential Stealing Malware (Infostealer),” providing users with a dedicated view of credit card data compromised by malware. This enhancement enables earlier and more accurate detection of credit card fraud.
Infostealers are malicious programs designed to covertly extract sensitive data from infected systems. They often capture credit card numbers, CVVs, expiration dates, and other crucial information.
Why it matters
Credit card fraud has evolved, becoming increasingly sophisticated. Infostealers now play a crucial role in harvesting vast amounts of financial data, which criminals often sell or use for unauthorized transactions. This year alone, we’ve observed over 53 million compromised credentials and 13 million infected devices due to infostealer activity.
Tracking the flow of compromised data is challenging. Once infostealers collect sensitive information, fraudsters can use it immediately or store it for future exploitation. This rapid turnaround makes it difficult for traditional fraud detection systems—which typically rely on rule-based triggers—to keep up with infostealer-driven fraud.
By expanding our dataset with new sources of compromised information, we’ve enhanced our credit card data. This allows our customers to detect threats sooner, gaining an edge in credit card fraud prevention.
Key Benefits:
- Detect compromised credit cards earlier: This allows businesses to take action such as canceling or blocking cards before fraud occurs.
- Monitor dark web activity: Track the movement of stolen credit card information as it surfaces in underground forums and marketplaces.
- Enrich fraud detection algorithms: This additional layer of intelligence strengthens machine learning models, helping improve risk scoring and fraud detection systems.
- Breach details: View breach information, including whether your organization has been affected, for a more detailed and actionable understanding of threats.
- Real-time detection and response: Helps CTI and Fraud teams detect compromised data and respond quickly, reducing the time between data compromise and fraud detection.
How it works
The new credit card data compromised from infostealers is accessible under the Payment Fraud section within Fraud Intelligence. This data is also available via the Fraud Intelligence API.
Here’s how to leverage this new capability:
- A new filter option has been added to the Payment Fraud section allowing users to isolate compromised credit card data specifically linked to infostealer malware.
- Users can apply this filter to identify and analyze compromised cards earlier in the attack lifecycle, even before they surface in traditional card shops or marketplaces.
- Customers can take measures such as flagging these cards for additional monitoring or preemptively blocking and reissuing cards that appear in infostealer logs.
- The data seamlessly integrates into the existing Fraud Intelligence interface, allowing users to analyze this new source alongside other fraud datasets. This includes sources from carding shops, paste sites, forums, chat services, and more.
Flashpoint provides customers with a more comprehensive and timely view of credit card compromise risks, giving organizations the ability to stay ahead of emerging threats and better protect their customers.