Sometimes RiskIQ researchers find criminal groups operating for a long time in one particular ecosystem dip their toe in another and experiment with new methods of monetizing. This threat brief profiles a criminal group that did just that to maximize their profit, blending tactics from two cybercrime worlds that are typically distinct: phishing and web skimming.
RiskIQ first noted an overlap in threat infrastructure showing web-skimming campaigns and phishing campaigns working in concert to exfiltrate stolen financial data to be sold online. When our researchers dug deeper, a culprit took shape: a savvy criminal group that was likely new to web skimming but is leveraging years of experience in phishing victims to develop a deadly effective hybrid campaign, the likes of which researchers rarely see.
When it comes to stealing financial data, this group is playing with a full deck. Meet Fullz house.