DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Australian Cyberfraud: Holding the Line on Payment Card Fraud While Scam Attempts Increase

Posted on October 24, 2019 by Dissent

Stas Alforov and Christopher Thomas of Gemini Advisory have issued a new report on cyberfraud in Australia.  While things seeming to be getting worse all over the world and Australia has also experienced more incidents, there’s a bit of good news in their report: the rate of worsening is slowing down in Australia – at least when you look at payment card fraud.  Key findings from Gemini Advisory’s analysis included a 1.39% decrease overall in card fraud, although the decrease was not uniform: Card Not Present (CNP) fraud, which comprises most of the fraud overall, decreased, while the much lower Card Present (CP) fraud rates actually increased.

A deeper dive into their data using the metric of number of Australian-issued payment cards offered for sale on the dark web revealed that during the past 12 months,  approximately 974,000 CNP and 94,000 CP records were compromised. In the preceding year (from 2017 to 2018), there had been 1,025,000 CNP and 63,000 CP records offered for sale in the dark web.

And in what may make Australia the golden country of the week in cybersecurity, the researchers found that Australia was the only APAC country to have a decrease in some fraud statistics the past year.

Australia’s CNP payment card fraud dropped by 4.58%, which was greater than its 50.33% increase in CP fraud and resulted in an overall 1.39% drop in Australian payment card fraud. While India did have a drop in CP fraud by a full 48.95%, this was far offset by its 20.55% increase in CNP fraud, resulting in a 14.22% overall increase in exposure.

Australia thus stands alone among APAC’s top five economies as the only
country with a decrease in the volume of payment cards offered for sale in the dark web from October 1, 2018 to September 30, 2019.

 

APAC fraud rates increased in all 5 economies except for Australia. Source: Gemini Advisory.

The researchers also report that Magecart continues to be one of the most effective attack methods.  Earlier this week, the FBI issued a PSA about e-skimmers, and Gemini Advisory’s report confirms the need for more defenses, noting that

In August and September, Gemini discovered over 100 malicious domains worldwide that employ Magecart skimmers, many of which are disguised as legitimate websites.

What Australians will also need to increase vigilance about is a rising attack vector of social engineering schemes designed to obtain consumers’ payment card information. Gemini Advisors confirm reports by KPMG that detailed the increasing prevalence of these schemes, noting:

We are seeing a disproportionately high volume of scam attempts on Australians – there were 177,000 scam reports here last year, costing almost half a billion dollars. This compared to around 85,000 scam reports in the US and UK, with far bigger populations. This covers a wide variety of scams – defined in our report as ‘social engineering’ frauds – including investment, romance, crypto-currency, False billing and tax office/government agency scams.

Read their full report on GeminiAdvisory.io.

Related posts:

  • Breached Online Ordering Platforms Expose Hundreds of Restaurants
  • American Medical Collection Agency breach impacted 200,000 patients – Gemini Advisory
  • Details for 1.3 million Indian payment cards put up for sale on Joker’s Stash
  • Card data from breached Volusion platform shows up on dark web
Category: Breach Incidents

Post navigation

← Geisinger Health Plan Notifies Members About Business Associate Phishing Attack at Magellan NIA
Vietnamese student behind Android adware strain that infected millions →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.