The dark web is a difficult place to navigate, it is unstructured and unqualified and counterparty risk goes with the territory. All of which has driven cybercriminals to the surface. “Fraudsters are now hiding in plain sight across literally hundreds of social media networks and other digital platforms,” according to Zack Allen, Director of Threat Operations at ZeroFox, a Maryland-based specialist in ‘social media and digital protection’.
And so I asked Allen what he could find online in just 15 minutes, in open-source research. And because Facebook was exposed last month for hosting dozens of groups of cybercriminals marketing stolen goods and services, I asked him to avoid Facebook, to see what else was out there. “In just those 15 minutes,” Allen told me, “I was able to identify fraud scams across YouTube, Eventbrite, Medium, Reddit, GitHub and Telegram. And there were surprises even to us, around some of the stuff that we found and how quickly on these sites.”
Allen sent me screenshots from each of the sites he’d searched, promising ‘high-quality cc/cvv dumps’, ‘user reviews’, ‘tutorial videos’, ‘dumps from USA, Asia, Mexico, Brazil, Japan, South Korea, U.K., Canada, Australia’, ‘PayPal gift cards’, ‘ATM PINs’.