School for scoundrels: Now cybercrooks are learning from online courses, too

phishing.jpg weerapatkiatdumrong, Getty Images/iStockphoto

If you want to learn a new skill, it's entirely possible you'll pay a fee for online course which over a period of weeks or months allows to you take part in online lectures, webinars, discuss ideas with a teacher and other students and ultimately walk away with the ability to do something new.

Now even cybercriminals are providing this level of training, with one example being a six week online course offering webinars, online tutorials and support to wannabe crooks who want to get in at the ground level of credit card fraud.

Online courses with instructions on how to become a cybercriminal aren't new, but one course examined by researchers at security company Digital Shadows reflects the level of professionalism now being adopted by online scammers and the increasing levels of skill of those who want to run scams.

Conducted in Russian - likely pointing to where in the world it's run from and where its target audience is - this online course promises to take a complete novice and turn them into a specialist in card fraud in six-weeks by taking part in online classes.

"There's lots of training courses available, but often they're not curated, they don't cost a more than a couple of dollars, if anything. Whereas this is a much more like an e-learning class you or I might take to learn something new via a commercial online learning setting," Rick Holland, VP of Strategy at Digital Shadows told ZDNet.

"It's actual webinars you can attend with live conversation and questions and answers. They have operations security components in there to protect identities, but by in large it's very similar to any e-learning course".

The business-like nature of the course is reflected in how much it costs - 45,000 RUB [$750], with an additional $200 for course materials for the 20 lectures, all paid for using cryptocurrencies such as Bitcoin - although the course promises big returns.

While card fraud might appear to be one of the most basic forms of cybercrime, the Digital Shadows report on online carding courses warns this particular type of attack is more sophisticated than ever, especially as consumers pay more and more money online.

According to figures in the report, that $24 billion will be lost to payment card fraud by the end of 2018.

The course is also biased towards targeting Western countries - where there is the most illicit profit to be had - and those behind the course even forbids fraud against Russian targets, likely a move designed to ensure those behind the scheme don't anger Russian authorities.

"The barriers for cybercrime just keep getting lower. Sophisticated criminals act at a higher tier, but it just gets easier and easier for people to get it. This low barrier of entry is bad for consumers, bank for banks, bad for card brands," says Holland.

"This is just going to continue to grow, it's still going to be a big threat for retailers and financial services for some time to come".

Indeed, the programme reflects the evolving nature of this area of cybercrime; participants are encouraged to take a refresher course every six months in order to gain knowledge of the latest trends - for a price, of course.

READ MORE ON CYBERCRIME



from Latest Topic for ZDNet in... http://ift.tt/2tfrl4C