In part one of this four-part series on card cracking fraud, we covered the basics of what carding is, how carders use bots to power their attacks, and defined the most important terms and phrases within the carding vocabulary in our Carder’s Dictionary. Click here if you missed it or need a recap. In part two, we’ll be talking more specifically about the carding landscape in Russia and on Russian-speaking forums and online communities.

Carding fraud is a financially devastating attack made more damaging by bot-based automation that allows it to run at scale. Russian cybercriminals are especially prolific in the carding space. The Netacea threat research team recently conducted an in-depth investigation into this notorious carding fraud ecosystem.

Bots are ubiquitous across the web. If your business has an online presence, it’s being targeted by automated attacks. So, it’s unsurprising to us at Netacea that in the Gartner Hype Cycle for Application Security 2023, bot management is classed as an early mainstream technology – less than two years from reaching full maturity. The nature and purpose of bot attacks depends on many factors including industry, seasonality, and even the functionality of the target.

Businesses are realizing the value of bot management tools as part of their application security strategy, with the control set expected to mature towards mainstream adoption in less than two years. This is according to the latest Hype Cycle™ for Application Security by Gartner®, released this month.