Scalpers aren’t just interested in snagging the final Yeezy drops, the newest Air Jordans or tickets to see Taylor Swift on tour. They’ve also been saying “Hey, Barbie” to the latest Mattel collaboration with rock icon and Barbie enthusiast Stevie Nicks. Evidence gathered by Netacea suggests that scalper bots were involved when pre-orders for the limited-edition Stevie Nicks Barbie, unveiled by the Fleetwood Mac legend during a recent concert, sold out almost immediately.

A panel of cybersecurity experts from BT, Cranfield University and Netacea recently came together to discuss the accumulating cost businesses face due to malicious automation. The webinar is now available to watch on demand (scroll to the bottom of this page or click here to watch it in full). You’ll hear our specialist panel analyze results from this year’s extensive survey into what bot attacks cost enterprise businesses.

Security professionals would be considered foolish if they didn’t have a plan to mitigate a ransomware attack, especially for businesses generating hundreds of millions, if not billions, in turnover. And yet, a threat type that isn’t given nearly the same level of concern by the top brass – malicious automation carried out by bad bots – is costing these companies just as much, if not more, every year.

Scalper bots have had a busy year snatching and reselling Yeezy trainers, as adidas exhaust their final existing stock. This resulted in the Yeezy Slide Onyx topping the Netacea Quarterly Index of most-scalped items in Q2 of 2023.

Welcome to the fourth and final part in our series on credit card fraud originating in Russia. After covering the basics of what carding is, why so much of it is perpetrated by Russian speakers, then digging deeper into how carders operate, in this part we’ll explore ways to protect yourself and your business from this pervasive financial threat. Click here to download the full report: "Inside Russian Carding" (PDF)

This is part three in our four-part series on credit card fraud, specifically focusing on the Russian carding landscape. In part one, we gave an overview of carding as an attack type and drilled into some key terms from the Carder’s Dictionary. In part two, we looked more closely at the motivations behind Russia being a hotbed of carding activity.

Until recently, Netflix wasn’t too concerned about its members sharing their accounts with friends and family. In a 2016 statement, Reed Hastings, Netflix CEO said “password sharing is something you have to learn to live with, because there’s so much legitimate password sharing, like you share with your spouse, with your kids… so there’s no bright line, and we’re doing fine as it is.”

In part one of this four-part series on card cracking fraud, we covered the basics of what carding is, how carders use bots to power their attacks, and defined the most important terms and phrases within the carding vocabulary in our Carder’s Dictionary. Click here if you missed it or need a recap. In part two, we’ll be talking more specifically about the carding landscape in Russia and on Russian-speaking forums and online communities.

Carding fraud is a financially devastating attack made more damaging by bot-based automation that allows it to run at scale. Russian cybercriminals are especially prolific in the carding space. The Netacea threat research team recently conducted an in-depth investigation into this notorious carding fraud ecosystem.