The rise in convenience of credit cards has also lead to a rise in stolen credit card data. As more people turn to this payment method, crybercriminals are taking the opportunity to seize your data and use it for illegal activities.


In this blog, we take a deep dive into how credit card information is stolen and how you can protect yourself.


What are dark web threats?

‘Dark web’ refers to online content that is encrypted and shared by anonymous entities. The data circulating on the dark web cannot be indexed by search engines, and much of it is used to conduct fraudulent, often illegal activity. Account details, credit card details and intellectual property are some of the most common assets for sale on the dark web, often fetching large sums of money from criminals seeking to use the data for personal gain.



How can attackers get access to credit card data?

There are a few ways that hackers can access your credit card data:


Phishing scams

Phishing emails look identical to official communication from reputable businesses or financial institutions, with the intent of getting you to provide your account information. Criminals may also call you claiming they are from your bank and ask for your credit card details to prove your identity.



Otherwise known as spyware, software or applications can manifest on your device by clicking on links or downloading files from the internet. Scammers gain access to your device and can install keylogging software to steal your credit card data when it’s entered online, for example when making purchases.


Connecting to public WiFi

The convenience of accessing public, often free Wifi networks, can compromise your credit card details. Hackers can access the network to open sensitive files and monitor your account information.


Data leaks

No organisation or institution is immune to hackers. Banks, retail businesses and service providers can be the victim of targetted attacks, with the sole purpose of gaining customers’ account details. While data breaches are uncommon, they remain a very real risk.



This old school method is still employed by scammers to steal your credit card data. Recording devices can be installed on ATMs and EFTPOS machines to capture your information when you swipe or insert your card.


What happens to the stolen data?

Hackers use stolen credit card data to fund their criminal activities. This may involve making fraudulent purchases online, or purchasing illegal goods. However, stolen data commonly ends up on the dark web. Credit card details including the cardholder name, expiration date and CVV code are listed for sale, where buyers across the globe can pay a nominal fee in exchange for the data. These transactions are often untraceable, with payment made via cryptocurrency to maintain the anonymity of sellers and buyers.


How to prevent credit card leaks

There are a few steps you can take to prevent leaked credit card data:


Use secure websites

If you’re shopping online or on a website that requires you to enter your credit card details, ensure the URL starts with https:// – the ‘S’ indicates a secure site. You might also see a padlock icon appear in the URL bar, which indicates a higher level of security on the site.


Don’t provide your credit card details over the phone

Proceed with caution against anyone calling you claiming they need your account details to verify your identity, and avoid placing orders over the phone.


Check your bank statements

It’s easy to fall into the trap of not checking your statements regularly, but this can aid in detecting fraudulent activity. If you spot anything suspicious, contact your credit card issurer or bank immediately.


Don’t save your credit card information on websites

Ecommerce sites encourage you to save your credit card data for faster checkout next time. If there’s a data breach on the website, your details are susceptible to leakage.


Don’t fall victim to leaked credit card data. Contact FraudWatch to learn more about protecting yourself online.