Blog


Chinese Scam Shops Lure Black Friday Shoppers

Key Findings Since the COVID-19 pandemic began, fraudsters have looked for ways to turn the tragedy to their advantage through e-commerce scams, SBA loan and stimulus fraud, and COVID-19 related malware. Now, with Black Friday around the corner, scam shops are looking to cash in on alluring discounts targeting online shoppers.  e-Commerce scam shops operate […]

Read more

“Email Appender” Implants Malicious Emails Directly Into Mailboxes

Key Findings Gemini analysts observed a criminal actor advertise in the dark web a new tool called “Email Appender” that can implant malware-infected or tailored phishing emails directly into a target mailbox. By implanting the email, Email Appender bypasses email security platforms that inspect messages en route to their destination mail server. The software poses […]

Read more

Relaxed Travel Restrictions Bring Back Travel Services Fraud

Key Findings As COVID-19 travel restrictions are lifted, countries are opening their borders to tourists. The sale of travel services, both legal and illegal, is starting to increase, which opens more opportunities for cybercriminals to monetize stolen payment cards. The airline industry alone loses nearly $1 billion per year due to the fraudulent online purchase […]

Read more

Joker’s Stash Breaches Dickey’s Barbecue Pit

Key Findings The Joker’s Stash dark web marketplace, known for advertising and uploading major breaches containing millions of compromised cards, has uploaded its latest breach, titled “BLAZINGSUN.” Gemini Advisory determined that the compromised point of purchase (CPP) was Dickey’s Barbecue Pit, a US-based restaurant franchise. Dickey’s operates on a franchise model, which often allows each […]

Read more

“LockBit” Launches Ransomware Blog, Blackmails Two Companies

Key Findings Gemini Advisory’s analysts uncovered a September 14, 2020 post on a Russian-language dark web forum by a ransomware team operating under the moniker “LockBit,” in which they advertised starting their own blog under the same name. This entry into the “big leagues” by LockBit was accompanied by a blog post with two databases […]

Read more

Carding in the Time of COVID: Illicit Antidetect Platforms vs. Anti-Fraud Solutions

Key Findings While cybercrime has dramatically increased in the past several years, Card Not Present (CNP) fraud, in particular, has become far more prolific. Regulatory technologies (regtechs) use consortium data harvested from merchant payment networks to authenticate card data and user identity through digital fingerprints to combat CNP fraud. Cybercriminals use anti-fingerprinting tools to bypass […]

Read more