Connect with us

Hi, what are you looking for?



Card Fraud Platform Mimics Human Behavior to Avoid Detection

Cybercriminals have developed a piece of software that’s designed to help payment card fraudsters automate unauthorized charges to ensure that they make a profit before their activities are picked up by fraud detection systems.

Cybercriminals have developed a piece of software that’s designed to help payment card fraudsters automate unauthorized charges to ensure that they make a profit before their activities are picked up by fraud detection systems.

Payment card fraudsters are always looking for ways to improve their operations and the new platform provided by an organized crime group called “Voxis Team,” which surfaced on the black market in August, might be exactly what they need.

According to researchers from threat intelligence firm IntelCrawler, who have been monitoring Voxis Team, the new automated tool can be used to send batches of fraudulent payment card charges to multiple gateway processors.

A payment gateway is a service that’s used to authorize credit card payments for online stores and facilitates the transfer of information between the website and the bank.

CybercrimeWhen they get their hands on stolen payment card data, cybercriminals open merchant accounts with a payment gateway, for which they use money mules and stolen identities. They also set up fake websites to get the payment gateways to approve their accounts. Once they obtain a merchant account, they must quickly make transactions with the stolen cards before they’re detected by anti-fraud systems.

The Voxis Platform helps increase the chances of having the fraudulent charges authorized by emulating human behavior and buying patterns.

“Taking advantage of fraudulently obtained merchant accounts, bad actors can use speed to automate and load cards to be charged for pre determined amounts at predetermined times, all with the goal of sliding under fraud detection systems,” IntelCrawler said in a blog post.

The authors of the Voxis Platform claim their solution can use a total of 32 payment gateways, including Coinbase, MultiSafepay, PayPal, WorldPay, and Stripe.

“The list of fully supported payment gateways includes some famous payment processing companies, which if exploited, may incur compliance issues, AML regulations issues, and chargeback concerns for the merchants and their respective acquiring banks,” IntelCrawler noted.

Advertisement. Scroll to continue reading.

One interesting feature of the platform is called “Autofill Missing Info.” The feature uses the API from the people search engine to automatically fill in cardholder information that might be missing.

Tens of millions of credit and debit cards have been stolen recently and experts say this has created a demand on the underground market for methods that can be used to monetize the data quickly. Researchers have noticed that cybercrime groups pool their programming resources to create tools.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...