April 1, 2021 • Insikt Group®
Recorded Future analyzed current data from the Recorded Future® Platform, dark web, and OSINT sources to review fraud tutorials and courses that facilitate threat actor campaigns. This report expands upon findings addressed in the first report of the Insikt Group’s fraud series, “The Business of Fraud: An Overview of How Cybercrime Gets Monetized”. This report will be of most interest to anti-fraud and network defenders, security researchers, and executives charged with security and fraud risk management and mitigation.
Training tutorials and courses sustain the activities of various underground forums and threat actors. They nurture novice cybercriminals while providing additional supply and demand to the underground economy by recruiting and training the next generation of fraudsters. Threat actors sell how-to guides and tutorials across the criminal underground on a range of cybercrime-related topics, including malware creation, mule recruitment, cashout methods, ATM bypasses, and other operations that facilitate criminal activities. These tutorials and courses cater to a wide range of cybercriminals, from cybercrime novices to more seasoned, niche-focused experts that are seeking additional guidance and knowledge, and communities and materials exist for English, Russian, and Chinese speakers.
- Fraud tutorials and courses give direct instructions on how to commit fraud. These instructions are step-by-step guides for how to be a cybercriminal.
- The Carding Camp training on the forum WWH Club is well known in underground communities for enabling novice cybercriminals to undertake payment card fraud.
- Fraud Bible and the forum COOCKIE PRO provide cybercriminals step-by-step videos and printed methods on defrauding specific companies and state governments.
- GOLDIE ENROLL 5.0 course is specifically tailored to enable cybercriminals to commit online banking fraud.
- Chinese-speaking cybercriminals run their underground communities providing training to target payment processing systems and financial organizations.