A new bot targeting card payment processes on websites was spotted in the wild. Called GiftGhostBot, the bot is trying to defraud consumers of the money loaded on gift cards from a wide range of retailers around the globe, with attacks being noticed on almost 1,000 customer websites. Unfortunately, any website with gift card processing capabilities could be a target.
The attacks were noticed by the Distil Networks Security Analyst team. It seems that starting on February 2016, 2017, bot activity on customer websites with gift card processing capabilities spiked.
The tactic involves fraudsters using malicious automation to test a rolling list of potential account numbers and requesting each balance. If they are successful in obtaining the balance, fraudsters can resell the account number on the dark web or use it to purchase goods.