TLDR:
- A cyber criminal group known as Storm-0539 is targeting US retailers by creating fraudulent gift cards.
- The group uses phishing tactics to compromise employee accounts and exploit gift card processes.
US retailers are facing a new threat from a cyber criminal group known as Storm-0539, which specializes in creating fraudulent gift cards. The group, based in Morocco, has caught the attention of the FBI and Microsoft due to their sophisticated tactics. Storm-0539 has been able to evade upfront costs by leveraging cloud environments and utilizing free trials or student accounts. They target employees through phishing emails, gaining access to personal and work information to create fraudulent gift cards.
Once inside a targeted organization’s network, the group navigates towards gift card business processes and uses compromised accounts to generate fraudulent gift cards. These cards are then either redeemed for cash value, sold on the black market, or cashed out through money mules. Storm-0539 has shown adaptability and persistence, even regaining access to systems after corporate changes were made to prevent their activities.
Microsoft has observed a 30% increase in intrusion activity from Storm-0539 in recent months, with the group targeting large retailers, luxury brands, and fast-food restaurants. To combat this threat, the company recommends implementing countermeasures to reduce the risk of a successful compromise. With the summer holiday season approaching in the US, it is crucial for retailers to be vigilant against gift card fraud.