Since when did hackers start worrying about moral turpitude? In the underground cybercrime economy where lies, deception and maintaining complete anonymity are the key attributes for success, I find it ironic that trust, yes trust, has climbed the ladder of qualifications that today’s online fraudsters need to profit in the digital black market.

In the article, “Cybercrime is now a booming industry,” the new Global Risks for 2012 report says that along with a steady increase in cyber attacks on businesses and governments around the globe, the top concern for illegal digital data sellers is maintaining trust with their customers.

According to an ethical hacker in India, the digital black market has become so competitive that entrepreneurial cyber criminals depend on their trustworthiness, along with free trials, discounted offers and money-back guarantees on stolen goods, to succeed in the shady underworld. (more…)

Turns out, crime does pay, at least for hackers committing identity theft over the Internet.

In the article, “Why Internet crimes go unpunished,” security expert Roger Grimes breaks down some interesting numbers around cybercrime, and how hackers are (to put it mildly) beating the odds. According to the FBI’s 2011 Internet Crime Report, of the more than 300,000 complaints that netted criminals $1.1 billion in 2010, law enforcement agencies convicted an average of one crook for every 50,635 victims. In other words, as Grimes eloquently states:

Steal someone’s identity and your odds of being caught are almost infinitesimal.

With all the hacks and fraud headlines 2011 will be remembered for, that’s definitely not the way we want to ring in the New Year. But as Grimes also warns, if we aren’t careful we could see history repeat itself as criminals not only continue defrauding computer users, but launch recycled attacks against the explosion of worldwide mobile device users, who could fall victim to the same old PC tricks. (more…)

iovation is continually developing new features to meet customer business challenges, keep pace with the constantly changing Internet environment, respond to great customer ideas, and meet our own internal strategic goals.

It’s been a busy year with a ton of new features and enhancements ranging from big to small. We thought we’d take a moment to share with you some of the highlights from 2011.

As with any technology, there are many, many things that go into a new feature including design, development, testing, documentation, integration and other operational requirements. We won’t go into that amount of detail here, but instead will focus on the primary achievements within each of the four principle areas of specialization at iovation, which include:

Getting to know someone on an Internet dating site requires the exchange of personal information. Things like where you grew up, your hobbies, pet’s name and favorite shopping destinations provide personal data that is essential to building an online relationship. Unfortunately, it’s also the same information that fraudsters use to steal peoples’ identities and commit ID fraud and a host of other unwanted activities.

In the recent article, “How to steal an identity in seven easy steps,” software developer, Herbert Thompson, shows us just how easy it is to collect personal information that allows fraudsters to gain access to somebody’s personal and financial online accounts. This is disturbing news, especially when you consider that roughly 40% of web users are ‘likely’ or ‘very likely’ to provide their personal information in one of six online scams, like the Ponemon Institute, commissioned by PC Tools, recently discovered after interviewing over 1,000 UK web users.   (more…)

Every online user, including fraudsters, were granted a free pass by the Justice Department earlier this week for lying on the Internet. Okay, I know what you’re thinking: “How can we prosecute somebody for lying?” Fibbing is an age-old human behavior that even the DoJ says it doesn’t have the time or resources to bring cases against everyone who lies on dating websites.

According to the Politico article, “Free pass for dating site liars,” people can take comfort in knowing that they don’t have to worry about being prosecuted or hauled off to jail for telling a little white lie over the Internet. While this certainly makes sense, at the same time we’re still walking on shaky ground when it comes to online lies, falsifications, profile misinterpretations, or whatever you want to label it. The fact is, when it comes to identity fraud, fake accounts or other crimes on romance sites, lying is typically the basis for the crime. It sets the stage for deeper criminal activity that can cost victims both emotional and financial hardships, not to mention damage to the dating site’s reputation.  (more…)

When it comes to victims of online dating fraud, we’ve heard the stories of how unsuspecting lonely hearts have lost tens of thousands of dollars. The emotional hardships and financial setbacks that victims of online romance scams go through can be devastating. This week, we saw another story that left one victim with no money, homeless, hungry, and eventually hospitalized with pneumonia in a foreign land thousands of miles from home.

In the article, “American Stranded in Ukraine in Online Dating Scam,” former write-in candidate for governor of Arizona, Cary Dolego, traveled to the city of Chernivti, Ukraine, eager to meet up with the woman he fell in love with online and one day hoped to marry. She never showed.

Turns out, Dolego was a victim of an online dating scam that stemmed from account takeover. Apparently, someone or some group hacked into a woman’s account on an international dating website and was communicating with Dolego on behalf of a woman named Yulia. While the woman later said the account on the dating site that Dolego had been corresponding with was hers, she claims she was not part of the scam. (more…)

“It seems to me that if there was any logic to our language, trust would be a four-letter word.”

This clever, yet pertinent quote from the film, “Risky Business,” has always stuck with me. Today, it’s more relevant than ever when it comes to trusting someone in an online social environment.

As much as we would like to believe what other people say over the Internet, the bottom line is that most separate our real-life persona from our online persona to a certain degree. For some, it’s an outdated photo. For others, it’s embellishing the truth or telling a little white lie. When it comes to online trust, however, the most dangerous kind if personal misrepresentation are those who make a living at deceiving others for profit or personal gain. That’s right. I’m referring to online fraudsters. (more…)

As mobile transactions become part of our everyday lives, online businesses that allow users to access their websites from mobile devices and provide mobile payment options need to consider the security challenges and new risks that emerging mobile platforms create for both consumers and businesses.

iovation has seen first-hand mobile transactions increase by more than 300% annually. With merchants expecting more fraud as a percentage of sales from their mobile channel, I look forward to participating alongside with other leading mobile security authorities in the panel, “Mobile Security: Improving Systems to Mitigate Fraud,” at the Mobile Contactless Payment Innovations Summit in Chicago.

I will be joining Marc Washawsky, SVP Mobile Channel Executive at Bank of America, Kevin Gillick, Executive Director at GlobalPlatform, Jack Jania, SVP GM Secure Transactions at Gemalto, and moderator, James Wester, Editor of Mobile Payments Today, as we share with executives from retailers, banks, card issuers and payment networks insights on assessing risk and detecting fraudulent behavior from mobile devices, including smart phones and tablets. Some of the topics we will cover include:  (more…)

While the term “online abuse” often conjures up thoughts of cyber bullying, predatory behavior and customer harassment, Internet-based businesses that experience abusive activity within their social communities have to immediately address customer trust and confidence issues. Otherwise, they risk unwanted conduct between subscribers, which can ultimately lead to financial implications for the organization.

We all know that the top priority for any IT fraud team is to ensure their good customers can safely and easily communicate and do business within their online environment. However, because many business websites have networking communities that bring likeminded individuals together to socialize, the potential for users or criminals to act inappropriately towards others can create problems that can impact the user experience. (more…)

“Social fakes” are invented profiles on social media (often referred to as profile misrepresentation), which can be used to harass or mock victims anonymously. But the more lucrative fake profile is one that imitates a legitimate business, damaging that business’s online reputation.

The impostors’ ultimate goal? Spam leading to scams.

Social-web security provider Impermium published the results of their recent analysis of the cost of social spam. “Online ID signup fraud” is an emerging trend, with fraudulent accounts ranging from a low of 5% to 40% of users. “Scammers are registering accounts by the millions as they perpetrate fake “friend requests,” deceptive tweets, and the like, while the black market for bulk social networking accounts is growing exponentially.” (more…)

Every second, someone is sharing personal information about themselves over the Internet. For most online users, this data is meaningless except to the friends and well-intended recipients of the sender. But the truth is, others are watching; and they’re watching closely. For online fraudsters, personal information is carefully pieced together and used to answer security questions that allow them to break into other peoples’ online accounts to perpetrate identity theft and steal from their bank accounts.

In the article, “Fraudster used Facebook to hack bank accounts,” cyber criminal Iain Wood spent 18 hours a day online collecting information posted by his neighbors on social networking sites including Facebook to figure out passwords that would defeat online banking security checks. Prior to getting caught by police, he managed to steal more than £35,000 (approx. $55,000 USD) over a two-year period. (more…)

It has been a while since my last blog post as the infrastructure team at iovation has been hard at work building out our latest data center in the Westin Building located in Seattle. This new data center is situated in a brand new state-of-the-art facility within the Westin Building which I am going to walk you through here today. We find that in the SaaS industry the quality of provider’s facilities varies widely (and is very opaque) and so we are going to do our best to be transparent here by using photos liberally.

The Westin Building is easily the best connected facility in the Northwest United States. Via our patch panel in the meet-me-room we can rapidly connect to dozens of global telecommunications carriers serving the US, Asia, Canada, Europe, and the rest of the world with a simple fiber optic jumper cable. This facility is also home to the Seattle Internet Exchange on which we are a member.

If you are an iovation customer and would like to directly connect to us within this facility or across the SIX please contact me.

From an infrastructure point of view, keeping the iovation service online at all times and keeping the “bad guys” from harming our customers is always Job #1. To do this, we employ many levels of redundancy, both within a given facility, and between multiple facilities. As with any data center, this starts with the electrical power feeding the facility. Every piece of iovation equipment is fed from dual power sources which are completely redundant all the way back to the power utility. It should also be noted that power failures in Seattle are nearly nonexistent as the grid is extremely robust (fed largely by hydro-power).   (more…)

While everyone here at iovation is ecstatic about making the Portland Business Journal’s 2011 list of the Top 100 fastest-growing privately held companies, none of this would have been possible without the outstanding customer service our employees have provided through the years. (more…)

Online classified advertising site scams are typically conducted by scammers in countries such as Ghana, Nigeria, Romania, Korea, Israel, Columbia, Argentina, the Philippines, or Malaysia, who spend their days targeting consumers in the developed world.

Scammer grammar and general awkwardness make these scams relatively easy to detect. But when a scammer is local, the ruse becomes more insidious and effective.

The Toronto Sun reports that a man in Hamilton, Ontario faces “60 charges for allegedly selling thousands of dollars worth of non-existent tickets to concerts and sporting events, mostly at venues in Toronto.” The suspect “allegedly used Craigslist to sell tickets to pop concerts like Lady Gaga, Taylor Swift and Justin Bieber, or sporting events like Wrestlemania.” (more…)

Finding true love online, whether it’s through the right look, poetic flattery or simple mutual interests, is tough for the millions of hopeless romantics looking to find that special someone. Often times, finding Mr. Right is like searching for a needle in the haystack as those looking for love spend countless hours carefully sorting through endless personal profiles until something catches their eye. (more…)