Since when did hackers start worrying about moral turpitude? In the underground cybercrime economy where lies, deception and maintaining complete anonymity are the key attributes for success, I find it ironic that trust, yes trust, has climbed the ladder of qualifications that today’s online fraudsters need to profit in the digital black market.

In the article, “Cybercrime is now a booming industry,” the new Global Risks for 2012 report says that along with a steady increase in cyber attacks on businesses and governments around the globe, the top concern for illegal digital data sellers is maintaining trust with their customers.

According to an ethical hacker in India, the digital black market has become so competitive that entrepreneurial cyber criminals depend on their trustworthiness, along with free trials, discounted offers and money-back guarantees on stolen goods, to succeed in the shady underworld. (more…)

Turns out, crime does pay, at least for hackers committing identity theft over the Internet.

In the article, “Why Internet crimes go unpunished,” security expert Roger Grimes breaks down some interesting numbers around cybercrime, and how hackers are (to put it mildly) beating the odds. According to the FBI’s 2011 Internet Crime Report, of the more than 300,000 complaints that netted criminals $1.1 billion in 2010, law enforcement agencies convicted an average of one crook for every 50,635 victims. In other words, as Grimes eloquently states:

Steal someone’s identity and your odds of being caught are almost infinitesimal.

With all the hacks and fraud headlines 2011 will be remembered for, that’s definitely not the way we want to ring in the New Year. But as Grimes also warns, if we aren’t careful we could see history repeat itself as criminals not only continue defrauding computer users, but launch recycled attacks against the explosion of worldwide mobile device users, who could fall victim to the same old PC tricks. (more…)

Online fraudsters have always been a shifty bunch. The worst part is, it’s their chameleon-like nature that is part of their ongoing success, as well as every fraud managers’ nightmare.

According to the Banking Times article, “Criminals shifting to card-not-present fraud because of chip and PIN success,” they are on the move again. Data recently released by FICO, a leading provider of analytics and decision management technology, shows that across Europe card-not-present (CNP) fraud has dramatically increased, accounting for 72% of all fraud losses between March 2009 and March 2011. The big reason for this change? Chip and PIN technology, which has helped reduce counterfeit fraud by 60% over the same period.

In comparison, a similar study conducted three years ago found that ‘card present’ fraud accounted for 60% of Europe’s credit card fraud. But since European banks adopted the smartcard payment system, that number has dropped significantly over the past couple of years.

So, remaining consistent to their adaptive nature, it appears that cyber criminals have shifted their attention to CNP schemes like online fraud, targeting countries and business systems with weaker detection and prevention capabilities, said Martin Warwick, FICO’s Fraud Chief in Europe, the Middle East and Africa. (more…)

We all know cold remedies are made to treat the symptoms, not kill the virus. In a way, reactive anti-fraud solutions work the same way. They’re good at cleaning up the mess or correcting the problem once fraud has occurred, but have difficulty preventing cyber crimes from happening in the first place, or worse, stopping them from reoccurring over and over again.

The truth is, even diligent businesses running the latest security software remain vulnerable to the growing number of new and unknown forms of online fraud and abuse. Take it from Mark Patterson, co-owner of PATCO Construction Inc: when it comes to fighting ACH fraud the new FFIEC authentication guidance falls short. He says that until banks become legally liable and accountable for such online crimes, businesses will remain susceptible to online fraud.

In the BankInfoSecurity article, “Fraud: The Victim’s Perspective,” Patterson, whose small residential and commercial construction company lost over $550,000 to fraudulent ACH transactions, said that while he’s glad updates have been made to the security guidelines, they don’t go far enough. In order for small businesses to protect themselves from online crimes like ACH fraud and account takeover, they need to take it upon themselves to also incorporate their own internal policies and processes to detect fraud and abuse. Some of his recommendations include:

• Talk to your bank about the ACH fraud policy to understand if fraud losses are covered
• Monitor all online transactions for bad IP addresses, anomalies, and suspicious activity
• Run and analyze reports to recognize patterns and velocities
• Educate yourself about online threats and how bad they really are

(more…)

iovation is continually developing new features to meet customer business challenges, keep pace with the constantly changing Internet environment, respond to great customer ideas, and meet our own internal strategic goals.

It’s been a busy year with a ton of new features and enhancements ranging from big to small. We thought we’d take a moment to share with you some of the highlights from 2011.

As with any technology, there are many, many things that go into a new feature including design, development, testing, documentation, integration and other operational requirements. We won’t go into that amount of detail here, but instead will focus on the primary achievements within each of the four principle areas of specialization at iovation, which include:

iovation is the leader in device reputation technology. They work to prevent all types of fraud and abuse on the Internet, including account takeovers, which occurs when your existing bank or credit card accounts are infiltrated and money is siphoned out. iovation also helps prevent new account fraud, which refers to financial identity theft in which the victim’s personal identifying information and good credit standing are used to create new accounts, which are then used to obtain products and services. Stolen Social Security numbers are often used to commit new account fraud.

During this year’s record-breaking Black Friday and Cyber Monday, iovation documented a significant rise in fraudulent transactions, which included account takeover attempts.

Their comparison of the two hottest shopping days of this year vs. last year found:

• 400% increase in the rate of fraudulent transactions on Black Friday (up from 1% to 4%)
• 25% increase in the rate of fraudulent transactions on Cyber Monday (up from 3% to 4%)
• 15% greater transaction volume on Cyber Monday compared to Black Friday
• 4% mobile fraud rate on both Black Friday and Cyber Monday.   (more…)

Getting to know someone on an Internet dating site requires the exchange of personal information. Things like where you grew up, your hobbies, pet’s name and favorite shopping destinations provide personal data that is essential to building an online relationship. Unfortunately, it’s also the same information that fraudsters use to steal peoples’ identities and commit ID fraud and a host of other unwanted activities.

In the recent article, “How to steal an identity in seven easy steps,” software developer, Herbert Thompson, shows us just how easy it is to collect personal information that allows fraudsters to gain access to somebody’s personal and financial online accounts. This is disturbing news, especially when you consider that roughly 40% of web users are ‘likely’ or ‘very likely’ to provide their personal information in one of six online scams, like the Ponemon Institute, commissioned by PC Tools, recently discovered after interviewing over 1,000 UK web users.   (more…)

When it comes to online gaming products, most people tend to think about the fun stuff like the enormously popular interactive role-playing games or international poker sites. What often gets lost in the conversation are the products behind the customer-facing games. Not surprisingly, I’m referring to the security tools that protect online businesses and the millions of users who put their trust and hard-earned cash into virtual games that provide countless hours of entertainment from their PCs, laptops and mobile devices.

Take, for example, a fraud prevention service like iovation’s ReputationManager 360. Using advanced device reputation technology, we work behind the scenes in many of the world’s largest and most respected gaming environments to provide protection from all forms of fraud and abuse. In the past year, we’ve provided invaluable intelligence on more than 475 million gaming transactions.

At iovation, we’re happy to play the role of the unsung hero. But every now and then it’s an honor to be recognized by industry leaders who call out the important work that we do. This is why we are so proud to announce that the distinguished ICE Totally Gaming panel has named iovation a finalist for the Best Online Gaming Product of the Year. (more…)

Fresh off the most successful Cyber Monday, which turned into a Cyber Week or even a Cyber Month, spanning from mid-November into December, marketers and advertisers are now positioning themselves for a 2012 Mobile Tuesday.

Forbes reports, “Consumers are going mobile in large numbers, and the 2011 holiday season proved it. IBM Coremetrics recently reported that consumers increased shopping on smartphones and tablets on Black Friday. Purchases made on mobile devices accounted for 9.8% of online sales, which is up 3.2% from last year. GSI announced a 254% increase in US mobile sales on Black Friday. PayPal Mobile announced a 516% increase in global mobile payment volume over last year, and eBay Mobile reported US purchases were nearly two and a half times what they were last year.” (more…)

The Washington Post reports that this holiday season, Cyber Monday expanded into an entire week of record-breaking online shopping. From Sunday, November 27 through Saturday, December 3, consumers spent nearly $6 billion over the Internet, a 15% increase over the same week in 2010. During the first 32 days of the November-December holiday season, online spending had already reached $18.7 billion, also a 15% increase from last year.

Which begs the question: when the dust settles, how much of this uptick in online sales will equate to online fraud? It is inevitable that some consumers will detect unauthorized charges on their credit and bank accounts, and many retailers will suffer high chargebacks.

Consumers should seek out and patronize businesses that implement a comprehensive, in-depth approach to protecting customers from identity theft and financial fraud. They should also check credit and banking statements carefully, scrutinize each and every charge, and call their bank or credit card company immediately to refute any unauthorized transactions.

Retailers should consider adding device identification technology to prevent more crime upfront before product ships and stolen credit cards are charged. This emerging technology examines the PC, smartphone, or tablet being used to conduct an online transaction in order to determine whether the device’s characteristics, behavior, and history indicate a high level of risk. The leading provider of device identification and device reputation services is iovation Inc. Take a look at iovation’s stats from Black Friday and Cyber Monday.

Fraud analysts from online retailers around the world interact with iovation’s database of device intelligence daily, and through sharing information and running real-time risk assessments, they block millions of online fraudulent attempts each year.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discussesCyber Monday on Fox Boston. Disclosures

A few week’s back, I wrote how iovation’s fraud prevention service had been named as a finalist for the 2011 Red Herring 100 Global Award. This week we are proud to announce that iovation was named a Top 100 Global Company.

It’s truly an honor to follow in the footsteps of some of the most recognizable technology companies in the world such as Google, YouTube, Skype and eBay, who have all been previously selected to Red Herring’s prestigious Top 100 Global list.

This recognition is a direct result of years of hard work evolving our fraud protection service into a full spectrum device reputation solution that supports native and web integrations for mobile and desktop devices, tagged and tagless device recognition, real-time transparent risk scoring, and on-demand and scheduled reporting. Our remarkable growth is attributed to the collaborative work and effectiveness of our global device intelligence network, which today protects billions of transactions for our clients representing multiple industries around the globe. (more…)

In the hours following the two most-anticipated shopping days of the year — Black Friday and Cyber Monday — we’ve already seen a number of impressive figures that defy earlier modest expectations for the holiday season.

According to the NY Times article, “Cyber Monday Shopping Surpasses Expectations,” both ComScore and IBM Benchmark reported that the $1.3 billion spent by online shoppers represented up to a 33% increase in online sales over last year. This followed record-breaking Black Friday weekend sales of $52.4 billion, which CNN Money reported is a 16% jump over 2010. Either way you cut it, there’s little doubt that retail and online sales over the weekend could make for a very profitable holiday season for merchants.

At iovation, we help our clients know who to trust online, by quickly recognizing their good online customers and isolating the fraudsters through shared device intelligence. By identifying bad actors upfront and flagging suspicious transactions in real-time, we help merchants decline fraudulent orders faster, minimize chargebacks and take more good business with confidence — all especially important during the holiday’s peak traffic.

Looking at iovation’s device reputation network on Black Friday and Cyber Monday, we found some interesting trends and year-over-year comparisons during the two hottest shopping days of the year, including:

• 400% increase in the rate of fraudulent transactions (from 1% to 4%) on Black Friday
• 25% increase in the rate of fraudulent transactions (from 3% to 4%) on Cyber Monday
• 15% greater transaction volume on Cyber Monday compared to Black Friday
• 4% mobile fraud rate on both Black Friday and Cyber Monday

While it was no surprise that credit card fraud, shipping fraud and account takeovers topped the list of fraud types reported to iovation’s database on these days, a noticeable drop in the share of mobile shopping activity was very unexpected.

Despite several industry surveys forecasting significant increases in mobile purchases over the holidays, iovation saw mobile transactions decrease as a share of overall activity on Black Friday and Cyber Monday. While mobile transactions usually account for 5% of queries to iovation’s service, mobile’s share of overall retail transactions dropped to 3.2% on Black Friday and 2.7% on Cyber Monday. At this point any conclusions would be only speculative as to why mobile transactions were down during these peak periods. Are consumers not ready to make purchases over their smartphones? Is the user experience of a smartphone checkout too cumbersome compared to the convenience of a desktop?  As retailers look to the mobile market as an increasingly important channel, it will be critical that they solve these issues.

Helping online businesses effectively and efficiently fight online fraud and abuse is our No. 1 goal here at iovation. And according to the team at Red Herring, we have performed exceptionally. For our work in stopping more than 50 million online fraud attempts for our customers this year, we are proud to announce that iovation’s fraud prevention service has been named a finalist for the 2011 Red Herring 100 Global Award.

For the 2011 Global Award, the Red Herring editorial team selected companies demonstrating the most innovative technologies and business models originating from over 1,000 companies from over 40 nations. The companies are judged on a range of qualitative and quantitative metrics, including technology innovation, financial performance, growth criterion, management’s execution standards, potential globalization of the strategy and market share improvement.

The 2011 Global finalists will be featured during the Red Herring event taking place at the Hyatt Regency Century Plaza on December 5-7, 2012. iovation’s CEO, Greg Pierson, will be presenting iovation’s winning strategy on Tuesday, December 6th and on the last night of the event, the Global winner will be announced. If you are attending the event and would like to schedule time to chat with Greg Pierson, please email info@iovation.com.

Every online user, including fraudsters, were granted a free pass by the Justice Department earlier this week for lying on the Internet. Okay, I know what you’re thinking: “How can we prosecute somebody for lying?” Fibbing is an age-old human behavior that even the DoJ says it doesn’t have the time or resources to bring cases against everyone who lies on dating websites.

According to the Politico article, “Free pass for dating site liars,” people can take comfort in knowing that they don’t have to worry about being prosecuted or hauled off to jail for telling a little white lie over the Internet. While this certainly makes sense, at the same time we’re still walking on shaky ground when it comes to online lies, falsifications, profile misinterpretations, or whatever you want to label it. The fact is, when it comes to identity fraud, fake accounts or other crimes on romance sites, lying is typically the basis for the crime. It sets the stage for deeper criminal activity that can cost victims both emotional and financial hardships, not to mention damage to the dating site’s reputation.  (more…)

Black Friday, the day after Thanksgiving, kicks off the holiday shopping season. Retailers advertise Black Friday bargains in order to lure you through their doors.

As far back as I can remember, police have been warning of thieves who target cars in parking lots, smashing windows to steal shopping bags left in plain sight. Then, we’d be warned that as the Christmas lights went up, thieves would target the wrapped gifts underneath the tree. I thought, “It can’t get worse than this?”

Then Cyber Monday came along. It was born as a marketing opportunity that has taken on a life of its own over the past five or six years. Online retailers promote their Cyber Monday offers throughout the fall, creating hype that whips shoppers into a frenzy. It’s become as essential to the retail community as Black Friday. (more…)