Since when did hackers start worrying about moral turpitude? In the underground cybercrime economy where lies, deception and maintaining complete anonymity are the key attributes for success, I find it ironic that trust, yes trust, has climbed the ladder of qualifications that today’s online fraudsters need to profit in the digital black market.

In the article, “Cybercrime is now a booming industry,” the new Global Risks for 2012 report says that along with a steady increase in cyber attacks on businesses and governments around the globe, the top concern for illegal digital data sellers is maintaining trust with their customers.

According to an ethical hacker in India, the digital black market has become so competitive that entrepreneurial cyber criminals depend on their trustworthiness, along with free trials, discounted offers and money-back guarantees on stolen goods, to succeed in the shady underworld. (more…)

A few week’s back, I wrote how iovation’s fraud prevention service had been named as a finalist for the 2011 Red Herring 100 Global Award. This week we are proud to announce that iovation was named a Top 100 Global Company.

It’s truly an honor to follow in the footsteps of some of the most recognizable technology companies in the world such as Google, YouTube, Skype and eBay, who have all been previously selected to Red Herring’s prestigious Top 100 Global list.

This recognition is a direct result of years of hard work evolving our fraud protection service into a full spectrum device reputation solution that supports native and web integrations for mobile and desktop devices, tagged and tagless device recognition, real-time transparent risk scoring, and on-demand and scheduled reporting. Our remarkable growth is attributed to the collaborative work and effectiveness of our global device intelligence network, which today protects billions of transactions for our clients representing multiple industries around the globe. (more…)

“Carders” are the people who test and sell credit card details (most likely phished) to other individuals who carry out the actual credit card fraud. Carders are the most visible of criminals who distribute and sell stolen data to whoever is willing to take it and burn it onto a white card or make purchases over the internet. “Dumps” is a term for the batches stolen credit card data they buy and sell.

Computerworld reports:

“Tony Perez III, of Hammond, Indiana, pleaded guilty to the charges on April 4. In his plea, Perez said he sold counterfeit credit cards encoded with stolen account information. Perez found customers through criminal ‘carding forums,’ Internet discussion groups set up to aid in the buying and selling of stolen financial account information and related services.”

“During a June 2010 search of Perez’s residence, Secret Service agents found 20,987 stolen credit card accounts on his computers, in his email messages, in an online account and on counterfeit credit cards he was in the process of manufacturing, according to court documents. Credit card companies have reported more than US$3.1 million in fraudulent charges associated with those accounts, court documents said.”

Carding is a full time profession for thousands of hackers worldwide. Retailers’, banks’, credit card processors’, and many other corporations’ databases often contain millions of credit card numbers, and are targeted in “advanced persistent threats.” Any entity that accepts credit cards online or in the physical world is a ripe target for fraud. (more…)

Traditionally, students seeking financial assistance to further their education were required to complete a ton of paperwork and provide in-person photo IDs and other official personal documents. While much of the required information for applying for financial aid remains the same, the growth of online education programs for colleges and universities have changed in how applicants complete applications and deliver their information.

Today, anyone seeking federal aid for the thousands of online courses can do so while maintaining their anonymity. Without the physical checkpoints traditionally used to cross-reference and validate that applicants are who they say they are, higher education online programs are being hit with what’s being dubbed financial aid fraud, or distance-education fraud.

In the recent New York Times article, “As Online Courses Grow, So Does Financial Aid Fraud,” financial aid scams have become a serious problem. In a number of high-profiled cases, distance-education fraud rings have stolen hundreds of thousands of dollars using various techniques. For example, a woman submitted applications on behalf of 23 unknowing prison inmates that she gathered information on while working in the prison’s education department. The applications were admitted and granted more than $450,000 in federal aid, including nearly $125,000 for books, transportation and living expenses. (more…)

Around 1994, when I operated a small mail order catalog business, it was very difficult to obtain “merchant status,” or approval to accept Visa, MasterCard, Discover, and American Express cards. It was easier if you had a storefront, but payment processors made mail order businesses jump through more hoops.

Their main concern was that companies could set up shop, accept tons of credit card charges, and then vanish, leaving the banks short. Mail order fraud was also big. A stolen credit card could be used to place orders over the phone, and when the fraudulent charges were discovered, merchants would suffer from chargebacks.

At the time, it wasn’t even necessary to provide a correct expiration date, as long as the card wasn’t already expired. Then credit card companies began verifying billing addresses to authenticate mail orders. Eventually, an additional verification code was added to cards, referred to as a CVC or CVV. We still use these codes today, but they can be fraudulently obtained in a number of ways. (more…)

While the term “online abuse” often conjures up thoughts of cyber bullying, predatory behavior and customer harassment, Internet-based businesses that experience abusive activity within their social communities have to immediately address customer trust and confidence issues. Otherwise, they risk unwanted conduct between subscribers, which can ultimately lead to financial implications for the organization.

We all know that the top priority for any IT fraud team is to ensure their good customers can safely and easily communicate and do business within their online environment. However, because many business websites have networking communities that bring likeminded individuals together to socialize, the potential for users or criminals to act inappropriately towards others can create problems that can impact the user experience. (more…)

When it comes to studying the impact of online fraud, the discussion always turns financial. For online retailers whose business models rely on Internet transactions to generate revenue, fraud losses that range anywhere from tens of thousands to millions of dollars a year can have a significant impact on their overall business profits.

This is why combating increasingly sophisticated fraud techniques requires online merchants to identify fraudulent orders faster and boost the efficiency of their fraud management functions, without increasing overhead. For one North America retailer whose fraud losses were eating into profits and affecting the customer experience, implementing the right fraud prevention service enabled them to drop annual fraud losses from a peak of $2 million to $180,000.

In our newly downloadable case study, “Online Retailer Uses New Fraud Detection Systems To Cut Fraud Loss Rates,” Forrester Research principal analyst, Andras Cser, shares how the online merchant was able to reduce fraud loss by $1.8 million after deploying iovation’s ReputationManager 360 along with our partner’s case management system. (more…)

For banks around the globe, protecting customer accounts is becoming more challenging as cyber criminals work together to create more sophisticated attacks with the aim of defeating existing security measures. In fact, fraudsters have become so efficient at figuring out new ways to access critical data from a bank’s IT system that the article,“European banking industry lacks guidance to combat cybercrime,” suggests that the entire ecosystem — from government to banks — should take a cue from the criminals themselves.

Sometimes finding the right fraud prevention solution is the easy part. The real challenge comes when you have to sell the project to your executive team.

Does this scenario sound familiar? If so, you’re in luck. On September 20th, iovation’s senior sales executive, Cory Swick, along with one of our online global marketplace clients, will share their unique perspectives on how IT fraud professionals can properly sell their fraud prevention projects to upper management. The presentation will take place at this year’s Merchant Risk Council Fall Platinum meeting in Chicago, beginning at 4:00 p.m. in the Grand Ballroom at the Drake Hotel.

The presentation, “Selling Your Fraud Strategy Internally and Overcoming Challenges Deploying Third Party Tools,” will demonstrate how focusing on things like brand protection, company image, customer acquisition and retention, and boosting profits can strengthen your case when lobbying for fraud prevention projects that help reduce fraud rates and improve the health of your IT environment. (more…)

A recent report, published by the Office of Cyber Security & Information Assurance in the Cabinet Office and Detica, on the cost of cyber crime revealed that online crime costs the UK economy £27 billion per year. In the article, “UK Cabinet Office Report: The Cost of Cyber Crime,” UK businesses shell out more than three-quarters of the total annual cybercrime costs at £21 billion, while private citizens (£3.1bn) and the government (£2.2bn) round out the overall economical impact.

The study found that IP theft (£9.2bn) and industrial espionage (£7.6bn), combined, account for over two-thirds of the overall cost to UK businesses per annum. IP theft is largely committed against companies with high volumes of IP or IP that’s easy to hack, while industrial espionage includes stealing or exploiting non-IP data from organizations that depend on large amounts of financial transactions and monetary activities.

Other significant cyber crimes that impact UK businesses include extortion (£2.2bn), direct online theft (£1.3bn), and loss or stolen customer data (£1bn), according to the report.

Because organizations today are becoming increasingly dependent on cyber space for business commerce, communications, and daily operations and production, cyber threats pose a significant threat to individual nations, as well as the global economy. This is why reports like these are so important.

Understanding the economical impact cyber crime can have on businesses, industry, and the economy can play a critical role in setting effective security policies and implementing proactive fraud preventative strategies, such as iovation’s device reputation service, which combats new and evolving forms of cyber crime that have a negative impact on organizations across the globe.

When it comes to online fraud, most people have a zero tolerance policy. Common sense tells us that nobody wants to be conned out of their money, let alone their emotional state of being. While they say love is blind, online lonely hearts may also be turning the other cheek to potential fraud for the sake of a little companionship.

According to the article, “Online dating scams harm ‘thousands’ in Lee County,” Stacey Payne of the Lee County Sheriff’s Office community relations department says oftentimes those seeking love online either don’t want to believe it, are embarrassed, or simply don’t mind that the person they are in love with is a scammer. (more…)

Infographics: Hotel Credit Card Hacking © CreditDonkey

When travelers go online to research hotels to plan a vacation or business trip, things like proximity, cleanliness, amenities, and safety play a huge role in their decision-making process. But those priorities may be changing. With credit card fraud becoming more prevalent in the hotel industry, a hotel’s reputation in relation to online security and fraud risks may soon override many of the traditional considerations that consumers have for choosing hotel accommodations.

According to the article, “Hotel Guests More Likely to Be Credit Card Hacking Victims, CreditDonkey Illustrates Danger,” a study estimates that 38% of all credit card hacking involves hotels. That’s two-times more than the financial industry (19%), which surprises Charles Tran, founder of the credit card comparison website, CreditDonkey.

“We were surprised at the numbers showing that hotel visitors run the greatest risk of all for having their credit card information stolen.”

One of the reasons for these unexpected numbers may be the recession. Because the hotel industry has been hit so hard, many hotels and hotel chains have not adequately upgraded their computer security systems. This, along with the fact that travelers typically use credit cards to pay for their hotel stays, may explain why hotels have become prime targets for cyber criminals.

All of this could create a shift in priorities for travelers selecting a hotel. As a result, hotels need to make sure they implement effective anti-fraud security strategies that help reduce the risk of credit card fraud.

As cyber thieves get more sophisticated, hotels must deploy security tools that help them identify fraudulent activity before they happen. Fraud prevention tools like iovation ReputationManager 360 uses device reputations to identify in real-time when a device with a history of fraud or is associated with other known fraudulent accounts is attempting a transaction.

By recognizing or re-recognizing any type of Internet-connected device — whether it’s a PC, laptop, tablet or smartphone — before the transaction takes place, hotels can mitigate their risk of credit card fraud and other unwanted activities, all of which can have a significant impact on their brand reputation and, ultimately, their business revenues.

For years now, it’s become customary for companies to write off a certain percentage of online transactions on the P&L to account for the fraud they assume will get passed their anti-fraud defenses. But is accepting a certain amount of fraud loss any way to combat a problem that’s increasingly impacting sales revenues and taking a bite out of your bottom line?

To reduce fraud rates, social networking sites are using their own social verification systems to determine whether the person at the other end of a Web transaction is actually who they say they are. According to the article, “How your social network can protect your credit card,” social networking sites like Facebook collect various pieces of information about a user’s personal network to identify a person and reduce fraudulent activities such as credit card fraud, account takeover and account hijacking within their network. (more…)

Every day iovation assesses risk on more than 7.5 million transactions for the online customers that we protect around the globe. France ranks third by country, just behind the United States and United Kingdom, in the total volume of Internet traffic from any country that we protect. As you would imagine, France is a very important market for us. It is growing and as we continue to expand our international footprint, France will play a vital and strategic part in our growth.

As part of our effort to expand our device identification, device reputation and real-time risk mitigation services for online businesses in France, I am pleased to announce that Philippe Mazurier has joined iovation as Country Manager, heading up sales and business development and is based in Montpellier.

Philippe brings strong business relationships and deep, in-market experience that will be instrumental in helping us meet online fraud protection demands in this market. He understands the serious and damaging impacts that cybercrime has on online businesses.

As we continue to serve the French market, protecting e-commerce, financial services, gaming and online communities from fraud and abuse, having a seasoned veteran in authentication and fraud prevention services representing iovation will help us serve this market even better.

To arrange meetings with Philippe to talk about any fraud or abuse issues your company is experiencing, please email france@iovation.com or call +33 (0)6 69 79 12 33.

Since our inception, the online gaming industry has been a very important sector for us. This is why I am so excited that iovation’s ReputationManager 360 has been awarded Casino Journal’s Top 20 Most Innovative Technologies in Gaming Award, which recognizes outstanding fraud prevention services helping international online gaming companies stop fraud and abuse.

With criminals targeting online casinos around the clock (we’ve got the data to prove it!), gaming sites need all the help they can get to rid their tables of costly criminal activity such as credit card fraud, chargebacks, account takeover and player collusion. Leveraging iovation’s global database of over 600 million unique devices, our gaming customers gain deep insight into every device, whether it’s a PC, smartphone or tablet, attempting to login or play on their site. Using customizable business rules that allow them to assess risk at various integration points, online gaming providers will spot characteristics that are consistent with fraud and abuse to stop criminals before they strike. (more…)