Online fraudsters have always been a shifty bunch. The worst part is, it’s their chameleon-like nature that is part of their ongoing success, as well as every fraud managers’ nightmare.

According to the Banking Times article, “Criminals shifting to card-not-present fraud because of chip and PIN success,” they are on the move again. Data recently released by FICO, a leading provider of analytics and decision management technology, shows that across Europe card-not-present (CNP) fraud has dramatically increased, accounting for 72% of all fraud losses between March 2009 and March 2011. The big reason for this change? Chip and PIN technology, which has helped reduce counterfeit fraud by 60% over the same period.

In comparison, a similar study conducted three years ago found that ‘card present’ fraud accounted for 60% of Europe’s credit card fraud. But since European banks adopted the smartcard payment system, that number has dropped significantly over the past couple of years.

So, remaining consistent to their adaptive nature, it appears that cyber criminals have shifted their attention to CNP schemes like online fraud, targeting countries and business systems with weaker detection and prevention capabilities, said Martin Warwick, FICO’s Fraud Chief in Europe, the Middle East and Africa. (more…)

We all know cold remedies are made to treat the symptoms, not kill the virus. In a way, reactive anti-fraud solutions work the same way. They’re good at cleaning up the mess or correcting the problem once fraud has occurred, but have difficulty preventing cyber crimes from happening in the first place, or worse, stopping them from reoccurring over and over again.

The truth is, even diligent businesses running the latest security software remain vulnerable to the growing number of new and unknown forms of online fraud and abuse. Take it from Mark Patterson, co-owner of PATCO Construction Inc: when it comes to fighting ACH fraud the new FFIEC authentication guidance falls short. He says that until banks become legally liable and accountable for such online crimes, businesses will remain susceptible to online fraud.

In the BankInfoSecurity article, “Fraud: The Victim’s Perspective,” Patterson, whose small residential and commercial construction company lost over $550,000 to fraudulent ACH transactions, said that while he’s glad updates have been made to the security guidelines, they don’t go far enough. In order for small businesses to protect themselves from online crimes like ACH fraud and account takeover, they need to take it upon themselves to also incorporate their own internal policies and processes to detect fraud and abuse. Some of his recommendations include:

• Talk to your bank about the ACH fraud policy to understand if fraud losses are covered
• Monitor all online transactions for bad IP addresses, anomalies, and suspicious activity
• Run and analyze reports to recognize patterns and velocities
• Educate yourself about online threats and how bad they really are

(more…)

Today’s traveler, whether on business or vacationing at their favorite surf or ski resort, is becoming increasingly dependent on their electronic devices. While our smartphones, tablets and laptops allow us to be more business efficient and instantly share our travel moments with family and friends, our favorite handheld devices are also vulnerable to being lost, stolen or hacked while on the road.

In the USA Today article, “Travelers at high risk of identity theft, experts say,” travelers lost a total of 11,000 mobile devices at the busiest U.S. airports this year. And that only accounts for items lost before travelers reach their intended destinations. In a study of 200 data breaches, Trustwave’s SpiderLabs found that hotels and resorts are prime targets for crooks stealing financial information, with respondents saying 38% of data thefts took place at hotels or resorts.

John Sileo, an identity theft and fraud expert who experienced identity fraud first-hand while traveling to Disney World, says people can be particularly vulnerable when they are unfamiliar with their surroundings. In his case, he suspected someone took a photo of his card number at the theme park before his bank informed him that his credit card had been shut down when someone attempted to make $3,000 worth of online charges to his card. (more…)

Helping online businesses effectively and efficiently fight online fraud and abuse is our No. 1 goal here at iovation. And according to the team at Red Herring, we have performed exceptionally. For our work in stopping more than 50 million online fraud attempts for our customers this year, we are proud to announce that iovation’s fraud prevention service has been named a finalist for the 2011 Red Herring 100 Global Award.

For the 2011 Global Award, the Red Herring editorial team selected companies demonstrating the most innovative technologies and business models originating from over 1,000 companies from over 40 nations. The companies are judged on a range of qualitative and quantitative metrics, including technology innovation, financial performance, growth criterion, management’s execution standards, potential globalization of the strategy and market share improvement.

The 2011 Global finalists will be featured during the Red Herring event taking place at the Hyatt Regency Century Plaza on December 5-7, 2012. iovation’s CEO, Greg Pierson, will be presenting iovation’s winning strategy on Tuesday, December 6th and on the last night of the event, the Global winner will be announced. If you are attending the event and would like to schedule time to chat with Greg Pierson, please email info@iovation.com.

As Internet traffic grows exponentially, the ability to identify all online transactions is an ongoing challenge for any organization. This challenge is even more significant for businesses whose sales revenues rely on online payments. For them, the ability to analyze and decipher the difference between a valid transaction and a risky one is critical to their business success.

As we inch closer to the holiday season, a pair of recent articles highlight the increasing volume of online transactions that are just around the corner for online merchants. If there is a security takeaway from these trends, it’s that IT fraud teams better be prepared for significant increases in online transactions over the next few weeks. (more…)

Every online user, including fraudsters, were granted a free pass by the Justice Department earlier this week for lying on the Internet. Okay, I know what you’re thinking: “How can we prosecute somebody for lying?” Fibbing is an age-old human behavior that even the DoJ says it doesn’t have the time or resources to bring cases against everyone who lies on dating websites.

According to the Politico article, “Free pass for dating site liars,” people can take comfort in knowing that they don’t have to worry about being prosecuted or hauled off to jail for telling a little white lie over the Internet. While this certainly makes sense, at the same time we’re still walking on shaky ground when it comes to online lies, falsifications, profile misinterpretations, or whatever you want to label it. The fact is, when it comes to identity fraud, fake accounts or other crimes on romance sites, lying is typically the basis for the crime. It sets the stage for deeper criminal activity that can cost victims both emotional and financial hardships, not to mention damage to the dating site’s reputation.  (more…)

When it comes to victims of online dating fraud, we’ve heard the stories of how unsuspecting lonely hearts have lost tens of thousands of dollars. The emotional hardships and financial setbacks that victims of online romance scams go through can be devastating. This week, we saw another story that left one victim with no money, homeless, hungry, and eventually hospitalized with pneumonia in a foreign land thousands of miles from home.

In the article, “American Stranded in Ukraine in Online Dating Scam,” former write-in candidate for governor of Arizona, Cary Dolego, traveled to the city of Chernivti, Ukraine, eager to meet up with the woman he fell in love with online and one day hoped to marry. She never showed.

Turns out, Dolego was a victim of an online dating scam that stemmed from account takeover. Apparently, someone or some group hacked into a woman’s account on an international dating website and was communicating with Dolego on behalf of a woman named Yulia. While the woman later said the account on the dating site that Dolego had been corresponding with was hers, she claims she was not part of the scam. (more…)

Businesses have always been challenged with knowing whether a customer is genuine or not. It’s a critical part of any company’s daily business operations, and how they protect themselves from fraud losses that impact the bottom line. But with online merchants taking more orders from new and evolving technologies, the ability to identify the good from the bad is a great challenge.

As cyber criminals take advantage of various technologies to bypass businesses’ digital security efforts, any business that wants to succeed in today’s rapidly-changing business environment needs to have layered and effective security measures in place that allow them to know when they are dealing with a legitimate customer or a clever fraudster.  (more…)

Traditionally, students seeking financial assistance to further their education were required to complete a ton of paperwork and provide in-person photo IDs and other official personal documents. While much of the required information for applying for financial aid remains the same, the growth of online education programs for colleges and universities have changed in how applicants complete applications and deliver their information.

Today, anyone seeking federal aid for the thousands of online courses can do so while maintaining their anonymity. Without the physical checkpoints traditionally used to cross-reference and validate that applicants are who they say they are, higher education online programs are being hit with what’s being dubbed financial aid fraud, or distance-education fraud.

In the recent New York Times article, “As Online Courses Grow, So Does Financial Aid Fraud,” financial aid scams have become a serious problem. In a number of high-profiled cases, distance-education fraud rings have stolen hundreds of thousands of dollars using various techniques. For example, a woman submitted applications on behalf of 23 unknowing prison inmates that she gathered information on while working in the prison’s education department. The applications were admitted and granted more than $450,000 in federal aid, including nearly $125,000 for books, transportation and living expenses. (more…)

Good news in the fight against online fraud. The Financial Fraud Action UK recently announced that fraud stemming from card-not-present (CNP) transactions fell 8% over the same period last year.

In the InternetRetailing article, “Online shopping fraud down in first half of 2011,” during the six months ending in June, online shopping fraud including mail order and phone fraud dropped to £109.2m compared to the £118.2m in fraud losses in the first six months of 2010.

Source: Financial Fraud Action UK, Cheque & Credit Clearing Company and The UK Cards Association

While findings like these are certainly encouraging, it doesn’t mean the bad guys have given up. Far from it. While an increase in fraud protection measures play a significant role in the declining numbers, once a security hole is filled fraudsters typically turn their energies elsewhere.

DCI Paul Barnard, head of the Dedicated Cheque and Plastic Crime Unit (DCPCU), is quick to point out that while online shopping fraud losses are down, the fraudulent use of lost or stolen cards is up 20%.

“There has been an increase in old fashioned scams – criminals using distraction techniques and social engineering methods to get hold of people’s cards or phone banking details. We are urging everyone to be on their guard.”

As organized cyber criminals shift tactics, the ability to expose thieves who are fraudulently using someone else’s personal or financial information to purchase items online is essential to preventing fraud or abusive activity that impacts consumers and an online business’s bottom line. This is something iovation does every day for merchants that sell goods and services over the Internet.

Checking millions of daily transactions coming into our B2B customers’ websites against our dynamic, device reputation database that’s now 715 million deep, iovation’s ReputationManager 360 provides real-time device intelligence IT fraud teams need to instantly recognize and reject bad orders on the spot to prevent an array of fraud techniques and social engineering schemes designed to defraud today’s online businesses.

Much like the annual gains of any financial market, the cyber crime economy is growing.

According to the article, “Cyber crime hit 431 million adults in 24 countries,” a recent Norton cybercrime report found online crime jumped 3% compared to its 2010 study, costing fraud victims more than $388 billion worldwide over the past year.

Eating up 35% of the global cybercrime bill were U.S. fraud victims, who spent $139 billion on cybercrime last year. That amounts to 141 victims per minute, an alarming statistic even for Norton’s consumer cybercrime expert, Helen Malani. (more…)

While the term “online abuse” often conjures up thoughts of cyber bullying, predatory behavior and customer harassment, Internet-based businesses that experience abusive activity within their social communities have to immediately address customer trust and confidence issues. Otherwise, they risk unwanted conduct between subscribers, which can ultimately lead to financial implications for the organization.

We all know that the top priority for any IT fraud team is to ensure their good customers can safely and easily communicate and do business within their online environment. However, because many business websites have networking communities that bring likeminded individuals together to socialize, the potential for users or criminals to act inappropriately towards others can create problems that can impact the user experience. (more…)

Understanding the evolving fraud threats that financial services organizations face today is crucial to preventing the damaging affects that credit application fraud, account takeovers and identity theft can have on their business, customers and bottom line.

To help European financial services leaders understand how to thwart these increasing risks, iovation is scheduling one-on-one meetings with Europe’s major financial institutions at the upcoming Financial Services Technology (FST) Summit, October 4-6, in Lisbon, Portugal. If you are interested in learning about the latest online fraud trends and best practices for fraud prevention in retail banking and commercial banking, please reserve some time for us to talk.

As the world’s leading provider of fraud preventative device reputation services, iovation helps businesses assess online transaction risks before they happen. Our active partnerships with leading credit issuers, foreign exchange service providers and banking clients around the globe are designed to stop account takeovers, ID theft, ACH or debit fraud, credit application fraud and more. (more…)

For banks around the globe, protecting customer accounts is becoming more challenging as cyber criminals work together to create more sophisticated attacks with the aim of defeating existing security measures. In fact, fraudsters have become so efficient at figuring out new ways to access critical data from a bank’s IT system that the article,“European banking industry lacks guidance to combat cybercrime,” suggests that the entire ecosystem — from government to banks — should take a cue from the criminals themselves.

The requirements for making any top business list is revenue growth. The prestigious Inc. 500/5000 is no different. This list considers the percentage of revenue growth over the previous three years to rank the fastest growing private companies in America.

Once again, iovation is proud to be named to Inc. magazine’s 5th annual 500/5000.

Much of our growth in terms of revenue and the size of our fraud-fighting network has been with online banks and credit card issuers. The number of device reputation queries performed by our fraud protection service has grown 938% since 2007, while the number of devices managed in our global device reputation database has increased 2,492% over the same period, reaching more than half a billion devices worldwide.

In the Inc. 5000 ranking, we are the 45th fastest-growing private company in the Portland, Ore. region, and 62nd in U.S. security companies.

As online businesses continue to build safer environments that detect and stop evolving forms of fraud and abuse, our B2B SaaS solution exposes the reputations of all types of Internet-connected devices (desktops, tablets, smartphones) and hidden relationships between devices inside and outside corporate networks. The webs of associations that iovation’s ReputationManager 360 uncovers allows organizations across multiple industries to instantly detect and shut down fraud, abuse and other online crimes before their business and customers are impacted. (more…)