Tags: credit fraud, device identification, fraudsters, Keyloggers, layered security
A federal investigation dubbed “Operation Open Market” recently yielded 19 arrests in nine states, for crimes including identity theft and counterfeit credit card trafficking. The defendants allegedly participated in “Carder.su,” a Las Vegas-based transnational ring that bought and sold stolen personal and financial information and manufactured counterfeit IDs and credit and debit cards in order to commit fraud. This criminal organization has also been known to host online forums wherein members are encouraged to buy and sell counterfeit documents and stolen data.
Executive Director of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations James Dinkins commented, “The actions of computer hackers and identity thieves not only harm countless innocent Americans, but the threat they pose to our financial system and global commerce cannot be understated.”
According to the Federal Financial Institutions Examination Council’s latest update, “Fraudsters use keyloggers to steal the logon ID, password, and challenge question answers of financial institution customers. This information alone or in conjunction with stolen browser cookies loaded on the fraudster’s PC may enable the fraudster to log into the customer’s account and transfer funds to accounts controlled by the fraudster, usually through wire or ACH transactions.”
The FFIEC recommends that financial institutions incorporate device identification into their layered security approach in order to thwart attacks like these, but smart financial institutions are going a step further by employing device reputation analysis approach.
iovation, an Oregon-based firm helping to fight cybercrime, offers device reputation, which builds on its complex device identification technology. It does this by offering real-time risk assessments which look at evidence of past fraud attacks, risk profiles, detects anomalies, and uncovers relationships between devices and accounts that have a history of working in collusion to stealing from online businesses.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Banking Security Guidelines Go Into Effect in January 2012
As banking applications evolve, common attacks on banks are becoming correspondingly more sophisticated. Small businesses, municipalities, and moneyed individuals are often targeted for obvious reasons: they have hundreds of thousands of dollars, if not a few million, in the bank, but their security is often no more effective than that of an average American household. The
- Financial Institutions Can Protect Their Clients Using “Defense in Depth”
Back in 2005, the Federal Financial Institutions Examination Council (FFIEC) made security recommendations for banks and financial institutions in response to the increase of cybercrime. Since then, banks have implemented most, if not all, of these guidelines, and cyber criminals have responded by challenging each layer of security, by exploiting different technologies or coming up
- Why Complex Device Identification Isn’t Enough
“Simple device identification” relies on cookies or IP addresses to confirm that a customer is logging in from the same PC that was used to create the account. The Financial Federal Institutions Examination Council has explained the fallibility of this system: “Experience has shown this type of cookie may be copied and moved to a fraudster’s PC, allowing
- FFIEC Mandates “System Of Layered Security” to Combat Fraud
For any cave-dwelling, living-under-a-rock, head-in-the-sand, naïve, under-informed members of society who aren’t paying attention, we have serious cyber-security issues on our hands. Black hat hackers, who break into networks to steal for financial gain, are wreaking havoc on banks, retailers, online gaming websites, and social media. Black hats cost these companies and their clients billions of dollars every year. They
- One-Third of Banking Account Takeover Attempts Successful
The Financial Services Information Sharing and Analysis Center (FS-ISAC), which works with the Department of Homeland Security, has released a study indicating that attacks on customer bank accounts have increased considerably in recent years. The FS-ISAC, in collaboration with the American Bankers Association, surveyed large financial institutions to collect data on fraud attempts. The responding banks
Leave a Comment
You must be logged in to post a comment.