The underground world of internet fraud.
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
One of my core responsibilities as a system admin is preventing credit card fraud on our network. I’m basically the primary gatekeeper who determines the validity and legitimacy of all new online orders. With the large amount of business we do on a daily basis, it’s impossible to completely eliminate credit card fraud. Even with the help of filters and automated systems, inevitably fraud gets through. I am realistic about the situation, all I can do is minimize, deter and stay one step ahead of them.
It’s a daunting task. These fraudsters are mostly international. They often work in organized groups and are constantly adapting their tactics and testing our systems. These probes of our security, at the front door and inside are non stop. This continues around the clock, 365 days a year.
The company I work for has been in the industry for over 10 years. The name is well known and established. The down side to that is the scammers caught on long ago, and word got around that we were the one stop shop for hosting accounts. That was 1997, fast forward to today and things have changed drastically. We have improved our systems, the cyber criminals have improved theirs. They are and always will be one step ahead of us. It’s a constant game of cat and mouse. In 1997 the cyber criminals were mainly reeking havoc on networks by sending spam, and launching DDoS attacks. The Internet was young then and scammers were just learning to take advantage of this new medium.
It did not take them long, and we now have a cesspool of fraud on the Internet. What adds to the cesspool of fraud is globalization.
The majority of these cyber criminals are from, Africa, Romania, Russia, South East Asia. These global criminals often come from poverty and third world countries. They have nothing to lose and everything to gain, to the tune of $49.3 billion in 2007 in the United States for identity theft alone. Most of these countries simply don’t have the man power nor funding to arrest these cyber thugs. It certainly is not a priority for them or the FBI.
To understand a cyber criminals mind, you must think like them, essentially almost become one of them. This is how I play the game everyday. Unfortunately at this point in the game, it’s often at some unknowingly random individuals expense. This persons credit card number, possibly social security number, drivers license info is floating around the net, being sold or traded in IRC rooms for instance. I often use social networking sites such as Friendster and Myspace as a tool for learning who our enemies are, their tactics, strengths and weaknesses. I have tracked a few individuals and groups down this way, I assume an alias and gain trust within there organizations. I use the necessary tools and translation software to extract what information of value I need. I randomly monitor IRC for activity. IRC is social networking for cyber criminals. Channels or rooms are used routinely to buy and sell breached consumer data. This data ranges from credit card numbers with or with out cvv2, social security numbers, bank account numbers and so forth.
The scammer is now armed with a fresh credit card. Their shopping spree might start off buying Skype credits and maybe some fresh Itunes. They then come to us to start their fraudulent activities off for the day. They are usually armed with numerous stolen credit cards, including cvv2, full name, billing address, telephone etc. In some cases they take over email accounts, or create new ones assuming the persons identity along with email passwords and personal information. The smarter and more sophisticated criminals almost go undetected, these are the true challenge for me. The majority of the cyber thugs I have encountered are sloppy. They do not attempt to use a proxy to hide their IP or use any other means to disguise themselves. They often test the system to see what will get through. The smarter ones can do it first time around, usually one or two fresh credit cards and correlating information is needed along with a good proxy.
Once they are in the door, it’s a race against time.
- Phishing
- Fraudulent escrow sites
- Fraudulent shipping sites
- Identity theft
- SQL Injection
- Spam
- DDoS attacks
This will be a continuing piece. More of the hosting underbelly will be upcoming in the days and weeks to follow. Stay tuned.
