Played
-
According to a recent study, experts are estimating that fraud targeting call centers and customer service departments of online companies will increase 250% by the end of 2018 (compared to 2017). And, based on the online companies Karisse and Brett have talked to, it's become a huge problem. Whether the fraudster is calling to re-route a package, place an expensive order or to pre-text, Karisse & Brett will discuss why these are becoming a bigger problem, examples of the tactics being used and ways to work with customer service to train them to identify fraud calls and prevent losses due to phone fraud.
Especially with the holidays coming quickly, this is an important episode to listen to as this method will be used frequently by fraudsters for the Holidays 2018.
To listen to the webinar the hosts mention they did with Sift Science and CardNotPresent.com, and hear more about this fraud trend and others impacting retailers this holiday season, go here:
https://info.cardnotpresent.com/holiday-fraud-trends-targeting-retailers-webinar?utm_campaign=Webinar%20Rebroadcasts&utm_source=web&__hstc=244873690.753f11dbb2fd82bcb7ebeb3a7dfb2a58.1519760045432.1524771864226.1533093306402.8&__hssc=244873690.2.1542309146129&__hsfp=298233994
Subscribe to Online FraudCast on your favorite podcast app to be alerted when new episodes are out. We love to hear from our listeners! Follow Online FraudCast on Facebook, follow the hosts individually on LinkedIn or e-mail us at [email protected] to stay connected, ask questions or provide feedback!
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
Last week, news broke of a new cache of stolen PII data being released. "Collection #1" consisted of over 700 million e-mail addresses and over 20 million passwords. And, it was reported more collections (2-6) would be released soon. But, shortly after the news was announced, many experts reported the bulk of the data had already been released in to the dark markets, so the majority of the "Collection #1" data was "old". Many experts stated this wasn't a big deal because the information is already out. But, is this really no big deal for fraud?
Brett & Karisse asked friend of the podcast, Aaron Sherman, Senior Director of Cyber Threat Intelligence at Braintrace. aaron had a few days to look through the Colllection #1 data and shares observations he found, as well as insights that can be gained from this data that will continue to be useful for fraudsters to commit fraud. Password safety, employee training, credential stuffing and business email compromise are just a few of the topics discussed in this episode.
Subscribe to Online FraudCast to be alerted when new episodes are out!
Original Article Detailing Collection #1:
https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/
Have I been pwned website:
https://haveibeenpwned.com/
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
What happens when Brett Johnson records an episode without his co-host? You get to learn a lot from a former cyber-criminal! In this solo podcast, Brett shares his opinion on former colleague Max Butler's recent indictment of additional felonies while in jail, as well as insights on his own time in prison. Brett also discusses vulnerabilities in the USPS "Informed Delivery" program and smart doorbells and how both can provide a false sense of security unless you're informed.
News Stories Referenced in this episode:
Max Butler News:
https://www.thedailybeast.com/feds-say-imprisoned-hacker-ran-a-drone-smuggling-ring
Aaron Sherman's Interview on Informed Delivery:
https://www-abc4-com.cdn.ampproject.org/v/s/www.abc4.com/amp/news/local-news/criminals-can-target-your-packages-with-usps-informed-delivery/1639604014?amp_js_v=0.1&usqp=
Brett Johnson's Blog Post about Smart doorbells:
https://www.anglerphish.com/single-post/2018/11/12/Ring-a-Ling-Porch-Pirates-Defeating-the-Ring-Doorbell-System
Subscribe to Online FraudCast to be alerted of new episodes when they're released. Also, follow Online FraudCast on Facebook, connect with co-hosts on LinkedIn or e-mail us at [email protected]
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
The main topic of this episode is mobile fraud; fraud that occurs on mobile devices, both in-app and mobile web, as well as mobile emulators and a newer method, phone porting. In the "What The Fraud" segment, Brett discusses a new method fraudsters are discussing on private dark web forums using the cardholders e-mail address to bypass some e-mail verification services. Both Brett & Karisse discuss ways to circumvent this fraud tactic.Diving in to mobile fraud, Brett talks about phone porting, how fraudsters are now taking over the phone number of cardholders to place an order. They both discuss the use of mobile emulators, in-app and mobile web fraud and various methods of prevention. Studies mentioned on the episode:Lexis Nexis True Cost of Fraud Study:https://risk.lexisnexis.com/insights-resources/research/2018-true-cost-of-fraud-study-for-the-retail-sector2018 Mobile Fraud Survey:https://cardnotpresent.com/2018-mobile-survey-shows-complacency-still-looms-as-mobile-commerce-fraud-continues-to-grow/2018 Fraud Operations Survey Results Webinar:http://info.cardnotpresent.com/2018-cnp-fraud-operations-study-webinar?utm_campaign=Risk%20Ident%20Webinar%200531%202018%20CNP%20Fraud%20Operations%20Study&utm_source=webLet us know what you think and what you hope to hear on a future episode! [email protected] more about your ad choices. Visit podcastchoices.com/adchoices
-
When a company first starts receiving fraudulent transactions on their website, it's usually fairly easy to spot (if you know what to look for). But, after awhile, the fraud tactics will get more sophisticated and frequent. When is that tipping point and what causes it? That's the main listener suggested question Brett and Karisse answer in this episode. They also explore how a fraudster selects a new company to exploit and the things they look at to select the method they use and the information they buy. And, to demonstrate the way they do this, Brett uses the online rental websites as an example. -A business model Karisse knows all about and shares some of her experience & stories.
Subscribe to Online Listen to be alerted when new episodes are released. Follow Online FraudCast on Facebook and Brett & Karisse individually on LinkedIn.
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
On this episode, Brett & Karisse discuss triangulation. A type of fraud that especially impacts event or attraction ticketing companies, online travel agencies, retailers and anyone with giftcards. First, in the What The Fraud segment, Karisse shares a topic a few retailers have shared with her recently: a steep increase in "lost package" claims. Brett discusses what is most likely the root cause of these claims and Karisse follows up with actions merchants can take to reduce the impact of this to your company.
Triangulation occurs when fraudsters purchase items or services from your company (on a stolen payment method) to resell to a consumer for less than retail. The impact to merchants can result in customer service issues when the customer is impacted negatively (the tickets or giftcards are canceled or the customer can't return the item because there is no purchase history between the consumer and the company). Brett shares why this type of fraud is attractive to fraudsters and several examples of their methods depending on the products that are purchased (and an example of how he unknowingly fell for a triangulation scheme as a consumer). Karisse follows up with the impact to CNP companies and various strategies and process changes merchants experiencing this type of fraud can deploy to reduce the impact to their bottom line and to create policies when consumers contact customer service regarding the purchase of stolen products.
Let us know what you love about this episode by rating & reviewing this podcast on your podcast app and contact us at [email protected] with questions, suggestions or feedback.
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
On this episode, Brett & Karisse talk about a topic that impacts almost every CNP merchant: "friendly" fraud. But first, Brett discusses a common fraud tactic shared widely on the dark web. Then, they both describe their own definitions of what friendly fraud is and it's impact on CNP businesses. They also discuss why it's such a problem, the challenges in preventing it and strategies to reduce the impact of friendly fraud in your business, whether it manifests in chargebacks or excessive refunds.
Let us know what you love about this episode by rating & reviewing this podcast and contact us at [email protected] with questions, suggestions or feedback.
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
On this episode, Brett & Karisse dive in to a topic they get asked about a lot from CNP merchants: Account Takeovers. They start out by defining account takeovers, explaining why it's growing, the evolution of account takeover from both the fraudster and merchant perspective. Brett also shares characteristics of victims that are most attractive to fraudsters like gender, BIN, location, etc. Karisse then talks about how the information targeted for data breaches impacts ATO tactics and targets and both discuss why it's so important (but difficult) for merchants to work together to fight newer fraud tactics, and provide a few examples of how that can be done. They also share:-How fraudsters use proxy servers to commit ATO-The impact of ATOs on merchants and legitimate consumers-Different types of ATOs impacting CNP merchants such as brute force attacks, credential stuffing, using card on file, utilizing account purely for legacy of account & how they impact different types of merchants-Strategies, tools & processes that have been helpful to CNP merchants to reduce & prevent ATOs-Best practices for continually evaluating fraud service providers and ensuring they're helping you fight the current fraud tactics your company is experiencingFollow Online Fraudcast on Twitter, Instagram or Facebook; Follow Brett and Karisse individually on LinkedIn and contact us at [email protected] Learn more about your ad choices. Visit podcastchoices.com/adchoices
-
Hosts Brett Johnson and Karisse Hendrick share their very different journeys to lead them both to where they are today, as two of the leading experts in online payment fraud and cybercrime. Brett shares the circumstances and choices that led to becoming a founder of the first darkweb forum to aid criminals in buying and selling credit cards (several years ago) and to eventually end up on the Secret Service's Most Wanted List. And Karisse shares some of the experiences in her career that led to working with hundreds of the largest online merchants in the world, to help them create strategies to reduce online payment fraud. Together, they talk about how they met and formed an unlikely friendship.
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
Based on several reports from online merchants, law enforcement, cardholder victims and even posts on fraudster forums, it's become clear to Brett & Karisse that there's a new fraud tactic targeting online retailers. It's a new issue that they're not entirely sure of a solution yet, but it's rampant enough to discuss and notify online retailers this is happening. But, before diving in to that topic, Brett & Karisse discuss fraud during the holidays. Why do fraudsters love Christmas as much as everyone else? What are some of their goals for holiday orders? What are they posting on dark web fraudster forums? -It'll all be discussed prior to discussing what they're tentatively referring to as "white list fraud".
Follow Online FraudCast on Facebook! Questions? e-mail: [email protected]
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
In this episode, Brett & Karisse take on the topic of "carding", which is the fraudster term for "clean fraud" or standard credit card fraud, to merchants. They start by talking about how each side, fraudster & merchants view this differently and it's impact to merchants. They discuss in-store carding vs. CNP carding and why CNP carding has increased in the US dramatically over the last 3 years.
Brett also shares the 9 different tactics he sees carders employ against online merchants including utilizing a drop ship address, re-shipping, triangulation, in-store pick-up, etc. They both discuss various prevention strategies against CNP carding and why it's so important to continually assess your fraud prevention tools and processes. Karisse ends with providing a high level overview of the various different types of fraud prevention tools & how they're best utilized.
Learn more about your ad choices. Visit podcastchoices.com/adchoices -
In the first official episode dedicated to online and mobile merchants on fraud prevention, Brett & Karisse start off with a segment called "What The Fraud". Brett talks about a current trend he is seeing discussed on dark web forums and Karisse shares a recent trend that's been reported by several merchants. Brett then goes in to the progression of the career of an online fraudster. Knowing what they start doing and the types of fraud they commit at the beginning, their next steps and where different company types fall within that trajectory. Karisse follows up with the "5 stages of fraud", as she has previously highlighted in an article on cardnotpresent.com, sharing observations she's made when merchants first encounter fraud online.
Learn more about your ad choices. Visit podcastchoices.com/adchoices