On January 21st, another huge batch of over 2 million cards hit the black market forums. After inspection y the Easy Solutions team, it appears that this batch is from the Target breach as well, which took place with some degree of uncertainty between November 27th and December 15. Evidence of the Target breach was first detected by Easy Solutions on December 11th and the breach was confirmed on December.
On New Year’s Eve, researchers unveiled that hackers had been able to physically hack into ATMs throughout Europe, using USB drives. This came as little surprise to those who follow ATM security, and understand the inherent weaknesses in the model.
On Jan 4th, we saw a dump of 2 Million cards onto the black market – one of the largest single day drops we’ve seen in a while. While we can’t definitively say what the source of the breach was, the percentage of Extremely High Value cards is significantly higher than we see on average. These are cards like the Amex Centurion card – an invite-only card that comes with a $7500 setup fee, and $2500 annual fee. While it is hard to determine from a single black market, this would indicate these could come from a high end source, such as Neiman Marcus.
It looks like it isn’t just American consumers dealing with the fall-out from the Black Friday Target breach. A huge batch of 500,000 cards from non-US banks, with a big percentage from Latin America, have shown up on the black market for sale. These “world dumps” fetch a premium and are selling from about $60 to well over $100 per card.
As we are in the midst of the largest online holiday shopping phenomena ecommerce has ever experienced, it’s pretty safe to assume that fraudsters are looking for new and even more ways to put a little jingle in their wallets this season and beyond. So in a year where we are seeing data from various sources indicating financial fraud is climbing faster than Santa can slide down your chimney, we have pulled out our crystal ball to make some 2014 Financial Fraud Predictions here at Easy Solutions to help you stay head of the game in the coming year. While these are just predictions, they are based off of some very real trends and data we are seeing here at Easy Solutions:
Mobile fraud will evolve faster than defenses for at least another year. In the last month, the four major US mobile carriers announced that they will begin blocking premium or paid SMS charges, otherwise known as cramming. Around 75% of all existing mobile malware uses this method to monetize mobile fraud. Cutting off this revenue source for fraudsters will accelerate innovation of mobile malware and take more advanced techniques like SMS OOB interception into the mainstream.
Unveiling our New Webcast….Building for Tomorrow: Creating a Flexible and Effective Multi-layer Approach Against the Fraud of Today and Tomorrow featuring Gartner Expert Avivah Litan
In this increasingly mobile, fast-paced world, organizations contend with ever-more sophisticated fraudsters across an array of channels. The bad guys always have the ‘first mover advantage’, since they’re designing the attacks. They’re likely to be younger, smarter, and more aggressive than ever. Knowing the emerging fraud trends to catch the bad guys in the act is only part of the fraud puzzle – there is in fact an entire life cycle to an electronic attack, each requiring a different fraud prevention practice and technique along the way. For example, the recent $45M heist is a great example of a compromise that involved vulnerabilities at every stage of an attack, across multiple transactional channels. This was a very well planned attack, where the perpetrators leveraged vulnerability in the Middle East for the setup and launch of the attack, but ultimately leveraged ATMs in New York and around the world to extract the cash. The ability to stop them at any stage along the way could have been a crucial difference.Often times we find companies spending significant time and resources on prevention strategies and tools that are incompatible, insufficiently address each part of the life cycle or, may miss the target all together depending on the organization’s business nature. This all can be daunting. We hear it all the time. You have to find a trusted partner to go to war with, because you can’t keep up with all of this by yourself.So, what are the biggest challenges customers face in protecting themselves from today’s fraudsters? And how can they protect themselves against new threats while leveraging their legacy systems?
In our latest webcast, Building for Tomorrow: Creating a Flexible and Effective Multi-layer Approach Against the Fraud of Today and Tomorrow– Gartner Research Vice President and Distinguished Analyst Avivah Litan and Easy Solutions’ CTO Daniel Ingevaldson – answer these questions and more. They will discuss the biggest challenges customers face in protecting themselves from today’s fraudsters. We invite you to learn how a multi-layer approach can help you secure all of your transactional environments from fraud, and more importantly, help you find the right solution for your fraud prevention needs.
Other key topics in the webcast include:
Emerging market trends in web fraud
Best practices for web fraud prevention
The mobile threat landscape
Fraud prevention strategies for cloud technologies
What companies should look for in a fraud protection solutions provider
Last week, the Justice Department indicted a 24 year old Vietnamese man with 15 counts of wire fraud, identity fraud, access device fraud and conspiracy charges, for his part in stealing and helping to sell ‘fullz’ packages of IDs online for over 500,000 people. These ‘fullz’ packages include a person’s name, date of birth, social security number, bank account number and bank routing number, and payment card data. Read more
A large, national mutual savings and loan association, founded in 1971, is in the business of providing financial services to help families begin saving for large purchases. Today, the organization processes transactions for hundreds of thousands of clients. Read more
Good news for customers of Easy Solutions’ Detect Monitoring Service (DMS). Our team has been hard at work making a number of performance improvements as well as several new front-end enhancements to this important service. With this new upgrade, customers will be even better equipped to manage the entire lifecycle of phishing attacks via real-time monitoring and connections analysis. Read more