EMV was expected to help prevent fraud involving counterfeit credit cards. While the incidence of counterfeit card fraud has dropped, there has been a corresponding (and steady) rise in card not present fraud. The reasons behind this are myriad, but an ongoing series of massive breaches over recent years, coupled with the ease with which consumers can shop online, have fueled the fire. Further complicating matters, some EMV compliance deadlines were pushed back from October 2017 to 2020.
The Dark Web: Your Full-Service, Online Fraud Retailer
Immediately following a successful cyber attack, stolen data and information is instantly packaged and made available for sale on the Dark Web. Typically, this is carried out long before the affected financial institutions and consumers are even aware that a breach has occurred and that information has been compromised. Making matters worse—and as history has shown—it can take months before financial institutions admit to a breach and notify their clients.
Card data is most valuable immediately following a breach, earning more money per card on the market within the first few days and weeks than at any other time. The data is packaged in bulk, making it a boon for cybercriminals as they quickly use the stolen information to purchase gift cards and products that they can then return or sell for cash. Interestingly, business credit cards are even more valuable than consumer credit card data.
The Black Market, as it turns out, operates for cybercriminals much as retail and online stores do for consumers. It has customer support, money-back guarantees, easy checkout, and all the conveniences online retailers offer. What’s more, it utilizes currencies that are untraceable, making it very difficult to find and prosecute cybercriminals for the crime.
Knowledge Is Power
So, what can institutions do to protect their customers and prevent fraud losses?
Fraudsters put a lot of time and effort into planning and selecting targets for their attacks, meaning that an organization's ability to proactively monitor and determine whether it is under attack is key.
Vital information can be gleaned from the Dark Web— for example, is your Bank Identification Number or customer data on the Dark Web? Armed with this knowledge, you can stop counterfeit card fraud before it happens. Vision into what’s on the Dark Web also gives financial institutions the ability to cancel only those cards that may have been breached, rather than replacing cards for an entire customer base. Additionally, proactive monitoring provides your IT department with insight regarding the point of compromise and real-time alerts when your institution is under attack.
Sadly, fraud is not going away anytime soon, especially given the thousands, if not millions, of records available on the Dark Web. And, as long as we continue to offer consumers easy methods of shopping—whether it be through mobile devices, online retailers, store kiosks, smart TVs, and other devices—these breaches will continue to become more widespread and give fraudsters an even a bigger pool to swim in and perpetrate their crimes.
Stopping Fraud in Its Tracks
There’s something to be said for the adage, “If you can’t beat ‘em, join ‘em.” And while we’re not advising turning to a life of crime, unmatched visibility into the underworld dealings on the Dark Web provides companies with a unique advantage. Solutions such as Detect Monitoring Service combine comprehensive coverage, unique detection and intelligence, and automated takedown to combat attacks from the beginning – enabling organizations to focus on the future, not the fear of fraud.