Scanning the dark web for stolen credentials isn’t necessarily on the radar of every financial institution – but it should be. I was recently asked why we at Elements Financial believe so strongly in the power that scanning the dark web has to revolutionize a financial institution’s security, and why we bring it up so often. The answer is simple: because it prevents fraud.
How does it work?
First, we provide Easy Solutions with all of our Bank Identification Numbers (BINs). Easy Solutions is constantly searching the dark web, and when they detect malicious activity involving any of our card numbers, we receive an alert. As a small institution, we receive these alerts, on average, about once per week – sometimes they’ve found 5-10 cards, sometimes 40-plus. For a larger institution, the number will undoubtedly be much higher.
Once we’ve received the data on the potential cards that have been located, our staff gets to work analyzing the compromised data and creating a spreadsheet that includes: the BINs, last name, first name, city, zip code, and expiration date. Sometimes, all of the data points are included in the information received from Easy Solutions; sometimes, just a few. With the data organized, our next step is to determine which of our customers has been affected and if their compromised cards are still active.
When we find an active card on the dark web, we immediately contact the card owner and block the card that same day. All told, about 20 percent of the compromised cards sent to us by Easy Solutions are active cards that require immediate blocking – it’s impossible to put a figure on the amount of fraudulent activity we prevent by taking this proactive approach.
In addition to dark web monitoring for card information, Easy Solutions also searches third-party app stores, looking for copycat and malicious versions of our mobile web application. Any time they find one, which occurs for us about once per month, they immediately send out a cease-and-desist letter to the app store, and the app is almost always removed the same day. There is absolutely no work on our side, meaning that we get to passively ensure that our clients are not being victimized by malicious mobile applications.
Finally, Easy Solutions monitors for copycat domains that try to imitate our website. We have yet to experience a valid incident in which this has happened, but we know that if someone ever attempts to duplicate our site, our clients are safe.
Before we used these dark-web monitoring tools, we didn’t understand why they were so necessary. After seeing the actual amount of dark web activity involving our customers, we were immediately converted into dark-web monitoring evangelists.
For more information on dark web monitoring, take a look at Detect Monitoring Service.