How Networking Is Driving Fraud Sophistication
The old Hollywood myth of the hooded fraudster working from their basement is no longer true - and the repercussions for eCommerce are significant.
The top post on the popular Dark Web forum DarknetMarketsNoobs is a pinned compilation of useful links and important previous entries. The helpful post serves well to illustrate just how outdated is the old trope of the lone fraudster working from their basement. Today, no fraudster is an island. Instead, fraudsters are part of an ever-expanding network shaping an industry with a turnover worth billions of dollars a year.
The fraud ecosystem
Different players play different roles within the fraud-service economy, both feeding off and contributing to this global industry. Experts create starter kits and tools and provide up-to-date tips on weak spots in the eCommerce market. For a reasonable price, bad actors of all sophistication levels can easily obtain everything required to commit fraud: from personal information (sometimes referred to as ‘fullz’) and credit card details to malware and bots that perform large-scale attacks.
Looking for something a little more specialized? Fear not, that’s where the “service” part comes in. You can obtain guides or pay for courses that will teach you how to do anything, from spoofing devices to hacking into databases. Need to impersonate a victim? Someone will create fake documents for you for just that purpose. Fake vaccine passports were a hot commodity last year, too.
And like every mature industry, fraudsters do more than just buy, sell, and discuss new market developments. Alongside the markets and vendors, the community leaves reviews for sellers and products, recommending those with good services while warning against members who tend to under-deliver or cheat their customers. Another popular forum, Best Carding World, has a special board dedicated to scam reports, where users report on other users who took their hard-earned money and bailed. Fraud may be their day job, but even they expect better from their colleagues.
An information economy
For the legitimate side of the digital world, this level of information sharing is bad news. New fraud patterns and tools emerge daily in response to changing consumer behaviors and expectations, technologies, and regulations. The networking between fraudsters not only enables the dissemination of these patterns across different fraudster groups working at different levels of skill but also leads to collaboration on tackling challenges.
Ahead of the implementation of the PSD2 in Europe, for example, Riskified partnered with IntSights to conduct dark web research. We noticed a significant increase in discussions about ways to bypass Strong Customer Authentication (SCA), mandated by the regulation to make card-not-present (CNP) transactions more secure. Fraudsters were sharing information about various bugs and vulnerabilities in the authentication platforms of payment services such as Paypal (the screenshot below is just one example of such vulnerabilities, by the way). This particular flaw stayed unfixed for six weeks after it first surfaced in a Russian-language forum.
In a different forum deep dive, Riskified encountered hackers that provide “fraud enablement services” discussing the different types of fraud protection vendors on the market. They analyzed their capabilities and advertised their attempts to replicate and understand machine learning technology for fraud protection.
The bottom line
The more fraud collaboration evolves, the more we see what we used to call lone fraudsters display advanced levels of fraud sophistication. They no longer need to know advanced techniques of the trade—they can simply buy whatever tools they need or contract an expert to create bespoke solutions for them.
To stay ahead of fraudsters, merchants need the counter-power of a network of their own that will enable them to identify and protect against up-and-coming fraud trends and methods as soon as they start hitting the market. Riskified’s vast merchant network provides billions of cross-industry transactional data, enabling us to see the big picture, identify emerging fraud trends, and prepare the right tools to manage new patterns automatically and in real-time. Every decision we make and insight we collect is then fed back into our models and network, benefiting all our merchants.
Stay tuned for the second part of this blog, where we’ll take a look at what fraud networking looks like on the merchant level, how Riskified handles and approaches the problem, and what merchants can learn from it.
This blog was co-authored by Nimrod Dvir, an analyst on Riskified’s Fraud Intelligence team specializing in fraud rings.