The Good, The Bad, and the Unusual: This Week in Fraud Trends
Fraudsters get captured in Russia, a company that insures against breaches suffers a breach, and hackers hit … Tupperware?
Curating essential fraud stories can be a disheartening experience at times, as the negatives can have a tendency to pile up until one feels overwhelmed. At times such as these, it’s important to remember there is always good news as well, and this week, we’re going to start off with a tale of comeuppance in which the fraudsters get caught:
“Federal investigators in Russia have charged at least 25 people accused of operating a sprawling international credit card theft ring. Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade.”
Continuing with the global good news, we go to a recent story from the TelanganaToday, where perpetrators of a call center scam were nabbed:
“The Central Crime Station (CCS) police on Friday nabbed two Jharkhand natives on charges of posing as customer care executives of a fashion app, collecting bank account details of customers and cheating them.”
In addition to good news, the fraud landscape had a few rather unusual offerings as well. For example, for those of you operating under the illusion that cybercrime is native to only certain sectors, consider this headline from the team at Dark Reading:
“Tupperware famously locks in food’s freshness, but hackers could not be locked out of the company’s e-commerce site. The primary Tupperware site, along with several localized versions, were compromised by digital credit card skimmer disguised inside an image file.”
Yes, that was the Dark Reading staff, having a bit of fun with the “locking in” metaphor!
Speaking of being locked in, that’s pretty much what all of us are, as we continue to follow shelter-in-place policies to try and limit the spread of COVID-19. Which means we’re all doing a lot more online shopping than before, and that means opportunity for fraudsters — a lot of opportunity, as we learned from TechRepublic this week, as they reported on a new TransUnion survey:
“Social distancing has affected consumer shopping patterns, and a TransUnion survey found that 22% of Americans said they’ve been targeted by digital fraud related to COVID-19. The report also found a 23% increase in global e-commerce transactions in the week following the World Health Organization declaring the novel coronavirus outbreak a pandemic on March 11, 2020, compared to the average weekly volume in 2020.”
We mentioned some good news stories above, as well as something from the “unusual” files, and now, we have something for you that might be classifiable under “I” for ironic:
“Chubb, a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach.”
Ironic as it may be, data breaches are, of course, no laughing matter. Should that data get loose in the wild, it can get into the hands of malicious threat actors with remarkable quickness. And, as we learned in a new Forbes article this week, at very little cost:
Social Security Numbers, despite being widely regarded as outdated and insecure, particularly in the wake of the 2018 Equifax hack, are still used as the primary means of identity verification. As with Equifax, cyberattacks are often targeted at sites that will yield millions of SSNs at a time, allowing cybercriminals to steal ‘in bulk.’ Which helps explain the revelation that any individual SSN can retail for as little as $4 on the darknet.
Vigilance is always the order of the day, and new alerts are coming fast and furious as to what to look out for. One of the latest is this one:
Fraud associated with the COVID-19 crisis is a major concern right now, as is essentially everything to do with the pandemic. Among the many topics front-and-center in our collective minds is the question of how we can better prepare for “black swan” events of this kind in the future. DataVisor CEO Yinglian Xie shared her detailed insights on this topic earlier this week:
“We don’t know yet how long the process will take, or how much damage will be caused along the way, but we can be confident that COVID-19 will be contained and ultimately neutralized. And while we cannot outright prevent something like this from happening again, we can be better prepared if it does. We can be proactive, and ready to take early action.
We can leverage advanced technologies to enable proactive defenses against new and unknown threats, whether they attack us in the human world, or online. We can harness the power of big data to understand, analyze, and predict where threats are likely to emerge and draw on sophisticated capabilities to produce meaningful responses in real time. We can embrace centralized intelligence strategies to ensure complete protection across entire systems.
Together, we have the power to stop the damaging spread of viral attacks — in the digital world, and the human one as well.”
We’ll happily end this week’s post on that note of positivity, but before we go, we must of course deliver …
The Tweet of the Week!
For this week’s offering, we want to alert our friends in financial services to an excellent resource from Aite Group:
And with that, we sign off, and we’ll see you next week for another edition of This Week in Fraud Trends!
