After compromising the email account of a government official at one agency, targeted phishing attacks were sent from this trusted contact to other government agencies purporting that bank accounts for receiving their payments had changed. Puerto Rico’s Industrial Development Company sent over $2.6 million while the Tourism Company paid $1.5 million to fraudster-controlled accounts held on the US mainland.
Guest Post & Case Study by: J. Carlson, Certified eCommerce Fraud Professional
Chargebacks involve quite a few stringent processes and complex procedures. Making sure you provide adequate information when challenging a chargeback dispute is key. One thing that you can do is provide compelling evidence in those cases where the cardholder has claimed Fraud – Card not present (10.4) or Merchandise/Services Not Received (13.1).
Compelling evidence documentation can be used to provide support for various card not present transactions including charges for airlines, digital goods, and recurring billing services. Some forms of documentation that would be accepted as Compelling Evidence are: Purchase details and description of services, Renewal and cancellation terms accepted by the cardholder and proof of a previous transaction that was not disputed.
According to marketing analytics data from Jumpshot, when Amazon’s Prime Day kicked-off on Monday July 16 their daily sales conversion rate was just 4.5 percent higher than the previous Monday. On Tuesday July 17, however, after Amazon resolved many technical issues, the largest online retailer enjoyed a sales conversion rate 40 percent higher than the previous Tuesday, ultimately making Prime Day a success with over $4 billion in online sales. Despite website and checkout issues at launch Amazon saw a slight bump in conversion on the first (partial) day of their sale, but correcting these errors to led to an additional 35.5 percent increase in conversion the following day.
An Indiana couple made over 2,700 purchases from Amazon over the period of a few years, creating new accounts and morphing their identities to continually report goods as damaged or never having arrived. The professional fraudsters stole more than $1.2 million in electronics, but now each face more than five years behind bars.
Erin and Leah Finan purchased laptops, video game systems, cameras and other electronics from Amazon before reporting the goods damaged. From 2014 to 2016 the couple created hundreds of fake accounts to make thousands of purchases, getting new items sent at no charge. They then resold these electronics to an associate, sentenced to two years, who brought them to the black market.
How well would your fraud management program perform if your organization depended on it for doing business with customers from countries like Ukraine and Nigeria? Now what if we said your business was facilitating money remittances to these countries? WireCash is doing just that, and we sought to uncover how this could be possible by talking directly with the company that found success at the intersection of one of the highest risk industries and some of the highest risk countries in terms of online fraud.
The use of custom modeling and risk analytics also allows WireCash to be more consumer-friendly than they were in their ATMCash days, and compared to most online MSBs. While WireCash may sometimes require strong authentication or verification techniques, they try to eliminate the need for this and reduce friction for most new customers through use of risk modeling and amassing many neutral or low risk signals. They have also leveraged this experience and insight to enter new markets where others wouldn’t go or would only tread lightly. WireCash today helps consumers send money to Nigeria, Ukraine, Russia, Armenia and other countries that present high risk. Money Service Businesses providing remittances to these countries have tended to offer limited services or maintain several day waiting periods.
This guest blog post from a Certified eCommerce Fraud Professional discusses a case study involving a social engineering attack against an airline, as well as discusses methods for deception and intrusion with spear phishing attacks related to social engineering and fraudsters ultimately attempting to reverse engineer an organization’s risk management policies and practices.
Whether making fraudulent purchases to accrue loyalty points and rewards, or taking over legitimate customer accounts to steal and spend the loyalty balances they’ve built up, loyalty fraud is damaging with both financial and brand risks. Despite the growth of loyalty-based fraud in recent years, this is still a vulnerability point for many organizations that offer such reward programs. Recent statistics and case studies involving loyalty fraud are discussed in this FraudBlog post.
According to a 2015 survey conducted by Ipsos Public Affairs for Connexions Loyalty, 72 percent of loyalty program managers had experienced fraud related to their programs, while one-in-three said it is a fast growing concern. There is plenty of meat on the bone for fraudsters to go after, as the 2015 COLLOQUY Loyalty Census tallied 3.3 billion loyalty memberships in the United States with points, rewards cash and miles worth an estimated $48 billion.
Less than $10 can purchase a scan of a false passport, driver’s license, or credit card with online delivery within seconds.
Cyber criminals take false identities to a new level through do-it-yourself websites selling scans of fake passports, ID cards, utility bills, and credit cards that fraudsters purchase and use to commit identity fraud.
International website sold almost 70,000 counterfeit credit cards along with state IDs.
The FBI and US Postal Inspection Service recently assumed control of fakeplastic.net, a massive and well organized online operation selling counterfeit credit cards, holographic stickers and state ID cards complete with holographic overlays. The organization sold 70,000 counterfeit cards and associated are estimated to exceed $34.5 million.
A fourth defendant plead guilty in early August to his participation in an identity fraud scam where over 7,000 false identities were created being used to obtain credit cards and lines of credit and ultimately causing $200 million dollars in fraud losses. Lack of proper identity authentication checks allowed the fraudsters to reuse addresses and other information in creating fake profiles and false identity information to obtain credit cards and perpetrate their elaborate, large-scale scam.