One of the cyberthief’s favorite tactics these days is transaction laundering, where the bad guy takes their bad transactions—usually for drugs, gambling, counterfeit goods or human trafficking—and runs them through seemingly good web sites, ones ostensibly trying to sell innocuous products.
There are things that a payment facilitator can do to thwart such efforts and that is the focus of this week’s podcast, a re-run from March 30, featuring Deana Rich, president of Rich Consulting.
One of the less-commonly-used but quite effective tactics, Rich said, is do some secret shopping, both on the PF’s own customer sites as well as suspected fraudulent sites. That is literally making purchases from both kinds of sites and seeing what then happens.
Rich said she was recently talking “with a banker who told me that she had done that on a site she suspected to be bad and then she made the purchase and it never came through her own system. She never saw it because the purchase didn’t really occur. They weren’t really selling anything on that site. They were really selling stuff on the bad site. It was that secret shopping, using your own payment card to purchase things, that let her know what went wrong.”
Another thought to consider when performing security sweeps: Thieves rarely work alone nor do they only strike once.
“When you find one bad guy in your system, you can guarantee you have more. They tend to open accounts in groups or packs. So what you then need to do is search on phone numbers, on owners, on addresses, and see if you have other accounts in your system that match,” said Rich. “You might even use a third-party tool to look up the owners on the sites you found that were bad, see who they’re linked to—with link analysis, there are tools that provide that from Lexis-Nexis or Experian—and then use those link analysis tools and search your site for those people as well. What you might find is that you have more bad guys on your site than you thought. It’s not just finding the one but continuing to work through it and creating internal blacklists. As much as they may never re-use the Web site, what they will re-use are things like phone numbers, sometimes they’ll use addresses again because it’s a lot of work to keep getting new phone numbers or keep setting up new mailboxes. Bad guys get a little lazy and if you do that type of analysis, you will help yourself there as well.”
Rich said that many PFs are seeing sharp increases in transaction laundering and that is for two reasons. First, as e-commerce transactions increase globally, this kind of fraud is increasing right along with it.
Another reason, though, Rich said, “is that we’ve gotten better at detecting it, through using companies like G2 and beefing up internally in our ISOs and our banks and our processing shops to ferret out the bad guys.”