Skip to content
Skip to main navigation
Skip to 1st column
Skip to 2nd column
Skip to 2nd column

IT GRC Forum

User Blogs

Discussions and Blogs

Jun 27

2012

Federal Investigators Bust Credit Fraud Ring

Posted by: Robert Siciliano in MyBlog on Jun 27, 2012

Tagged in: credit fraud

Print

PDF

A federal investigation dubbed “Operation Open Market” recently yielded 19 arrests in nine states, for crimes including identity theft and counterfeit credit card trafficking. The defendants allegedly participated in “Carder.su,” a Las Vegas-based transnational ring that bought and sold stolen personal and financial information and manufactured counterfeit IDs and credit and debit cards in order to commit fraud. This criminal organization has also been known to host online forums wherein members are encouraged to buy and sell counterfeit documents and stolen data.

Executive Director of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations James Dinkins commented, “The actions of computer hackers and identity thieves not only harm countless innocent Americans, but the threat they pose to our financial system and global commerce cannot be understated.”

According to the Federal Financial Institutions Examination Council’s latest update, “Fraudsters use keyloggers to steal the logon ID, password, and challenge question answers of financial institution customers. This information alone or in conjunction with stolen browser cookies loaded on the fraudster’s PC may enable the fraudster to log into the customer’s account and transfer funds to accounts controlled by the fraudster, usually through wire or ACH transactions.”

The FFIEC recommends that financial institutions incorporate device identification into their layered security approach in order to thwart attacks like these, but smart financial institutions are going a step further by employing device reputation analysis approach.

iovation, an Oregon-based firm helping to fight cybercrime, offers device reputation, which builds on its complex device identification technology. It does this by offering real-time risk assessments which look at evidence of past fraud attacks, risk profiles, detects anomalies, and uncovers relationships between devices and accounts that have a history of working in collusion to stealing from online businesses.

Robert Siciliano, personal security and identity theft expert contributor to iovation.

Set as favorite

Email this

Hits: 330

Trackback(0)

TrackBack URI for this entry

Comments (0) add comment

add comment

Subscribe to this comment's feed

Show/hide comments

Write comment

Show/hide comment form

Community

Coverage

About Us

Follow our Tweets

ITGRC: RT @AL_ERM: American Leaders is pleased to announce our newest media partner @ITGRC!

ITGRC: In the Face of New Technology - Your Business and the Internal Audit #constantcontact http://t.co/ir5qPyDfbF

ITGRC: Reminder: Webinar in 1 hour - Navigating PCI Security Mountains in the Cloud #constantcontact http://t.co/JSVqOCvMa9

ITGRC: Reminder: Webinar in 2 hours - Navigating PCI Security Mountains in the Cloud #constantcontact http://t.co/YwKqY4WMYz

ITGRC: On today's webcast: Navigating PCI Compliance Mountains in the Cloud http://t.co/L7KArxosG4 we're giving away a pass to the ERM Conference

ITGRC: Job Posting: APPLICATION SECURITY CONSULTANT http://t.co/qjyZpc8Vbi

ITGRC: RT @tfoxlaw: Upgrading your code of ethics and disciplinary procedures: practical and legal considerations http://t.co/3QMPgwotXV

ITGRC: WEBCAST: Navigating PCI Compliance Mountains in the Cloud http://t.co/L7KArxosG4

ITGRC: Win a ticket to the ERM Conference in Chicago! #constantcontact http://t.co/MG12QzPACZ

ITGRC: Join our Linkedin Group ( http://t.co/3CkP6SUAB2 ) for chance to win a FREE pass ($3K value) to the ERM Summit (http://t.co/ltKZJh1VQP)

ITGRC: Navigating PCI Security Mountains in the Cloud #constantcontact http://t.co/WJa7tJn7lq

ITGRC: Attend our webcast at 2pm EST: ERM:a Holistic Approach, and be entered into our live draw for the GRC Summit http://t.co/1bnMpLJgZl

Subscribe via Email

Your Email:

Subscribe via Email

Your Email:

Tag Cloud

2012 abduction Aberdeen Group alarm alarms Android Apple Apps ATM Skimming Audit Bank Fraud Banking Security BillGuard botnet BPM breaches BS 25999 burglar burglary Business Continuity BYOD Cloud Cloud Security Cobit Compliance computer failure Consumer IT Tips contactless credit card credit card breaches Credit Card Fraud credit cards credit fraud Cross-Device Security Cyber Security cyberbullying cybercrime cybercriminals cybersecurity cyberwise data Data Backup Data Breaches Data Storage DDOS Device Reputation Digital Forensics Digital Security digitally secure Disaster Recovery DNS download DPI driver's license dumps E-Commerce eBanking Electronic Discovery Electronic ESI electronic passport EMV Endpoint Security Epsilon ERM ESI Ethics Events Facebook FCC FCPA FDIC Federal Government FFIEC Financial Crisis Fraud gaming Gartner Geo-tagging gold farming Governance GPS grc Green IT grey charges Hackers Hacktivism HP IAM iCloud ID Theft Identity theft Information Management Information Security Information Supply Insider Threat Internal Audit Internal Controls internet safety IP address ISACA ISO 27000 ISO 27001 ISO 31000 IT Alignment it compliance it governance IT GRC Forum Events it risk management IT Security IT Service Management ITIL jailbreaking Jobs laptop security Litigation Malware marathon Member Discount Mobile Apps Mobile Banking mobile device Mobile Device Management Mobile Devices Mobile payment mobile phone mobile security Mobile Wallet mSecurity Multi-Regulatory Compliance multifactor authentication myblog Network Security New Years NFC Online Backup Online Banking online dating online gaming online identity online privacy online safety Online Security online shopping Operational Management OSHA Outsourcing P2P Security Panel Partner Offers passwords PCI Performance Management personal data personal device Personal Security pheasting phishing Policy predator Privacy Prize Draw QR Codes ransomeware ransomware Regulation E resume fraud Risk Assessment Risk Management RSA Rules safety tips scam scammer scammers Scams Seasonal Security security apps sext skimming Skimming Fraud small business smartphones smishing Social Media social network Social Security SOX spammers spokesman Spyware SSDs Standards strangers Strategy tablets tax scams Tech tech support technology Threat Management Tokenization TQM Twitter typosquatting Virus VPN web Webcast Q&A Wi-Fi WIFI wireless

Analyst Blogs