ThreatMetrix Offers Cybersafety Strategies to Prevent becoming a Victim While Booking Travel and Buying Tickets on Mobile Devices Summer vacation. The sun’s up. The guard is down. And individual mobile app usage is on the rise. What a wonderful season for…cybercrime. And cybercriminals have a lot of potential victims to choose from. Surveys say more Americans planning summer vacations using mobile devices According to a recent survey by Orbitz.com and the University of Wisconsin, more than two-thirds (68 percent) of Americans plan to take at…

Acting Assistant Director of the FBI’s Cyber Division Says Frequency of Breaches Surged from Weeks to Just Days Unless they’ve never been online, watched TV, listened to radio or read a newspaper, there’s hardly a person over the age of ten (okay maybe five) who needs the FBI to explain that major breaches are happening all the time. However, it does take the FBI to put the frequency of those breaches in perspective. James Trainor, acting assistant director of the FBI’s Cyber Division, speaking at…

Dyre has certainly been the most successful banking trojan over the last couple of months. Lots of technical information has been written about Dyre and we’ll cover some interesting new angles of this innovative malware soon. We needed a nice illustration of Dyre’ reach for a presentation and we just picked one strain which had 724 MITM configurations and 250 redirection configurations for banking sites all around the world. While this number sounds impressive, the sheer breadth of this operation becomes visible when we plot all the…

Survey Both Before and After Massive Breach Showed Anthem Faced Reduced Brand Damage by Way It Handled Breach Anthem and health plans, Blue Cross and Blue Shield took “a hit in the brand” when hackers made off with 79 million customer records. As a result of the breach, there have been some 100 lawsuits seeking class-action status. So saying the brand hasn’t suffered is akin to the old line, “Other than that, how did you enjoy the play Mrs. Lincoln?” However, a recent survey by…

With Wholesale Adoption Just Months Away, EMV Chips Show Downsides Cybercriminals Can Exploit to Defraud CNP Merchants Is it the law of unintended consequences, Murphy’s Law, or some other cosmic statute that insists on a downside to just about every creation from bathtubs to beer? Take the bathtub. Here is a device without which civilized society could not live in harmony (or at least proximity). Even this most benign and useful of objects has a downside. According to the United States Centers for Disease Control…

Since Going Public, Alibaba Has Been Taking Off Like a Rocket, Climbing from 91 Million Active Users Each Month to 217 Million If you’re anything like us you may have on occasion confused Aladdin with Ali Baba. After all, they both begin with “A.” So here’s an easy device for telling them apart. Aladdin is the dude with the lamp who became a huge success when he rubbed it and the genie inside fulfilled all his wishes. Ali Baba? He’s the guy who outwitted forty…

Bills Introduced in Both Houses Require IRS to Notify Victims When Their Social Security Number Has been Compromised There’s a word that perfectly describes the situation that Wisconsin residents Robert and Debi Guenterberg found themselves in — Kafkaesque. The situation was so incredibly weird it’s even getting the Senate and House to act — albeit not exactly promptly. In a story on fox6now.com, Bryan Polcyn reports on the case of the Internal Revenue Service (Not to be confused with the Federal Witness Protection program) protecting…

Supreme Court to Review Spokeo, Inc. v. Thomas Robins for Possible FCRA Violation. Result Could Apply to Data Breaches If you’re not familiar with it, FCRA stands for the Fair Credit Reporting Act. FCRA regulates the collection, dissemination, and use of consumer information and expressly includes consumer credit information. In his article on newsbreaks.infotoday.com, George H. Pike discusses the far-reaching implications of a Supreme Court decision on Spokeo, Inc. v. Thomas Robins for consumers suing for damages as the result of data breaches. The following…

ThreatMetrix to Exhibit and Dr. Stephen Topliss to Take Part in Panel of eCommerce and Fraud-Prevention Experts Addressing the challenges of card-not-present (CNP) payments, the 2015 CNP Expo is scheduled to take place May 18-21 at the Caribe Royale in Orlando, Florida. At the Expo, merchants, bankers, processors, anti-fraud software providers, legal experts, alternative payment providers, card networking professionals et al. will be able to discuss and discover how best to leverage CNP payments in a multi-channel retail sales environment. “Constant Evolution of Fraud” panel…

California Department of Public Health Has Levied over $1.1 Million in Fines So Far This Year Not halfway through 2015, the California Department of Public Health (DPH) has hit six hospitals and two healthcare providers with $1.1 million in fines for putting patients’ data at risk in incidents that occurred as far back as 2010. Considering that the online healthcare publication Payers & Providers says that DPH caps the fines it assesses at $250,000, the amount of the fines might have been considerably higher. A…

Federal Reserve Board Report Details How Consumers Use Their Mobile Phones for Mobile Banking and Mobile Payments The fourth report by the Federal Reserve Board, “Consumers and Mobile Financial Services 2015,” is the most recent to survey how consumers access banking and payment services using their mobile phones. The survey of 2,900 people was conducted from December 5 – 21, 2014 by GfK, an online consumer research firm. Key findings Following are key findings from the 76-page report. They’ve been extracted from the report itself…

The Internet has brought us all closer together. It has enriched our lives, made us more productive at work and allowed businesses to expand with greater agility into previously untapped markets. But we often hear that the Internet also provides a dangerous mask of anonymity to criminals, who launch cyber attacks across borders with impunity, knowing they can’t be caught because they’re sat in a different jurisdiction. That’s why it’s interesting to see that more and more online fraudsters have actually been focusing their scams…

ThreatMetrix Chief Products Officer, Alisdair Faulkner, to Address Attendees during Summit in Miami Beach Florida (May 17-20) Officially titled the FS-ISAC & Bits Annual Summit 2015, this 3-day event is held by the Financial Services Information Sharing and Analysis Center (FS-ISAC), a non-profit association of financial institutions. By disseminating trusted and timely information, the association’s aim is to protect the financial services sector from physical and cyberthreats and attacks. To draw hundreds of financial industry professionals Financial industry executives will have an opportunity to discuss…

European Commission in Process of Introducing Statutes to Fight Newer Types of Cybercrime and Financial Instrument Counterfeiting Two-thousand-one EU legislation only prohibits fraud and counterfeiting non-cash payment instruments such as credit cards and checks — leaving a hole big enough for any decent criminal lawyer to drive a Peterbilt 389 through. That, of course, is presuming a decent criminal lawyer would be driving a Peterbilt 389. In any event, with new types of fraud becoming a major problem, the European Commission (EC), the executive body of the European Union responsible…

May 11, 2015

The Merchant in Menace

Newly Launched Merchant Apps and Rise in Mobile-Channel Shopping Put Merchants in Greater Danger of Mobile Fraud With apologies to Shakespeare for the headline, the menace to merchants and their customers from mobile fraud is up sharply. According to a LexisNexis Risk Solutions report, it jumped 70 percent from 2013 to 2014. In his article on mobilepaymentstoday.com, Will Hernandez explores the reasons for this precipitous rise. The following has been excerpted from his piece and edited to fit our format. You may find his complete,…