Blog

January 24, 2009

Botnets and Breaches – The Perfect Storm for Credit Card Fraud

Yesterday the New York Times reported on a new wave of computer infections by a worm that has turned millions of consumer and business PCs into botnets – an army of devices capable of carrying out illegal transactions on behalf of their controller.

So what’s new?

Unlike worms that were previously designed to bring down computer networks or send spam, these infected computers are now able to be used to conduct online credit card transactions. They act like middle-men to trick fraud filters into thinking that the transaction originated domestically instead of from Nigeria, Estonia, Russia and other high risk countries.

This ready availability of infected PCs, combined with millions of breached credit card details sets up a perfect storm for online credit card fraud which is very bad news for merchants, gateways and credit card issuers.

Security companies like Symantec and Mcafee try to protect consumers from having their computers infected in the first place. But when the inevitable does happen, who protects online merchants and websites from these PC’s once they are infected?

2009 was the year the worlds most popular flu vaccine Tamiflu was rendered 99% ineffective due to a spontaneous mutation. Last year major flue strains were only 11% resistant.

Will 2009 also the year that today’s legacy online credit card fraud detection solutions be rendered ineffective?