Online Fraud Trends – Nigerians are learning Russian
At ThreatMetrix we are fortunate enough to work with the smartest and the brightest in online fraud detection for the largest and most successful online companies.
In recent conversations with three separate businesses across online retail, credit card processing and social networking it emerged as a definite trend that the Nigerians have been learning from the Russians.
Paraphrasing one of the conversations:
It used to be that Nigerians would just connect directly from their computer in Nigeria. They were pretty easy to pick off just based on the Geolocation of their IP Address alone. The Russians on the other hand will attempt to use some from of cloaking such as a proxy or compromised computer. Now, we are seeing a definite trend for Nigerian fraudsters getting smarter about covering their tracks. By doing some back-end analysis we can tell that the same patterns consistent with the Nigerians are there, but our front end systems are not as effective in screening them out anymore
This is the trickle down effect in action. In the security relm this effect was the birth of ’script kiddies’ or just ’skiddies’, for those in the know, that would reuse previously developed hacker programs for fun and fame. In fraud, this same trend sees the online world at an interesting juncture where even third world counties and teenagers have access to technology capable of circumventing the protections of first class fraud detection teams.
As a data point take a look at this youtube instructional video, over a year old now, of a young teenage hacker walking you through how to do an SQL injection in response to being teased as a ’skiddie’.
Leave a Comment
I heard that browsers like internet explorer currently come with Private Browsing – does anyone know if that’s just as secure as using a web proxy?
Paid Proxy
Some web proxies are there to cache data and reduce the ISP bill, and possibly to keep tabs on you (eg. if they are provided by your employer for workplace web access.) They don’t hide anything from anyone, and will keep copies of some of the data you download and probably a log of the sites you have visited.
Others (anonymizing proxies) provide a service to you, the web surfer, to hide your identity from the web sites you visit. Use such services with caution: you are giving your details away to a third party in return for them hiding those details from the website you actually want to use. Without intending to impugn anyone in particular, I advise you to think about what sort of person might go to the expense of operating such a proxy service.
Using any proxy with a regular browser will tell the proxy itself what you are doing, and will probably also leave traces on your own machine in the form of browser history and cache.
Private Browsing in the newer web browsers is effectively the same as clearing your cache, cookies and history *after* you finish your “private” browser session. So it exists for rather a different purpose than a proxy.
xoddam