It Takes a Network to Stop Online Fraud
The Internet Crime Complaint Center (IC3) just published their 2009 Annual Internet Crime Report. The IC3 was established in 2000 “as a partnership between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI) to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cybercrime.
The number of complaints received in 2009 increased from 275K to 336K (up 22%) and the dollar losses nearly doubled from $264M to $560M. The data reported by the IC3 in terms of big scary web fraud numbers published elsewhere don’t really move the needle on the fear factor scale, but the percentages show Internet fraud as an industry that experienced considerable growth in 2009.
The IC3 report describes the top Internet scams for 2009, each with its own descriptive name: Hitman Scam, Astrological Reading Scam, Economic Stimulus Scam, Job Site Scams, and Fake Pop-up Ads for Anti-Virus Software; each scam uses one or more tools-of-the-trade including email, online money transfer services, spam, viruses, Trojans, and key loggers. The report understates the importance that anonymity affords cybercriminals: “…it is also vital to gain insight into who the typical perpetrators are. This can prove to be difficult in the world of cybercrime, where a mask of anonymity can impede law enforcement efforts.”
The risk of fraud lives anywhere on the web where someone can create a new account, pay with a credit card, or login giving fraudsters enough targets to cherry-pick the ones they want to hit. ThreatMetrix’s own Alisdair Faulkner describes the problem this way in a new white paper:
Online fraud is an asymmetric problem because fraudsters can quickly adapt their methods to exploit weaknesses in online fraud protection systems. Cybercriminals take advantage of automation, tools, shared knowledge, and expertise to commit crimes while their targets—virtually any organization doing business online —are at a disadvantage due to IT scheduling, shortage of trained people, fixed processes, applications and verification services that do not leverage the investment of others.
In other words, cybercriminals hold the high ground in the war on fraud. Faulkner’s new white paper coincides with our announcement today of ThreatMetrix Fraud Network–our next-generation web fraud solution to help companies stop online fraud and accelerate e-commerce. Since ThreatMetrix’s U.S. launch in January last year, we presented our fraud prevention SaaS as a device identification solution. Device ID (aka device fingerprinting) drew a lot of interest and attention last year helping to propel our customer base to over 100 customers–and growing fast. The ThreatMetrix Fraud Network delivers unparalleled control over fraud and abuse from the cloud without requiring PII , integrated “out of the box” with anti-fraud, authentication and identification applications that leverage our proven device identification capabilities:
- Fully integrated fraud solution for account origination, account takeover and card not present purchases
- Customer accessible rules that enable anyone to tailor ThreatMetrix to their business
- No Personally Identifiable Information required
- Cost effective, easy to install and easy to maintain
- Easy to deploy and integrate with existing applications and processes
- Real-time operation and information delivery
- Proxy piercing device identification that stops fraud at the point of origination
- Enterprise and global fraud intelligence
You can learn more on our new website where you can download Alisdair’s white paper and watch his video on the ThreatMetrix Fraud Network.
- Tom
P.S. We’ll be at the Annual Merchant Risk Council event in Las Vegas this week, if you’re attending stop by our booth# 604
