With Credit and Debit Card Fraud Nearly Doubling Between 2012 and 2013, Financial Pros Are “Doubling Down” on Security.

Posted on April 20th, 2014 by Dan Rampe

Credit Card Fraud

The Association for Financial Professionals (AFP) surveyed more than 5000 members. The result? As a reaction to ongoing and persistent credit and debit card fraud, most companies are increasing or seriously considering increasing security.

The “2014 AFP Payments Fraud and Control Survey” found that 63 percent of polled organizations have already added or planned to add new security measures including secure signature stamps, electronic stamps, and storing payment data with third-party vendors.

Quoted in a piece on associationsnow.com, AFP’s president and CEO, Jim Kaitz said, “Criminals will try to stay a step ahead. But with potential liability increasing for merchants, companies are taking a hard look at where their own vulnerabilities lie. This is especially important for big companies with complex systems, which are frequent targets for fraud.”

Last year, according to the study, 60 percent of organizations were exposed to fraud or attempted fraud. And according to Katie Bascuas’ piece on associationsnow.com, while checks were the most common form of payment fraud in 2013, fraudulent activity using credit and debit cards nearly doubled between 2012 and 2013.

Mallory Duncan, general counsel for the National Retail Federation, places much of the blame on technology. Duncan told Reuters, “The technology that exists in cards out there is 20th-century technology, and we’ve got 21st-century hackers.”

Whether banks, retailers or credit card companies would pay for the upgrades is still to be determined. One solution the Electronic Transactions Association is working on is chip-based Europay, MasterCard, and Visa (EMV) cards, which would help stop criminals from counterfeiting cards using stolen account numbers. However, it would do nothing to prevent cybercrooks from using stolen credit card numbers online.

The Retail Industry Association said it intended to launch the RILA Cybersecurity and Data Privacy Initiative to improve payment card security, establish a cybersecurity leaders’ council, and call for federal data-breach notification legislation.

RILA President Sandy Kennedy said, “By working together with public-private sector stakeholders, our ability to develop innovative solutions and anticipate threats will grow, enhancing our collective security and giving customers the service and peace of mind they deserve.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Retailers Follow the Leader: ThreatMetrix. Will Share Cyberthreat Data along the Lines of ThreatMetrix’s Global Trust Intelligence Network Which Analyzes Half-a-Billion Transactions Monthly.

Posted on April 17th, 2014 by Dan Rampe

National Retail Federation

Does Macy’s tell Gimbels? Okay Gimbels, a major retailer and one of Macy’s chief competitors, has gone the way of the Oldsmobile, Blockbuster and Windows XP. But at one time “Does Macy’s tell Gimbels?” was another way of saying “top secret;” competitors don’t share information with the competition.

Now, with the Target, Neiman-Marcus, Michaels and other retail breaches fresh in their minds and with pressure from Congress to improve security, U.S. retailers have taken a major step toward improving security.

In a story on zdnet.com, Natalie Gagliordi reports that the National Retail Federation (NRF) in consultation with the Financial Services Forum for Security Threats is establishing a retailer-specific Information Sharing and Analysis Center (ISAC). This joint cybersecurity cooperative would offer retailers access to “critical information on threats identified by fellow retailers, government agencies, law enforcement and partners in the financial services sector.”

NRF President and CEO Matthew Shay said, “We believe a heightened and well coordinated information sharing platform such as a retail ISAC is a vital component for helping retailers in their fight against cyber attacks.

“Establishing a new program takes time, but time is not our friend when it comes to stopping these sophisticated and unpredictable criminals. The willingness of the FS-ISAC to work with retailers provides our industry with a new and important tool as we explore all of the options available for merchants to protect their customers and their businesses.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

Ready for “Back to School”? You Can Bet Cybercriminals Are.

Posted on August 7th, 2013 by Dan Rampe

College Students

WARNING: Because this is still early August, showing this blog to a younger student might precipitate an instant funk. Therefore, while we strongly recommend you (and older students who purchase products online) read this piece to avoid being a victim of cybercrime, please don’t show this to your younger student(s) until…oh…maybe the last week of August or first week of September — depending on when school opens.

The National Retail Foundation (NRF) says families will spend a combined total of $45.8 billion on school-related supplies this year. And, a big chunk of those purchases (31.7 percent) will be online.

“Cybercriminals follow the money and target consumers heavily during major shopping seasons,” said Mustafa Rassiwala, director, product marketing, ThreatMetrix. “With billions spent online for back to school shopping, fraudsters will steal money and sensitive information from online purchases. Additionally, the attacks are specifically targeted at a large unsuspecting and vulnerable online population – young adults.”

Following are the top back to school risks consumers have to be wary of:

• Phishing - Watch out for suspicious links on social media platforms that promote an “unbelievable offer” on a hot item, such as a tablet or smartphone. These links can lead to malicious sites that often mimic e-commerce sites like Walmart.com or Target.com and trick consumers into accessing personal accounts, thereby giving criminals access to personal information.

• Malware – Cybercriminals can install malicious code on a user’s machine without his/her knowledge. Sophisticated malware automatically tracks keystrokes when a consumer logs into online accounts – effectively and secretly stealing information. Students have to be very cautious when opening email attachments or downloading music and videos from suspicious sites. These are common mass channels used by cybercriminals for distributing malware.

• Man-in-the-Middle (MitM) Attack – A cybercriminal can covertly intercept a consumer’s online activity on a public Wi-Fi network. Young adults who tend to shop online for school supplies in public places need to make their purchases from a secure Internet connection.

• Gift Card Fraud – To control spending, giving students gift cards, rather than a cash budget, has become a popular choice among parents. Cybercriminals have caught onto the trend, and have taken a special interest in phishing and eavesdropping on Wi-Fi networks for gift card numbers. Because no account information is “tied” to the card, criminals can shop and ship without credit card information linking back to them. Consumers are advised to shop from secure URLs and limit use on public Wi-Fi networks.

To protect their consumers during the back to school shopping season, businesses should have a collective approach to cybercrime. This includes extensive screening for suspicious online transactions and leveraging data from a collective global network for real-time threat intelligence, such as the ThreatMetrix™ Global Trust Intelligence Network. Dubbed The Network for short, it’s the most comprehensive repository of information available anywhere for screening prior transactions and site visitors; and for authenticating customers and employees working remotely. Without compromising privacy or convenience, The Network provides threat data that offers insight into device and online personas’ positive and negative behavior. As such, it is the first and only real-time screen for online visitors using collaborative intelligence from thousands of websites and transactions.

ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,500 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.

 

Consumers Beware of Cybercriminals When Shopping for Mom This Mother’s Day – Fourth Busiest Spending Holiday

Posted on May 9th, 2013 by Dan Rampe

ThreatMetrix Offers Best Practices for Consumers to Avoid Falling Victim to Fraud

San Jose, CA – May 9, 2013 – ThreatMetrix™, the fastest-growing provider of integrated Web fraud and cybersecurity solutions, today announced several cybercrime scenarios and preventative tips for consumers to stay protected while shopping for mom this Mother’s Day.

According to the National Retail Federation, Mother’s Day spending this year is expected to reach $168.94 on average, with total spending expected to reach a staggering $20.7 billion.

“The unfortunate reality is that today, any major spending holiday places consumers at high risk for fraud, malware and account takeover as cybercriminals capitalize on consumer spending for personal gain,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Consumers must be vigilant of the risks associated with online shopping. The last thing you want to give dear old mom for Mother’s Day is a case of malware or identity theft.”

Mother’s Day ranks fourth in spending holidays, behind the winter holidays, back to school shopping and Valentine’s Day. To help consumers stay protected, ThreatMetrix has identified the following top account takeover threat scenarios for consumers to be aware of when shopping for Mother’s Day:

1. Phishing is a concern for consumers around major spending holidays, especially Mother’s Day. Here’s how it works: Cybercriminals will send out an email with a fake offer – “Click Here to Send Mom One Dozen Roses for $20.” You click on the link and are taken to a fake website where you enter your credit card details along with mom’s personal information for delivery. Once the “order” is submitted, the cybercriminal has stolen your credit card details and no roses ever arrive for mom.

2. Data Breaches and Password Reuse occurs when a customer’s account at an e-merchant, financial services organization or social media site has been hacked and personal information, including the account password, has been compromised. Reusing the same password across multiple sites puts all customers’ accounts at risk of being compromised. For example, if the website you purchased flowers from for your mom suffers a data breach, all of your accounts with the same password are now at stake.

3. Mobile devices offer consumers the convenience of shopping on the go. With this convenience comes security risks you need to be aware of when shopping for mom this Mother’s Day. If you lose your mobile device, whoever finds it may be able to access your phone and all the sites and applications containing your saved passwords. To help prevent this scenario as you’re purchasing a gift for mom, be sure to lock your screen when not in use.

According to ThreatMetrix, the most effective ways for consumers to stay protected when shopping for Mother’s Day online include:

• Only purchase from verified retailers

• Avoid using the same password across several online shopping and banking sites

• Avoid storing credit card information on retail sites and mobile phones

• Avoid clicking on suspicious links in unsolicited emails

“While consumers should be extra cautious to avoid cybercrime around major spending holidays, it is just as important for retailers to put preventative measures in place,” said Faulkner. “It is much easier and more effective to avoid cybercrime all together than have to pick up the pieces once customer accounts have been verified. Without preventative cybercrime solutions in place, retailers risk jeopardizing customer accounts and company revenue.”

About ThreatMetrix

ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,500 customers and 8,500 websites across a variety of industries, including financial services, enterprise, e-commercepayments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Meghan Reilly
Walker Sands Communications
Tel: 312-445-9926
Email: meghan.reilly@walkersands.com