Protecting Enterprises From Global Online Fraud: Nine Best Practices

By Chris Preimesberger  |  Posted 2014-03-21 Print this article Print

As e-commerce spreads around the globe, there is increased opportunity for online cyber-fraud and data theft. We've all read about some of the recent and well-publicized data breaches suffered by such well-known retailers as Target, which affected an estimated 110 million customers, and Neiman Marcus. However, many more data-theft instances either go unreported or simply do not make the evening news. As a result of this increased cyber-criminal activity, enterprises and security providers alike are sharing information to try to keep ahead of the bad guys. As part of this effort, mobile identify services provider TeleSign recently released its first annual fraud report, which identifies the locations, traffic patterns and anomalies most prevalent in today's threat landscape. The report also analyzes anomalous patterns in global delivery of SMS messaging and voice traffic, research into automated attack traffic spikes as well and what companies need to be aware of to help prevent fraud. This eWEEK slide show utilizes research and reporting from Nancy Vitug, vice president of engineering at TeleSign.

  • Protecting Enterprises From Global Online Fraud: Nine Best Practices

    by Chris Preimesberger
    Protecting Enterprises From Global Online Fraud: Nine Best Practices
  • Fake Accounts and the Black Market

    Sales of fake Internet accounts continue to increase. These are accounts created in bulk using phony information (name, email, address, etc.) simply for the purpose of abusing good users online. Just about any type of fake account can be purchased: email, blogging, social networking or auction/classifieds. Fraudsters use these fake accounts for various forms of nefarious activities, including spamming, phishing attempts, affiliate fraud and e-commerce fraud; their primary motivation, of course, is taking your money.
    Fake Accounts and the Black Market
  • Phone Numbers and Fake Accounts

    For the crooks to make money, they need to perform a high number of illicit transactions. To do that, fraudsters need to automate their schemes. Some variables in a repeatable process can be easily randomized. Name, address, email address, mother's maiden name and birthday can be randomly generated by products such as FakeNameGenerator. It's not too hard for them to get through email verification, but telephony introduces factors that are hard to fake and leave a data trail.
    Phone Numbers and Fake Accounts
  • Unique Phone Number Properties

    Valid phones must comply with each country's numbering space. They must be allocated by a numbering authority; they cannot be created from nothing. A valid mobile number must terminate to a mobile device, and mobile devices are usually unique to each person. These properties make randomization of the data very difficult.
    Unique Phone Number Properties
  • Telecom Fraud Hotspots

    International revenue fraud is one of the telecom industry's most persistent problems. During this type of attack, fraudsters obtain phone numbers that pay them a small amount for each inbound call generated to the number (similar to 900 numbers found in the U.S.). Fraudsters then find ways to pump as many calls as possible to these phones, generating income for themselves. If this type of traffic is not caught and shut down, the cost to the caller—which can be a Website, a user with a compromised handset or a company with a compromised PBX—can be enormous. Leading hotspots for telecom-related fraud are Pakistan and Latvia.
    Telecom Fraud Hotspots
  • Web Fraud Hotspots

    Thailand, Brazil, Colombia, Ecuador, Egypt, Ghana and Indonesia are currently producing significantly higher-than-average volumes of attacks on large Web properties. These attacks include attempts to create millions of fake accounts, attempts to take over accounts and account fraud. Latin America leads the world in attempted Web fraud with 14 times as many fraud attempts.
    Web Fraud Hotspots
  • Automated Attacks: Traffic Spikes

    Automated attacks occur when a script or program is used to send automated requests to a Website or telecom network. Fraudsters use automated attacks to create thousands of accounts, make purchases, send malware or send premium-rate SMS messages. Companies must be able to detect abnormal patterns in global delivery of messages and voice traffic.
    Automated Attacks: Traffic Spikes
  • Automated Attacks: Phone Number Anomalies

    In another example of abnormal behavior that indicates an automated attack, fraudsters attempt to use one phone number to create many accounts in a short period of time. If the accounts are successfully opened, they will be used by the fraudster for spamming, phishing or some similar undesirable activity. Attacks like this can occur so quickly—with fraudsters attempting to create more than one account per second in some cases—that they can be difficult to detect on a distributed network.
    Automated Attacks: Phone Number Anomalies
  • Phone Numbers Drive Fraudster Cost Up

    Keeping fake accounts off a Website's ecosystem is critical. An effective way for Websites to block the creation of fake accounts is to require users to attach a verified phone number to each account. Requiring phone verification during account creation significantly slows the rate at which fraudsters can create fake accounts and increases the fraudster's cost for each account created. Typically, phone-verified accounts cost at least 160 times more on the black market than accounts that are not phone-verified.
    Phone Numbers Drive Fraudster Cost Up
  • Phone-Based Verification Is Effective, but Not a Panacea

    Phone-based verification is the standard for large digital companies to secure hundreds of thousands of accounts, but it is not enough. Fraudsters are persistently looking for ways to circumvent security. The unique properties that make the phone such a great tool for identifying users also reveal trends in the data. Phone-based verification is one of the best ways to protect a globally distributed user base, but an enterprise should rigorously monitor large volumes of traffic to shut down harmful traffic.
    Phone-Based Verification Is Effective, but Not a Panacea
Chris Preimesberger Chris Preimesberger was named Editor-in-Chief of Features & Analysis at eWEEK in November 2011. Previously he served eWEEK as Senior Writer, covering a range of IT sectors that include data center systems, cloud computing, storage, virtualization, green IT, e-discovery and IT governance. His blog, Storage Station, is considered a go-to information source. Chris won a national Folio Award for magazine writing in November 2011 for a cover story on and CEO-founder Marc Benioff, and he has served as a judge for the SIIA Codie Awards since 2005. In previous IT journalism, Chris was a founding editor of both IT Manager's Journal and and was managing editor of Software Development magazine. His diverse resume also includes: sportswriter for the Los Angeles Daily News, covering NCAA and NBA basketball, television critic for the Palo Alto Times Tribune, and Sports Information Director at Stanford University. He has served as a correspondent for The Associated Press, covering Stanford and NCAA tournament basketball, since 1983. He has covered a number of major events, including the 1984 Democratic National Convention, a Presidential press conference at the White House in 1993, the Emmy Awards (three times), two Rose Bowls, the Fiesta Bowl, several NCAA men's and women's basketball tournaments, a Formula One Grand Prix auto race, a heavyweight boxing championship bout (Ali vs. Spinks, 1978), and the 1985 Super Bowl. A 1975 graduate of Pepperdine University in Malibu, Calif., Chris has won more than a dozen regional and national awards for his work. He and his wife, Rebecca, have four children and reside in Redwood City, Calif.Follow on Twitter: editingwhiz

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel