Skip navigation
All Places > Products > RSA FraudAction Services > Blog
Heidi Bleau

The Dark Web Goes Social

Posted by Heidi Bleau Employee May 8, 2018

Over the last decade, social media platforms have grown to become an integral part of not just our daily private lives, but also our public lives. For credit card fraudsters, or carders, social media platforms provide the scalability, anonymity and reach necessary for them to peddle stolen goods in their virtual storefronts.

In our original study of this growing threat, much of the global cybercriminal activity occurred on Facebook, QQ, and Baidu.  However, due to the global rise in popularity of multiple social media platforms, many fraudsters have expanded their activities to new platforms including WhatsApp, Telegram, Instagram, Snapchat and others.

Continued research also revealed new insights into how social media technology and the traditional criminal marketplace create a new kind of fraud market, including ideas about the medium itself and the humans setting up shop.

The power of modern social media and networking platforms to keep exclusive communities of like-minded people connected are being co-opted by fraudsters looking to take advantage of the anonymity, usefulness, and global reach of these applications to profit.

A Survey of Social Media Criminal Marketplaces
There are several reasons fraudsters, like legitimate users, are attracted to social media platforms as “control stations” for their social lives and even their businesses.  The mass communicative properties of these networking programs bridge physical divides and distances to allow seamless sharing of ideas and information.  On top of that, many platforms provide additional benefits to users looking to maintain an exclusive space for a specific purpose that remains unknown to those not trusted enough to be part of the circle:

  • Built-in Anonymity. The use of representative screen names and subjective identity information such as a user profile, allows malicious actors their initial layer of confidentiality. Given the ready availability of webmail, and its nonexistent identity verification requirements, not only can malicious actors have one anonymous account, but they can – and often do – have dozens or more, ready to be activated.
  •  
  • Exclusive, Invite-Only Structures. Explicit invite-only and group-management functionality inherent in nearly all social media platforms are valuable to fraudsters whose primary concern, even above making money, is to remain unknown to any who would foil their plans, or report them to authorities.
  • Mobile Integration. Early social media platforms had to be optimized for mobile.  Today’s apps are engineered to be viewed as hand-held dashboards of their users’ lives. Mobile-enabled social platforms allow real-time monitoring and access to all information on the network, from anywhere with cellular access or WIFI, enabling fraudsters to be nimbler than ever in making deals and dodging authorities.

Across the range of platforms, there are some interesting trends that may be useful in evaluating the current status of social media fraud marketplaces.  For example:

  • Extended Feature Sets. In the past, there was a clear distinction between instant messaging platforms and social media. However, during the last few years, those same platforms which have been used solely for the purpose of peer-to-peer communication, have evolved into something more and are used in the same way as social media.
  • Multi-platform Models. All fraud groups in social media can be thought of as one uniform sphere, with fraudsters often advertising groups/contacts from one platform in another one, and alternating between two or more platforms even during conversations. Moreover, the content shared in the various social media groups is inherently similar, and mainly serves to increase the fraudster's reputation and customer base.
  • Criminals are users, too. While there are differences between the platforms and particular reasons to choose one over another, fraudsters generally behave like typical social media users: most try to be represented on as many platforms as possible to reach as wide an audience as possible, to maximize their marketing and market visibility.

Conclusion
Until the next round of law enforcement or corporate action to regulate malicious activity in these spaces, the criminal shadow will hang over social media in general, and most certainly in the case of social media fraud markets. Modern cyber thieves will continue to look for the most effective and efficient ways to cash out stolen financial and identity information while blending in with the billions of other users and accounts on their preferred platforms.

In the meantime, understanding the draw of social media in general can help us understand its attractiveness to the criminal element, and in turn, it informs our efforts to combat misuse and to justify our continued financial and social investment in these new information technologies.  Social media is an enabler for business, but it also presents a growing digital risk to consumer-facing organizations.  Keeping track of and reporting on the adoption and utilization of these platforms by fraudsters is imperative to keep all interested parties—including the public at-risk—aware of this very real problem.

# # #

Get the full details on the social media platforms facing this fast developing digital threat and the types of cybercriminal activity occurring on them in our new report, “The Social Media Fraud Revolution.” 

Yael Gour

Launching RSA Ideas

Posted by Yael Gour Employee Apr 3, 2018

For years RSA has been in business of providing best-in-class security  and Anti fraud products and services to you, our customers.  I am proud to be surrounded by extremely intelligent and creative coworkers who amaze me with their knowledge, imagination, and ability to make abstract a reality on daily basis.  However, I am even more astounded by the unending well of new ideas I see coming from our customer community every time I interact with or observe an interaction between us and you.  You are the true inspiration and driving force of our innovation.  We build products that solve your problems, we offer services that help you, and everything we do - we do with you and your success in mind.

 

This is why I am happy to officially introduce you to a new way to harvest and crowdsource our collective ideas together.  This month, we have launched new idea pages on our RSA Link Community:

These destination pages are places for you to show off your creativity and need, to suggest ways that would improve our offerings to help you be more successful.  It is also the place where you can collaborate on your ideas with other like-minded individuals and vote on ideas suggested by others.

 

We have a great customer community, let’s harness its creative power to see what we can come up with together.

 

For more information, please check out the following FAQs:

This year’s RSA Charge event is definitely one not to miss. If you have not yet registered please do so today to secure the Discount Rate of $745, saving you $200 through September 15. Registration on the RSA Charge 2017 website couldn’t be easier.

 

Still on the fence? Check out the Full Agenda with over 90 sessions, 35 hands-on labs, and 140+ thought leader industry experts you’ll agree this is the premier event on RSA Business-Driven Security™ solutions. You can also take this opportunity to build your own personal business-driven security experience for Charge.

  

Another way to save: Friends with Benefits! They say sharing is caring, so ‘already registered’ RSA Charge attendees can now share the love by forwarding this code to a peer or colleague and he/she will receive $100 off the current $745 registration fee by using this code from you: FRIENDS17. This code too expires on Sept. 15, so share the love today!

 

And, finally, in case there are still some doubters amongst you, watch these two RSA Charge videos – you’ll be convinced that RSA Charge 2017 is the place to be seen and heard, Oct. 17-19 @ Hilton Hotel Anatole, Dallas. See you soon!

                                                  

RSA President Rohit Ghai

RSA Fraud & Risk Intelligence Matthew Long

 

RSA Charge 2017, the premier event on RSA® Business-Driven Security™ solutions, unites an elite community of customers, partners and industry experts dedicated to tackling the most pressing issues across cybersecurity and business risk management. Through a powerful combination of keynote speeches, break-out sessions and hands-on demos, you’ll discover how to implement a Business-Driven Security strategy to help your organization thrive in an increasingly uncertain, high-risk world. Join us October 17 – 19 at the Hilton Anatole in Dallas, Texas.

The consumer world is at a historical inflection point in which the ways individuals are interacting and transacting is changing more than we have ever seen before. Organizations are now managing multiple digital channels and face unprecedented business and security challenges ranging from legislative pressure, competition from new entrants forcing organizations to offer consumers more convenience and flexibility and the increase in potential points of vulnerabilities in which cybercriminals can gain access. These disruptors in the consumer space are all interrelated and if not looked at that way will have grave consequences to the security of those environments. Especially, the financial services industry which is facing disruptive pressures on many fronts:

  • Customer expectations are changing – digital transactions are expected to be fast, frictionless, personalized, channel agnostic and secure.
  • FinTech innovation is leading to new competition offering digital services forcing organizations to rethink their strategy and create new partnerships powered by the API economy.
  • Sweeping global regulations are being created to drive more accountability for consumer data protection, security and privacy such as PSD2, GDPR, SEPA and FFIEC.
  • Dramatic growth in digital interactions driven by flexibility in transacting through Internet of Things (IOT), shift towards online shopping and payments innovation like 3DS 2.0. Yet, minimal growth in organizational resources to mitigate fraud and keep pace with cybercrime is forcing organizations to leverage new technologies like data analytics and automation and case management.

The Fraud and Risk Intelligence track at RSA Charge will address many of these trends and how RSA’s strategy and roadmap is helping our customers on their journey to an omni-channel fraud management strategy. The track title is aptly named “Reducing Fraud – Not Your Customers” as we recognize the challenge our customers face to reduce fraud without impacting the user experience. We will be featuring some interesting customer case studies on fraud detection and prevention in the cloud, some great discussions planned on the consumer authentication and mobile revolution, best practices for securing the open banking API economy, and how organizations can leverage machine automation to mitigate fraud more effectively.

 

Also, we will be hosting a peer birds of a feather luncheon which will include topics such as mobile fraud strategies, planning for 3D Secure 2.0 and digital payments and there will be an exclusive meetup for RSA Web Threat Detection customers to engage. We will also be providing a first look at new innovations in our lab environments and the partner Innovation Zone.

 

RSA Charge Fraud and Risk Intelligence track is designed to empower Anti-fraud leaders to be better equipped to discuss the current business impact of fraud risk and prepare for the future by enabling them to work more collaboratively with business leaders to ensure they are protecting what matters most.

 

The full schedule for this year’s event on the RSA Charge website with more than 35 hands-on labs, 90 sessions and 140 thought leaders and industry experts who are ready to share with you the key insights needed to take your security strategy to the next level. register today

RSA Charge 2017, the premier event on RSA® Business-Driven Security™ solutions, unites an elite community of customers, partners and industry experts dedicated to tackling the most pressing issues across cybersecurity and business risk management. Through a powerful combination of keynote speeches, break-out sessions and hands-on demos, you’ll discover how to implement a Business-Driven Security strategy to help your organization thrive in an increasingly uncertain, high-risk world. Join us October 17 – 19 at the Hilton Anatole in Dallas, Texas.

 

To learn more about this upcoming event and fraud trends, follow us on Twitter @RSAFraud

 

Summer is nearing an end, the kids are heading back to school, and RSA Charge 2017 is less than two months away, October 17-19.

 

We invite you to peruse the full schedule for this year’s event on the RSA Charge website with more than 35 hands-on labs, 90 sessions and 140 thought leaders and industry experts who are ready to share with you the key insights needed to take your security strategy to the next level.

 

Here are a few of the great sessions you can attend:

Rolling-out a Company Wide Risk & Control Framework Supported by RSA Archer

Third Party Governance: Perspectives from a Panel of Pros

The RSA Archer Admin Dashboard (Yes, it's really here!)

From Discovery to Remediation in 9 Days: Defend against Determined and Well-Resourced Adversaries

Maximizing Your Investment in RSA Identity Governance and Lifecycle

Deep Entity Profiling & Machine Automation – How to Use These Powerful Technologies to Mitigate Fraud While Reducing Costs and End-User Friction

 

See the full schedule here.

And, if this isn’t enough to convince you to register today for RSA Charge, over the next six weeks, every Tuesday on the RSA Link Community, you’ll also see blogs from the RSA Charge team detailing presentation highlights from each of the product tracks being offered this year at Charge, including:

Taking Command of Your Risk Management Journey

Transforming Compliance

Managing Technology Risk in Your Business

Inspiring Everyone to Own Risk

Detecting and Responding to Threats That Matter

Secrets of the SOC

Identity and Access Assurance

Reducing Fraud, While Not Reducing Customers

RSA Archer Technical

RSA Archer Technical, Advanced

 

 This year’s RSA Charge event is definitely one not to miss. If you have not registered as yet, please do so today to secure your spot and take advantage of the Discount Rate of $745, saving $200 through Sept. 15.

Additionally, if you also register for one of the Pre-Charge training courses offered by RSA University, you can save even more – the expired Early Bird Discount Rate of $645 will be extended to you up until the official start of RSA Charge on October 17. Click here to see the full course offering and for registration details. Classes are filling up quickly so don’t delay.

RSA Charge 2017 will provide you the ultimate opportunity to network with RSA customers from across the product portfolio, partners, and industry experts while discovering how to implement a Business-Driven Security™ strategy in an increasingly uncertain, high-risk world.

See you in Dallas, October 17-19 at the Hilton Anatole Hotel for RSA Charge 2017!

 

RSA Charge 2017, the premier event on RSA® Business-Driven Security™ solutions, unites an elite community of customers, partners and industry experts dedicated to tackling the most pressing issues across cybersecurity and business risk management. Through a powerful combination of keynote speeches, break-out sessions and hands-on demos, you’ll discover how to implement a Business-Driven Security strategy to help your organization thrive in an increasingly uncertain, high-risk world.

FraudAction intelligence researchers have engaged a fraudster in an online chat, in which he offered a cashout method for compromised bank accounts by abusing the Azimo and Small World money transfer apps. During the transfer, the mule account would be concealed behind a special one-time bank account that these apps provide for single transfers, serving as an account in the middle. 

Prerequisites

  • A compromised bank account
  • A mule account linked to an Azimo or Small World account

Procedure

  • Download and open one of Azimo or Small World apps.
  • Fill in the form with the transfer details.
  • In the checkout, select ‘Bank Transfer’, and you will be given a special bank account number just for the specific transfer.
  • Make a regular bank transfer from the compromised account to this special account.
  • The money will be forwarded to the mule account.

The following conversation with a fraudster details how they leverage this method using legitimate apps:

 

 

As we know, fraudsters are always looking for new cashout methods and often abuse legitimate services to do so.  Mitigation lies in awareness of the phenomenon and fine-tuning threat detection in your organization regarding the use of third party online money transfer services such as the apps mentioned in this report.