Speaking of Security – The RSA Blog and Podcast

To me, online dating these days is not much different than online fraud. I speak from personal experience on both – as someone who has experienced the thrills of online dating sites (NOTE sarcasm here) and has the privilege of witnessing the latest online scams that fraudsters pull on a daily basis. I live in both worlds – and trust me, they are not much different.

The fallout from the news of the Global Payments breach may be just subsiding, but one thing can already be said – this probably isn’t the last processor that will be breached.

Phishers, botmasters and underground vendors are increasingly adapting business models and tools for their nefarious ventures. Botmasters are creating and selling blacklists to ward off research and shutdown attempts by infosec experts and law enforcement. Underground vendors transact with buyers using in-house or publicly available escrow services, and crimeware coders offer user manuals and responsive, multi-lingual customer support. Offering Trojans as FaaS, Citadel’s coders are likely the first to sell monthly subscription plans to guarantee their customer base periodic builder updates and bug fixes, and supposedly ensure ongoing, seamless development and improvement of their Trojan kit.

Everybody knows that the Russian fraudsters are more sophisticated than their English-speaking counterparts. However, this isn’t the only geographic-related difference between fraudsters.

Of all the terms describing identity theft methods, “Vishing” (which stands for “Voice Phishing”) is perhaps the most ambiguous one. A simple Google query for the definition of the term shows just some of its multiple interpretations. But why are fraudsters using this type of attack?

Looking to maximize their profits, fraudsters need to do a whole lot of learning. They can either learn techniques of areas they have not focused on thus far, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use. A lot of this learning is done through trial and error. That’s how fraudsters discover vulnerabilities in banks’ processes that allow them to cash out a lot of money with relatively little effort.

The RSA FraudAction team just marked a major milestone – reaching the official shut down of 500,000 phishing attacks, done across 185 countries. Sometimes viewed as one of the oldest Internet scams in the book, phishing is still a very popular method among cybercriminals. RSA recently estimated that worldwide losses from phishing attacks during the 12-month period from July 2010 through June 2011 reached nearly $1 billion. How did such a seemingly simple email ruse get to be such big business in the world of cyber crime?

APT has become a buzz of security professionals for the past few years, but now has legitimate attention among all levels of the organization. Why? Because executive leadership knows that buzzword has now become a clear and present danger even among private sector organizations.

Similar to some businesses, fraudsters have the ability not only to invest money, but also to invest materials from the production process in order to develop their manufacturing capabilities. Compromised credit cards, for example, can either be used to purchase items in online stores for profit or used to purchase various accounts in legitimate services that would be used in future scams. In other words, fraudsters can use what they’ve reaped to re-sow the field.

The 1982 masterpiece Blade Runner by Ridley Scott is one of my old-time favorites. Harrison Ford chases androids in a futuristic, visually stunning Los Angeles. The future looks bleak, and technology advances did not make the human race any happier.