SlideShare a Scribd company logo

The Rise and Rise of Web Fraud

David Jones
David Jones

Guest talk on Web Fraud to Network Security, Elect Eng Sydney University. Web1.0 generated revenues from advertising. In Web2.0 new monetization models were sought. Good stuff but eventually all these eCommerce sites wake up to discover that the fraudsters have moved in. Limited only by their imagination and the monetization model, fraudsters will do things like: login hijacks, false signups, purchases with stolen credit cards, money laundering, nigerian/419 scams etc etc. This talk talks about a few of these problems, how it gets done and what solution/responses exist.

TechnologyBusiness
1 of 19
The Rise and Rise of Web Fraud What happens when web businesses shift away from advertising revenues USYD Electrical Engineering, Network Security Guest Lecture David Jones – Founder/CTO ThreatMetrix @djinoz
Speaker brief history ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ThreatMetrix Facts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Anonymity used to be cute… Credit: New Yorker Magazine July 1993 http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you're_a_dog
Security/Fraud always morphs from FAME to $$$ Exploit Discovered Disclosure/Notoriety (defacements, spam spoofing etc) Spam, affiliate fraud etc $  Phishing, Credit Card Fraud, Botnet etc $$$  Organised Crime, Botnet Hire, Kits
Stolen Identities + Location/Device Anonymity = Perfect Storm for Fraud
“ ” Fraud as a Service” Food-chain Credit: Verisign
Common Internet Fraud types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
This maps to the following business needs
Botnets and Proxies have changed Fraud forever: Fraudster Miami/Phillipines/Ukraine ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],San Francisco Milwaukee Kalispell New York Store… ,[object Object],[object Object],[object Object],[object Object],[object Object],Bill Mary Susan Frank Store 1 Store 2
“ Fraud as a Service” (bad guy implementation of “Software as a Service”) Means the Problem is Growing Fast No need to be an expert to be a fraudster Los Angeles New York Kalispell Frank Bill Susan Millions Today BotNets rented to other fraudsters + 100,000 New Each Day
On April 30 2010 TMX systems mapped 106,000 active* compromised hosts in Australian IP address space** ~2% * Last 7 days. This is just a subset – there is a good chance ACMA or Auscert would be detecting larger amounts ** Around 10million globally
Stolen Credit Cards/Password + Botnets and Proxies = PERFECT FRAUD
Control – Payments Case Study With ThreatMetrix [Fraud Stopped 1 st time] Without ThreatMetrix [Fraud stopped on 5 th try] ThreatMetrix Confidential Stop fraud first time by detecting and piercing proxies to discover true location of device Stops Fraud First Time
Control – New Accounts Case Study Transaction Time Threatmetrix Device ID Account Email Browser Lang. Masked IP Add. Masked IP City 8/25/2008 17:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 8/25/2008 18:17 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.47.109 New York 8/27/2008 12:57 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.30 Brussels 8/28/2008 12:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.43.80 New York 8/28/2008 19:09 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.192.197 Los Angeles 9/3/2008 13:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.84 Kalispell 9/5/2008 12:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 9/12/2008 13:08 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.35 Brussels 9/12/2008 13:20 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 205.209.175.5 Los Angeles 9/12/2008 16:48 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.100 New York 9/16/2008 14:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.195.71 New York 9/17/2008 14:19 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 11:59 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 12:56 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.226 New York 9/18/2008 15:02 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.10 New York 9/19/2008 12:38 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.230 New York 9/19/2008 13:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.34 Brussels 9/19/2008 18:40 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.98.30.90 Kalispell 9/22/2008 16:51 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.227 New York 9/22/2008 17:35 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/22/2008 19:13 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/24/2008 17:29 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.2228.113.2 New York 9/25/2008 12:45 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.97 Kalispell One Month Same Device 23 User Names In China Pretending to be in…
Control – Account Login Case Study Restrict permissions of accounts based on detection of compromised computer (botnet) Risk Hidden Threat Detection
Generalized MITB “proxying” attacks (current generation of malware e.g silentbanker, Zeus)
No silver bullet - Different Customers have Different Goals Average order value, margins, virtual or physical goods, real-time needs, chargeback rates Orders ~9% 2.6% 1.3% Accept Auto Screen 5.1% Reject (Fraud) Review
Questions?

Recommended

Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016 iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016
TransUnion
 
The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention
TransUnion
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network Presentation
ThreatMetrix
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam
 
Fraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive AnalyticsFraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive Analytics
Alejandro Correa Bahnsen, PhD
 
Tracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup LandscapeTracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup Landscape
Tracxn
 
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
Amazon Web Services
 

Recommended

Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016 iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016
TransUnion
 
The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention
TransUnion
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network Presentation
ThreatMetrix
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam
 
Fraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive AnalyticsFraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive Analytics
Alejandro Correa Bahnsen, PhD
 
Tracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup LandscapeTracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup Landscape
Tracxn
 
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
Amazon Web Services
 
Techy Things lawyers need to know
Techy Things lawyers need to knowTechy Things lawyers need to know
Techy Things lawyers need to know
David Jones
 
News Bytes - December 2010
News Bytes - December 2010News Bytes - December 2010
News Bytes - December 2010
n|u - The Open Security Community
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Tech and Law Center
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
Tripwire
 
ID Theft
ID TheftID Theft
ID Theft
Willhack
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
Комсс Файквэе
 
Computer Crime Essay
Computer Crime EssayComputer Crime Essay
Computer Crime Essay
Best Online Paper Writing Service
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
guest3151b0
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Tolsti2010
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Tolsti2010
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
KALPITKALPIT1
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
Mar Soriano
 
cyber crime
cyber crimecyber crime
cyber crime
priya sehgal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Md Nishad
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
Lakkireddy Bali Reddy Collage of Engineering
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
Harvard PR
 
Computer Crime
Computer CrimeComputer Crime
Computer Crime
Farjana Akter
 
Bitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitatorBitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitator
Robin Teigland
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
Internet Law Center
 
Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17
David Jones
 
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should doAutomate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
David Jones
 

More Related Content

Similar to The Rise and Rise of Web Fraud

Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Tech and Law Center
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
Tripwire
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
Harvard PR
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
Internet Law Center
 

Similar to The Rise and Rise of Web Fraud (20)

Techy Things lawyers need to know
Techy Things lawyers need to knowTechy Things lawyers need to know
Techy Things lawyers need to know
 
News Bytes - December 2010
News Bytes - December 2010News Bytes - December 2010
News Bytes - December 2010
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
 
ID Theft
ID TheftID Theft
ID Theft
 
Web Security
Web SecurityWeb Security
Web Security
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
Computer Crime Essay
Computer Crime EssayComputer Crime Essay
Computer Crime Essay
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
 
cyber crime
cyber crimecyber crime
cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
 
Computer Crime
Computer CrimeComputer Crime
Computer Crime
 
Bitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitatorBitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitator
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
 

More from David Jones

Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014
David Jones
 
Product Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheelProduct Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheel
David Jones
 

More from David Jones (20)

Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17
 
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should doAutomate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
 
Mobile Engagement Automation - a Darwinian Guide to Customer Relationships
Mobile Engagement Automation - a Darwinian Guide to Customer RelationshipsMobile Engagement Automation - a Darwinian Guide to Customer Relationships
Mobile Engagement Automation - a Darwinian Guide to Customer Relationships
 
Why Streethawk re-wrote ibeacon handling on Android
Why Streethawk re-wrote ibeacon handling on AndroidWhy Streethawk re-wrote ibeacon handling on Android
Why Streethawk re-wrote ibeacon handling on Android
 
You've got an App - now what? Implementing your Engagement Strategy
You've got an App - now what? Implementing your Engagement StrategyYou've got an App - now what? Implementing your Engagement Strategy
You've got an App - now what? Implementing your Engagement Strategy
 
Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014
 
Your CRM is Dead: what you need to know about Mobile Marketing Automation
Your CRM is Dead: what you need to know about Mobile Marketing AutomationYour CRM is Dead: what you need to know about Mobile Marketing Automation
Your CRM is Dead: what you need to know about Mobile Marketing Automation
 
ibeacons, Privacy & Customer Segmentation - StreetHawk
ibeacons, Privacy & Customer Segmentation - StreetHawkibeacons, Privacy & Customer Segmentation - StreetHawk
ibeacons, Privacy & Customer Segmentation - StreetHawk
 
Get Users Back Into Your App! - Retention and Engagement
Get Users Back Into Your App! - Retention and EngagementGet Users Back Into Your App! - Retention and Engagement
Get Users Back Into Your App! - Retention and Engagement
 
Product Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheelProduct Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheel
 
Product/Market Fit Twists and Turns
Product/Market Fit Twists and TurnsProduct/Market Fit Twists and Turns
Product/Market Fit Twists and Turns
 
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
 
StreetHawk for ISV SpeakEasy
StreetHawk for ISV SpeakEasyStreetHawk for ISV SpeakEasy
StreetHawk for ISV SpeakEasy
 
Product/Market Fit - Twists and Turns
Product/Market Fit - Twists and TurnsProduct/Market Fit - Twists and Turns
Product/Market Fit - Twists and Turns
 
Setting up for Global Success
Setting up for Global SuccessSetting up for Global Success
Setting up for Global Success
 
assert(CPA < LTV) - the most important line of code
assert(CPA < LTV) - the most important line of code assert(CPA < LTV) - the most important line of code
assert(CPA < LTV) - the most important line of code
 
Startup Metrics for Convicts
Startup Metrics for ConvictsStartup Metrics for Convicts
Startup Metrics for Convicts
 
Skate to where the puck will be - cliche or axiom?
Skate to where the puck will be - cliche or axiom?Skate to where the puck will be - cliche or axiom?
Skate to where the puck will be - cliche or axiom?
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
The Cathedral and the Bazaar - musings on iPhone and Android
The Cathedral and the Bazaar - musings on iPhone and AndroidThe Cathedral and the Bazaar - musings on iPhone and Android
The Cathedral and the Bazaar - musings on iPhone and Android
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

The Rise and Rise of Web Fraud

  • 1. The Rise and Rise of Web Fraud What happens when web businesses shift away from advertising revenues USYD Electrical Engineering, Network Security Guest Lecture David Jones – Founder/CTO ThreatMetrix @djinoz
  • 2.
  • 3.
  • 4. Anonymity used to be cute… Credit: New Yorker Magazine July 1993 http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you're_a_dog
  • 5. Security/Fraud always morphs from FAME to $$$ Exploit Discovered Disclosure/Notoriety (defacements, spam spoofing etc) Spam, affiliate fraud etc $  Phishing, Credit Card Fraud, Botnet etc $$$  Organised Crime, Botnet Hire, Kits
  • 6. Stolen Identities + Location/Device Anonymity = Perfect Storm for Fraud
  • 7. “ ” Fraud as a Service” Food-chain Credit: Verisign
  • 8.
  • 9. This maps to the following business needs
  • 10.
  • 11. “ Fraud as a Service” (bad guy implementation of “Software as a Service”) Means the Problem is Growing Fast No need to be an expert to be a fraudster Los Angeles New York Kalispell Frank Bill Susan Millions Today BotNets rented to other fraudsters + 100,000 New Each Day
  • 12. On April 30 2010 TMX systems mapped 106,000 active* compromised hosts in Australian IP address space** ~2% * Last 7 days. This is just a subset – there is a good chance ACMA or Auscert would be detecting larger amounts ** Around 10million globally
  • 13. Stolen Credit Cards/Password + Botnets and Proxies = PERFECT FRAUD
  • 14. Control – Payments Case Study With ThreatMetrix [Fraud Stopped 1 st time] Without ThreatMetrix [Fraud stopped on 5 th try] ThreatMetrix Confidential Stop fraud first time by detecting and piercing proxies to discover true location of device Stops Fraud First Time
  • 15. Control – New Accounts Case Study Transaction Time Threatmetrix Device ID Account Email Browser Lang. Masked IP Add. Masked IP City 8/25/2008 17:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 8/25/2008 18:17 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.47.109 New York 8/27/2008 12:57 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.30 Brussels 8/28/2008 12:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.43.80 New York 8/28/2008 19:09 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.192.197 Los Angeles 9/3/2008 13:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.84 Kalispell 9/5/2008 12:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 9/12/2008 13:08 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.35 Brussels 9/12/2008 13:20 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 205.209.175.5 Los Angeles 9/12/2008 16:48 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.100 New York 9/16/2008 14:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.195.71 New York 9/17/2008 14:19 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 11:59 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 12:56 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.226 New York 9/18/2008 15:02 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.10 New York 9/19/2008 12:38 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.230 New York 9/19/2008 13:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.34 Brussels 9/19/2008 18:40 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.98.30.90 Kalispell 9/22/2008 16:51 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.227 New York 9/22/2008 17:35 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/22/2008 19:13 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/24/2008 17:29 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.2228.113.2 New York 9/25/2008 12:45 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.97 Kalispell One Month Same Device 23 User Names In China Pretending to be in…
  • 16. Control – Account Login Case Study Restrict permissions of accounts based on detection of compromised computer (botnet) Risk Hidden Threat Detection
  • 17. Generalized MITB “proxying” attacks (current generation of malware e.g silentbanker, Zeus)
  • 18. No silver bullet - Different Customers have Different Goals Average order value, margins, virtual or physical goods, real-time needs, chargeback rates Orders ~9% 2.6% 1.3% Accept Auto Screen 5.1% Reject (Fraud) Review

Editor's Notes

  1. I modified this slide from a Verisign presentation – it shows how only a few ‘fronts ’of the identity theft/fraud ecosystem
  2. ThreatMetrix Device Identification is used for three principal applications. These are i) New Account Sign-up which is broadly applicable to the financial services industry, social networking, alternative payments, credit card applications and so forth, ii) Account takeover which is broadly applicable to the same set of industries, and iii) Card not present “CNP” purchases which is applicable to the retail community. ThreatMetrix is a rules based application so the same product can be easily deployed across multiple industry types with a minimum of effort.
  3. 05/17/10