SlideShare uma empresa Scribd logo

The Rise and Rise of Web Fraud

David Jones
David Jones

Guest talk on Web Fraud to Network Security, Elect Eng Sydney University. Web1.0 generated revenues from advertising. In Web2.0 new monetization models were sought. Good stuff but eventually all these eCommerce sites wake up to discover that the fraudsters have moved in. Limited only by their imagination and the monetization model, fraudsters will do things like: login hijacks, false signups, purchases with stolen credit cards, money laundering, nigerian/419 scams etc etc. This talk talks about a few of these problems, how it gets done and what solution/responses exist.

TecnologiaNegócios
1 de 19
The Rise and Rise of Web Fraud What happens when web businesses shift away from advertising revenues USYD Electrical Engineering, Network Security Guest Lecture David Jones – Founder/CTO ThreatMetrix @djinoz
Speaker brief history ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ThreatMetrix Facts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Anonymity used to be cute… Credit: New Yorker Magazine July 1993 http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you're_a_dog
Security/Fraud always morphs from FAME to $$$ Exploit Discovered Disclosure/Notoriety (defacements, spam spoofing etc) Spam, affiliate fraud etc $  Phishing, Credit Card Fraud, Botnet etc $$$  Organised Crime, Botnet Hire, Kits
Stolen Identities + Location/Device Anonymity = Perfect Storm for Fraud
“ ” Fraud as a Service” Food-chain Credit: Verisign
Common Internet Fraud types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
This maps to the following business needs
Botnets and Proxies have changed Fraud forever: Fraudster Miami/Phillipines/Ukraine ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],San Francisco Milwaukee Kalispell New York Store… ,[object Object],[object Object],[object Object],[object Object],[object Object],Bill Mary Susan Frank Store 1 Store 2
“ Fraud as a Service” (bad guy implementation of “Software as a Service”) Means the Problem is Growing Fast No need to be an expert to be a fraudster Los Angeles New York Kalispell Frank Bill Susan Millions Today BotNets rented to other fraudsters + 100,000 New Each Day
On April 30 2010 TMX systems mapped 106,000 active* compromised hosts in Australian IP address space** ~2% * Last 7 days. This is just a subset – there is a good chance ACMA or Auscert would be detecting larger amounts ** Around 10million globally
Stolen Credit Cards/Password + Botnets and Proxies = PERFECT FRAUD
Control – Payments Case Study With ThreatMetrix [Fraud Stopped 1 st time] Without ThreatMetrix [Fraud stopped on 5 th try] ThreatMetrix Confidential Stop fraud first time by detecting and piercing proxies to discover true location of device Stops Fraud First Time
Control – New Accounts Case Study Transaction Time Threatmetrix Device ID Account Email Browser Lang. Masked IP Add. Masked IP City 8/25/2008 17:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 8/25/2008 18:17 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.47.109 New York 8/27/2008 12:57 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.30 Brussels 8/28/2008 12:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.43.80 New York 8/28/2008 19:09 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.192.197 Los Angeles 9/3/2008 13:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.84 Kalispell 9/5/2008 12:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 9/12/2008 13:08 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.35 Brussels 9/12/2008 13:20 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 205.209.175.5 Los Angeles 9/12/2008 16:48 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.100 New York 9/16/2008 14:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.195.71 New York 9/17/2008 14:19 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 11:59 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 12:56 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.226 New York 9/18/2008 15:02 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.10 New York 9/19/2008 12:38 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.230 New York 9/19/2008 13:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.34 Brussels 9/19/2008 18:40 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.98.30.90 Kalispell 9/22/2008 16:51 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.227 New York 9/22/2008 17:35 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/22/2008 19:13 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/24/2008 17:29 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.2228.113.2 New York 9/25/2008 12:45 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.97 Kalispell One Month Same Device 23 User Names In China Pretending to be in…
Control – Account Login Case Study Restrict permissions of accounts based on detection of compromised computer (botnet) Risk Hidden Threat Detection
Generalized MITB “proxying” attacks (current generation of malware e.g silentbanker, Zeus)
No silver bullet - Different Customers have Different Goals Average order value, margins, virtual or physical goods, real-time needs, chargeback rates Orders ~9% 2.6% 1.3% Accept Auto Screen 5.1% Reject (Fraud) Review
Questions?

Recomendados

Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016 iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016
TransUnion
 
The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention
TransUnion
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network Presentation
ThreatMetrix
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam
 
Fraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive AnalyticsFraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive Analytics
Alejandro Correa Bahnsen, PhD
 
Tracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup LandscapeTracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup Landscape
Tracxn
 
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
Amazon Web Services
 

Recomendados

Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016 iovation presents Fighting CNP Fraud - April 2016
iovation presents Fighting CNP Fraud - April 2016
TransUnion
 
The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention The When, Why and How of Mobile Fraud Prevention
The When, Why and How of Mobile Fraud Prevention
TransUnion
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network Presentation
ThreatMetrix
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
Ken Lam
 
Fraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive AnalyticsFraud Detection with Cost-Sensitive Predictive Analytics
Fraud Detection with Cost-Sensitive Predictive Analytics
Alejandro Correa Bahnsen, PhD
 
Tracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup LandscapeTracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup Landscape
Tracxn
 
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
AWS re:Invent 2016: Fraud Detection with Amazon Machine Learning on AWS (FIN301)
Amazon Web Services
 
Techy Things lawyers need to know
Techy Things lawyers need to knowTechy Things lawyers need to know
Techy Things lawyers need to know
David Jones
 
News Bytes - December 2010
News Bytes - December 2010News Bytes - December 2010
News Bytes - December 2010
n|u - The Open Security Community
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Tech and Law Center
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
Tripwire
 
ID Theft
ID TheftID Theft
ID Theft
Willhack
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
Комсс Файквэе
 
Computer Crime Essay
Computer Crime EssayComputer Crime Essay
Computer Crime Essay
Best Online Paper Writing Service
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
guest3151b0
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Tolsti2010
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Tolsti2010
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
KALPITKALPIT1
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
Mar Soriano
 
cyber crime
cyber crimecyber crime
cyber crime
priya sehgal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Md Nishad
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
Lakkireddy Bali Reddy Collage of Engineering
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
Harvard PR
 
Computer Crime
Computer CrimeComputer Crime
Computer Crime
Farjana Akter
 
Bitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitatorBitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitator
Robin Teigland
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
Internet Law Center
 
Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17
David Jones
 
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should doAutomate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
David Jones
 

Mais conteúdo relacionado

Semelhante a The Rise and Rise of Web Fraud

Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Tech and Law Center
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
Tripwire
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
Harvard PR
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
Internet Law Center
 

Semelhante a The Rise and Rise of Web Fraud (20)

Techy Things lawyers need to know
Techy Things lawyers need to knowTechy Things lawyers need to know
Techy Things lawyers need to know
 
News Bytes - December 2010
News Bytes - December 2010News Bytes - December 2010
News Bytes - December 2010
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
How the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market WorksHow the Stolen Credit Card Black Market Works
How the Stolen Credit Card Black Market Works
 
ID Theft
ID TheftID Theft
ID Theft
 
Web Security
Web SecurityWeb Security
Web Security
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
Computer Crime Essay
Computer Crime EssayComputer Crime Essay
Computer Crime Essay
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
 
cyber crime
cyber crimecyber crime
cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
 
091209 Mc Afee Roundtable
091209 Mc Afee Roundtable091209 Mc Afee Roundtable
091209 Mc Afee Roundtable
 
Computer Crime
Computer CrimeComputer Crime
Computer Crime
 
Bitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitatorBitcoin: Not just a currency but an IoT facilitator
Bitcoin: Not just a currency but an IoT facilitator
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
 

Mais de David Jones

Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014
David Jones
 
Product Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheelProduct Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheel
David Jones
 

Mais de David Jones (20)

Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17Pointzi Android Developers Talk - June17
Pointzi Android Developers Talk - June17
 
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should doAutomate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
Automate Mobile Growth Hacking - 6 Easy Organic Tactics you should do
 
Mobile Engagement Automation - a Darwinian Guide to Customer Relationships
Mobile Engagement Automation - a Darwinian Guide to Customer RelationshipsMobile Engagement Automation - a Darwinian Guide to Customer Relationships
Mobile Engagement Automation - a Darwinian Guide to Customer Relationships
 
Why Streethawk re-wrote ibeacon handling on Android
Why Streethawk re-wrote ibeacon handling on AndroidWhy Streethawk re-wrote ibeacon handling on Android
Why Streethawk re-wrote ibeacon handling on Android
 
You've got an App - now what? Implementing your Engagement Strategy
You've got an App - now what? Implementing your Engagement StrategyYou've got an App - now what? Implementing your Engagement Strategy
You've got an App - now what? Implementing your Engagement Strategy
 
Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014Talk on Products for Founders Institute - July 2014
Talk on Products for Founders Institute - July 2014
 
Your CRM is Dead: what you need to know about Mobile Marketing Automation
Your CRM is Dead: what you need to know about Mobile Marketing AutomationYour CRM is Dead: what you need to know about Mobile Marketing Automation
Your CRM is Dead: what you need to know about Mobile Marketing Automation
 
ibeacons, Privacy & Customer Segmentation - StreetHawk
ibeacons, Privacy & Customer Segmentation - StreetHawkibeacons, Privacy & Customer Segmentation - StreetHawk
ibeacons, Privacy & Customer Segmentation - StreetHawk
 
Get Users Back Into Your App! - Retention and Engagement
Get Users Back Into Your App! - Retention and EngagementGet Users Back Into Your App! - Retention and Engagement
Get Users Back Into Your App! - Retention and Engagement
 
Product Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheelProduct Market Fit - lessons from the hampster wheel
Product Market Fit - lessons from the hampster wheel
 
Product/Market Fit Twists and Turns
Product/Market Fit Twists and TurnsProduct/Market Fit Twists and Turns
Product/Market Fit Twists and Turns
 
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
assert(CPA < LTV) - the most important line of code (AKA Startup Metrics ...
 
StreetHawk for ISV SpeakEasy
StreetHawk for ISV SpeakEasyStreetHawk for ISV SpeakEasy
StreetHawk for ISV SpeakEasy
 
Product/Market Fit - Twists and Turns
Product/Market Fit - Twists and TurnsProduct/Market Fit - Twists and Turns
Product/Market Fit - Twists and Turns
 
Setting up for Global Success
Setting up for Global SuccessSetting up for Global Success
Setting up for Global Success
 
assert(CPA < LTV) - the most important line of code
assert(CPA < LTV) - the most important line of code assert(CPA < LTV) - the most important line of code
assert(CPA < LTV) - the most important line of code
 
Startup Metrics for Convicts
Startup Metrics for ConvictsStartup Metrics for Convicts
Startup Metrics for Convicts
 
Skate to where the puck will be - cliche or axiom?
Skate to where the puck will be - cliche or axiom?Skate to where the puck will be - cliche or axiom?
Skate to where the puck will be - cliche or axiom?
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
The Cathedral and the Bazaar - musings on iPhone and Android
The Cathedral and the Bazaar - musings on iPhone and AndroidThe Cathedral and the Bazaar - musings on iPhone and Android
The Cathedral and the Bazaar - musings on iPhone and Android
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Último (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

The Rise and Rise of Web Fraud

  • 1. The Rise and Rise of Web Fraud What happens when web businesses shift away from advertising revenues USYD Electrical Engineering, Network Security Guest Lecture David Jones – Founder/CTO ThreatMetrix @djinoz
  • 2.
  • 3.
  • 4. Anonymity used to be cute… Credit: New Yorker Magazine July 1993 http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you're_a_dog
  • 5. Security/Fraud always morphs from FAME to $$$ Exploit Discovered Disclosure/Notoriety (defacements, spam spoofing etc) Spam, affiliate fraud etc $  Phishing, Credit Card Fraud, Botnet etc $$$  Organised Crime, Botnet Hire, Kits
  • 6. Stolen Identities + Location/Device Anonymity = Perfect Storm for Fraud
  • 7. “ ” Fraud as a Service” Food-chain Credit: Verisign
  • 8.
  • 9. This maps to the following business needs
  • 10.
  • 11. “ Fraud as a Service” (bad guy implementation of “Software as a Service”) Means the Problem is Growing Fast No need to be an expert to be a fraudster Los Angeles New York Kalispell Frank Bill Susan Millions Today BotNets rented to other fraudsters + 100,000 New Each Day
  • 12. On April 30 2010 TMX systems mapped 106,000 active* compromised hosts in Australian IP address space** ~2% * Last 7 days. This is just a subset – there is a good chance ACMA or Auscert would be detecting larger amounts ** Around 10million globally
  • 13. Stolen Credit Cards/Password + Botnets and Proxies = PERFECT FRAUD
  • 14. Control – Payments Case Study With ThreatMetrix [Fraud Stopped 1 st time] Without ThreatMetrix [Fraud stopped on 5 th try] ThreatMetrix Confidential Stop fraud first time by detecting and piercing proxies to discover true location of device Stops Fraud First Time
  • 15. Control – New Accounts Case Study Transaction Time Threatmetrix Device ID Account Email Browser Lang. Masked IP Add. Masked IP City 8/25/2008 17:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 8/25/2008 18:17 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.47.109 New York 8/27/2008 12:57 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.30 Brussels 8/28/2008 12:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.77.43.80 New York 8/28/2008 19:09 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.192.197 Los Angeles 9/3/2008 13:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.84 Kalispell 9/5/2008 12:24 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.10 New York 9/12/2008 13:08 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.35 Brussels 9/12/2008 13:20 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 205.209.175.5 Los Angeles 9/12/2008 16:48 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.79.172.100 New York 9/16/2008 14:33 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 204.16.195.71 New York 9/17/2008 14:19 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 11:59 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/18/2008 12:56 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.226 New York 9/18/2008 15:02 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.10 New York 9/19/2008 12:38 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.230 New York 9/19/2008 13:25 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 78.129.235.34 Brussels 9/19/2008 18:40 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.98.30.90 Kalispell 9/22/2008 16:51 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 208.101.53.227 New York 9/22/2008 17:35 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/22/2008 19:13 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 75.126.8.13 New York 9/24/2008 17:29 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 66.2228.113.2 New York 9/25/2008 12:45 cf3fad94727611dd800000167e5d5632 [email_address] zh-cn 64.32.7.97 Kalispell One Month Same Device 23 User Names In China Pretending to be in…
  • 16. Control – Account Login Case Study Restrict permissions of accounts based on detection of compromised computer (botnet) Risk Hidden Threat Detection
  • 17. Generalized MITB “proxying” attacks (current generation of malware e.g silentbanker, Zeus)
  • 18. No silver bullet - Different Customers have Different Goals Average order value, margins, virtual or physical goods, real-time needs, chargeback rates Orders ~9% 2.6% 1.3% Accept Auto Screen 5.1% Reject (Fraud) Review

Notas do Editor

  1. I modified this slide from a Verisign presentation – it shows how only a few ‘fronts ’of the identity theft/fraud ecosystem
  2. ThreatMetrix Device Identification is used for three principal applications. These are i) New Account Sign-up which is broadly applicable to the financial services industry, social networking, alternative payments, credit card applications and so forth, ii) Account takeover which is broadly applicable to the same set of industries, and iii) Card not present “CNP” purchases which is applicable to the retail community. ThreatMetrix is a rules based application so the same product can be easily deployed across multiple industry types with a minimum of effort.
  3. 05/17/10