TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    US company spending on private jets for personal use hits 10-year high

    June 27, 2022

    Jump in the public queue to purchase a PS5 from Sony

    June 27, 2022

    Russian missile strike on Ukraine shopping mall draws outcry

    June 27, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Jump in the public queue to purchase a PS5 from Sony

      June 27, 2022

      Amazon is reportedly hosting a second major Prime-exclusive shopping event this year

      June 27, 2022

      Valve is doubling Steam Deck shipments, so you might get yours faster

      June 27, 2022

      The Supreme Court says it won’t consider rewriting defamation law… yet

      June 27, 2022

      Roku’s capable Streambars are down to their lowest prices

      June 27, 2022
    • Business
    • Cyber Security

      87% of executives have no cybersecurity tools on personal devices

      June 27, 2022

      CISA releases cloud security reference

      June 27, 2022

      Colin Ahern named New York’s Chief Cyber Officer

      June 27, 2022

      Contractors don’t have to increase your risk profile

      June 27, 2022

      Pharmaceutical company secures network with AppSec compliance tools

      June 24, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Why Fighting Card-Not-Present Fraud Remains an Ongoing Challenge
    Cyber Security

    Why Fighting Card-Not-Present Fraud Remains an Ongoing Challenge

    February 4, 2019Updated:February 4, 2019No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    The recent takedown of the xDedic marketplace—where threat actors had been buying and selling access to compromised remote desktop protocol (RDP) servers since at least 2016 and that, according to authorities, had facilitated over $68 million USD in fraud—is the latest reminder that fraudulent card-not-present (CNP) transactions remain a persistent and dynamic challenge for fraud teams. 

    For many fraudsters, xDedic was among the various illicit online marketplaces that helped fill a void created in recent years by payment card issuers’ migration from magnetic stripe to EMV chip-enabled cards. EMV authentication has made card counterfeiting and fraudulent card-present transactions exceedingly difficult and consequently less common in regions with high adoption of EMV. But in response, many fraudsters have since altered their targeting to CNP transactions, often via schemes such as account-takeover fraud that utilize access to the types of compromised RDP servers that were available on xDedic. 

    This shift, along with the growth of ecommerce, has contributed to a substantial increase in CNP fraud—otherwise known as fraudulent transactions that occur online, via telephone, or mail. This type of fraud is typically more challenging to detect than its card-present counterpart, largely because merchants cannot access the physical cards used in CNP transactions to verify their legitimacy. As a result, many of the common verification measures for card-present transactions, such as requiring the purchaser to provide a form of identification, aren’t feasible.

    While there are various largely effective verification measures for CNP transactions, some can still be circumvented by fraudsters with the right capabilities and resources. These types of transactions often require the purchaser to input the billing address associated with the card, for example, but many fraudsters are able to obtain this information fairly easily via sources ranging from public listings and social media sites, to the illicit marketplaces where stolen card data is bought and sold. Fraudsters often acquire such data long before using it to carry out a fraudulent transaction, which is why there is relatively little that merchants can do to combat the theft of payment card data aside from effectively safeguarding that which belongs to their customers.

    Indeed, the abundance of compromised card data and other assets available online continues to hinder the fight against CNP fraud. Despite many gains by law enforcement in recent years, card shops and other types of illicit marketplaces similar to the now-shuttered xDedic remain facets of the underground economy and key enablers for CNP fraud. 

    Card shops in particular have become the primary means through which fraudsters and cybercriminals obtain stolen payment card data. In addition to dumps—which refer to card data stolen from magnetic-stripe cards that are typically used for card-present fraud—many of these shops also offer cards, which are packages of previously stolen card numbers and other information necessary for carrying out CNP fraud and related schemes. These shops are extremely appealing in the underground because they enable fraudsters to quickly and easily obtain the stolen data they need without having to steal it themselves, thereby lowering the barriers to entry for those with less-advanced capabilities or limited resources.

    It’s important to recognize that given the pervasiveness of CNP fraud and the relative ease with which many fraudsters can obtain the resources needed to carry out their schemes, this threat isn’t going away anytime soon. And although the burden of loss it causes will likely continue to fall most heavily on merchants, combating this threat needs to be a widespread, collaborative effort among organizations and defenders from across the private and public sectors. In fact, the xDedic takedown is a shining example of how collaboration and information sharing, when conducted effectively and among trusted parties, can provide immense value in the name of security—and this cooperation is something that all of us should continually seek to emulate.

    Josh Lefkowitz is the CEO of Flashpoint, which delivers Business Risk Intelligence (BRI) to empower organizations worldwide with meaningful intelligence and information that combats threats and adversaries. Lefkowitz has worked extensively with authorities to track and analyze terrorist groups. He has also served as a consultant to the FBI’s senior management team and worked for a top tier, global investment bank. Lefkowitz holds an MBA from Harvard University and a BA from Williams College.

    Previous Columns by Josh Lefkowitz:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    87% of executives have no cybersecurity tools on personal devices

    June 27, 2022 Cyber Security

    CISA releases cloud security reference

    June 27, 2022 Cyber Security

    Colin Ahern named New York’s Chief Cyber Officer

    June 27, 2022 Cyber Security

    Contractors don’t have to increase your risk profile

    June 27, 2022 Cyber Security

    Pharmaceutical company secures network with AppSec compliance tools

    June 24, 2022 Cyber Security

    How secure is your digital supply chain?

    June 24, 2022 Cyber Security
    Editors Picks

    Jump in the public queue to purchase a PS5 from Sony

    June 27, 2022

    Russian missile strike on Ukraine shopping mall draws outcry

    June 27, 2022

    Amazon is reportedly hosting a second major Prime-exclusive shopping event this year

    June 27, 2022

    Theresa May leads opposition to bill to rip up N Ireland protocol

    June 27, 2022
    Trending Now

    CISA releases cloud security reference

    By techbizweb

    Roku’s capable Streambars are down to their lowest prices

    By techbizweb

    Prosus/Tencent: reducing stake further would close valuation gap

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.