PYMNTS-MonitorEdge-May-2024

Hacker Tracker: Call Center Scams, Password Reuse Dangers

Hacker Tracker Fraud

It never takes long for cybercriminals to find new avenues to perpetrate fraud.

Like the old saying goes, when one door closes, a window opens.

In India, call centers are becoming a prime launching point for fraudsters to target Americans, while the advertising industry is dealing with the continued threat of the elaborate Methbot scam. All the while, people who continue to reuse passwords are potentially making the job of fraudsters much easier than it has to be. Chad Schamberger, director of engineering at VirtualArmour, joined this week’s Hacker Tracker to share his insights on some of the biggest news impacting the cybersecurity space.

Fraud On The Line

The customer service industry in India has transformed into a new — and lucrative — channel for fraudsters.

According a report from the New York Times highlighting the scams, the Federal Trade Commission was recently alerted to a scam in which everyone in a particular call center was impersonating Internal Revenue Service officials. The call center employees would then demand immediate payment from scam victims to cover bogus taxes that were never paid and owed.

A call center worker told Betsy Broder, who tracks international fraud at the FTC, that if a person seemed scared or fell for the scam, then they would direct them to purchase thousands of dollars in iTunes cards to prevent being thrown in jail. The victim would send the iTunes card codes to the scammers, which gave them access to the money.

“Although this scam was relatively unsophisticated and preyed solely on fear and naiveté, the issue of fraud is one that has grown exponentially in line with the swell of sensitive data that is now held and transferred digitally,” Schamberger noted.

“Criminals are now learning about potential targets and using their lack of security parameters to lull them into providing private information.”

The NYT noted this scam is being tracked by the U.S. government and has been looked into since 2013. The paper noted that since 2013, Americans — many of whom are recent immigrants — have been scammed out of $100 million as a result. In the past, India wasn’t known for large-scale fraud, but that is changing.

Ad Fraud Takes Center Stage

Intel’s IT Peer Network recently discovered that Methbot, an ad fraud infrastructure that can host legitimate videos and serve them to 300 million fake viewers per day, has raked in around $180 million in the past few months.

With each view, the fraudsters are able to earn $13.

Ultimately, Methbot creates fake users that seem to be watching advertising videos so that they can make money from impressions.

According to the report, Methbot is one of the most sophisticated ad fraud networks and is able to host videos on what seem to be high-ranking websites, giving the website millions of views that are actually fake. The scammer gets the advertising rates for the views, which can range from $3 to $36 per thousand views. The companies who pay for real views are the victims because there aren’t real people viewing any of the videos. The report noted that video ads on highly trafficked websites get the highest prices when it comes to digital advertising.

“Where there is money to be made, there will be those who use technology to abuse the ‘rules’ that govern online business and advertising,” Schamberger explained.

To be successful, the criminals, which Intel said are organized, had to create a huge infrastructure to make it look like there are users from preferred regions to boost the amount they can charge for views. Methbot created 250,000 fake web pages to host the real videos, and the criminals bought more than 6,000 domains for the websites and are estimated to be running 8,000 to 12,000 dedicated servers with customized software to generate 300 million counterfeit impressions each day.

While the Methbot technology is undoubtedly sophisticated, he added, scammers will ultimately look for the path of least resistance and prey on weaknesses in established systems that are the easiest to exploit.

“Companies will continue to spend money online in an effort to acquire new business, and because of this and the growing cyber threat, these types of programmatic platforms which generate significant revenues will need to be increasingly sophisticated in their monitoring and evaluation of security threats,” Schamberger added.

The Problem With Passwords

Information technology (IT) professionals have big concerns about the ways in which employees use and reuse their passwords.

A recent Gemalto survey of 1,150 IT professionals worldwide revealed that 90 percent of respondents are worried about password reuse, but 68 percent said they would be comfortable if an employee used their social media credentials on company resources.

The majority (62 percent) of respondents expressed feeling a mounting pressure to implement similar types of security methods that are used across consumer services, such as fingerprint scanning and iris recognition.

“Attackers will find the weakest point in any given system and exploit it to gain entry into a company’s infrastructure. Whether that’s through an endpoint, social engineering or a web server, everything is vulnerable if it is not properly locked down and protected,” Schamberger said.

While many of the survey respondents plan to expand or implement multifactor authentication in the coming months, enterprise security still has a long way to go in addressing vulnerabilities, especially as employee mobility increases.

“These type of attacks will continue to evolve with areas traditionally considered ‘safe’ becoming nonexistent without protection,” he noted.

“Our advice? Move beyond basic education around passwords and recognize that when it comes to the three pillars of IT security, people, process and technology, people are by far the weakest link and that the cost and disruption related to any potential breach will far outweigh any perceived inconvenience that individuals might have to endure with robust authentication processes in place,” Schamberger added.

PYMNTS-MonitorEdge-May-2024