Press Release 1
August 9, 2000
Visa sets net security
measures
Read more..

Press Release 2
June 20, 2000
8:39 a.m. EDT (12:39 GMT)
False sense of cyber security
a costly problem for U.S.
Read more..

"I’M NOT AWARE of any (prosecutions)", said Mark Batts, the special agent in charge of the FBI’s Financial Institution Fraud Unit. "That’s not to say there aren’t any out there, but I think I would know about it if it had occurred." The issue of international credit card thievery and fraud burst into the public consciousness in January with news of a heist of thousands of credit cards from the CD Universe Web site, allegedly by a teenage hacker from Russia. It continued to make headlines this week with news that Amazon.com had uncovered a Russia-based plot to defraud it and other e-merchants out of more than $70,000 worth of merchandise using stolen credit card information. It has been known for sometime that organized crime groups and overseas free-lancers were responsible for some of the credit card fraud aimed at Internet merchants in the United States. But after more than a dozen interviews with industry insiders and e-business owners, it is clear that a much larger percentage of the fraud than previously known originates overseas.

U.S. LAW ENFORCEMENT STYMIED
This new breed of international cyber criminals are aided by the fact that the address-verification system used by merchants to compare billing and delivery information in the United States is useless overseas. It also has emerged that these criminals have thus far proven to be untouchable by U.S. law enforcement, which is hampered by the patchwork of laws on white-collar crime in other countries, jurisdictional questions, the indifference of some governments and the fact that investigation of such crimes is both time-consuming and expensive.

Internet merchants fight back
Because USA consumers are generally not responsible for the fraudulent use of their credit cards online — the $50 they can be charged is usually waived by the issuing bank — and because fraud levels are near historic lows, banks and credit card companies have downplayed the seriousness of the problem. But for e-merchants, particularly those who run small online businesses, these criminals pose a significant threat that could destroy their business.  Batts, who took charge of the FBI’s financial fraud unit late last year, said to his knowledge all investigative attempts that have attempted to track the international fraud artists have run into dead ends. The Secret Service, which bears the primary responsibility for investigating credit card fraud, did not respond to repeated requests for an interview on the subject. But when informed that MSNBC intended to report that no credit card thieves based overseas have been prosecuted, the agency did not dispute that conclusion.  Neither were the The Justice Department, U.S. credit card companies, banks, credit card processors or Internet merchants able to identify such a case.

HOW THE CARDS ARE STOLEN
The sophistication the criminals exhibit in harvesting the credit card information needed for their schemes supports his contention. Betts, the FBI agent, and other experts say most of the credit card information used for the fraudulent online purchases apparently is obtained the old-fashioned way: stolen from mailboxes or “swiped” through a card reader by accomplices working in restaurants or stores. 

The stolen credit card information is then transmitted to the thief or thieves overseas, who begin their electronic assault on Internet merchants by charging as much merchandise as they can in as short a time as possible. In some cases, they will attempt to ship the goods directly to the country they are operating out of, where the credit card address-verification system can’t be used because of stringent privacy laws. In other cases, since many Internet sellers are now leery of shipping expensive merchandise overseas, they will enlist accomplices in the United States who set up “drop sites” in vacant homes or rent living quarters under false names. By the time the e-merchant realizes the purchase was made using stolen credit cards, the goods — and the crooks — are gone. While anecdotal evidence suggests online credit card fraud is a growing problem, there’s no way of telling for  sure.

NO TRACKING OF NET FRAUD
Officials at Visa and MasterCard said that they are in the process of establishing tracking systems for fraud committed over the Internet and cannot state with certainty what percentage of their overall losses are attributable to criminals based overseas. 

“We don’t have any hard-and-fast numbers that say what the international vs. the domestic is at this point,” said Vincent DeLuca, vice president of fraud control at MasterCard International. “It’s only anecdotal from some of our members and from some of the exchange of information that goes on with law enforcement, and things we’ve seen in the media and horror stories we’ve heard from some of our online merchants.”

N Orfei, vice president for electronic commerce and emerging technology at MasterCard, said that the Internet accounts for between 2 and 2.5 percent of total credit card transactions. Using the lower figure and applying it to the bank association’s total fraud losses of $526 million in 1998 yields a loss to online fraud of slightly more than $10.5 million. Visa USA reported $487 million in fraudulent charges last year, which assuming a 2 percent rate would be approximately $9.75 million. American Express and Discover Financial Services do not publicly report fraud rates and declined to comment on the subject of Internet credit card fraud except to say that they aggressively attempt to combat it.

SPEED, DISTANCE AND ANONYMITY
“There’s a big difference between brick-and-mortar fraud and Internet fraud, and that’s the speed of the transaction, the geographical distances and the anonymity of the buyer,” said Tom Holland, director of fraud detection and prevention for the Seattle-based e-retailer. Holland, who says that his staff analyzes “trends and patterns of behavior” in an attempt to sniff out fraudulent orders, in December pointed the FBI to a Russian citizen who allegedly was part of an elaborate international fraud scheme. According to court documents, 22-year-old Roustam Kamilievich Mingazov was arrested after electronic goods fraudulently purchased from Amazon were delivered to his apartment in Reno, Nev.  The orders were placed from computers in Cheylabinsk, Russia, using information from 63 different credit cards, most of which were issued to Americans. Investigators have not yet determined how the thieves obtained the information, Assistant U.S. Attorney Steve Schroeder told MSNBC.

  While Mingazov faces up to five years in prison if he is convicted on the federal fraud charges, the case illustrates the difficulties investigators and prosecutors face in attempting to get to the masterminds of such a scheme. Mingazov, who was in the country on a student visa, told investigators that his involvement was limited to an Internet contact with an individual he knew only as “Andrei,” who said he could earn extra money by receiving packages that would be sent to his residence, the documents said.

i-fraud.com routinely assists in internal controls audits with a detection group of multidisciplinary practice professionals. i-fraud.com at all times respects confidentiality obligations over that of obligations to public disclosure and successfully delivers solutions in real-world business environments. The company's products are being used around the world by banking and financial institutions for credit and fraud detection.