Going Behind Enemy Lines

Peter Taylor Reports for Phronesis Technologies

Series Introduction

Hidden figure behind 'coding' green language. Suspicious atmosphere. Cybercriminal inference

In 2017 I started research into organised cybercrime. As part of these investigations, which later resulted in this series, as well as numerous others, I spoke to reformed fraudsters. During these exchanges I learned how they committed fraud, how fraud has evolved, particularly since the COVID pandemic began, and, what affect it had on victims. I also frequented sites on the dark web, obtained copies of fraud ‘manuals’ and examined what was openly being bought and sold.

My findings have since been shared with law enforcement, fraud solutions providers, finance companies, online retailers, and numerous other organisations.

In 2020, Phronesis Technologies invited me to re-visit my research and to provide updated information, to share with other like-minded individuals, in the combined fight against fraud. As it turns out, it was perfect timing, as the global pandemic that is COVID-19 caused fraud to increase exponentially. The resulting five-part article series includes: Cybercrime, The Identity Arms Race, SIM Swap Fraud, Account Takeover and Mobile Phone Security.

Keep your enemies close

A fraud investigator’s knowledge often originates after catching a fraudster and having their techniques revealed. Conversely, a fraudsters knowledge comes from how they were able to commit a fraud unbeknownst to the victim and law enforcement. Only when we combine both sides of the coin can we see the full picture, and identify opportunities to close gaps.

The fraudster toolkit

Professional fraudsters use strict controls, commonly referred to as OPSEC (Operations Security) to remain hidden. Part of this process is creation of a fixed, permanent secure location – gone are the days of the infamous internet café residing criminals!

Regarding devices, laptops are preferred, due to their ease of transportation. Accompanying this will often be a burner mobile phone, on a PAYG service. The use of VPN’s is essential, ensuring that they cannot be tracked back to their own ISP address. However, VPN’s are not 100% reliable – this protection can sometimes be lost, providing a weakness that can be exploited when considering fraud prevention techniques.

Organised cybercriminals utilise free email addresses to undertake transactions and applications. However, these email addresses will have little, or even zero history – this, if noted by an organisation, can also be a potential weakness. If transactions include software protection that can identify social media accounts associated with an email address, the fraudster could face further problems conducting their ‘work’.

White computer hand / mouse hovering over the word Security on a desktop computer or laptop.

Tips and tricks

Through the combination of knowledge from investigators and fraudsters themselves, as well as specific product knowledge, robust and innovative anti-fraud solutions can be identified and created. Yet, despite our understanding of the topic, and an admirable show of community spirit, organisations still need better research, training, auditing, investigative techniques, and advice, with regards to fraud.

This includes, but is not limited to:

– Financial Institutions, e.g., banks, insurers, building societies, lenders

– Online retailers

– Aggregators

– Claims Companies

– Technology Providers

Collaboration and sharing of data / findings is crucial, as is the need to ensure that whilst customer satisfaction through frictionless services is important, it must not come at the cost of encouraging, or even allowing, fraud. After all, if a customer is the victim of an attack courtesy of a company, they are likely to use a competitor going forward. Therefore, fraud prevention and early detection is beneficial to all.

Most cybercriminals are well-versed in which companies, or even industries, are easy targets – do not let your organisation be one of them! Invest in robust fraud prevention / enhanced KYC solutions and ensure all potential areas of weakness are counter-acted by specific solutions.

Peter Taylor is an accomplished and distinguished fraud expert and investigator. He begun his career with Greater Manchester Police, before obtaining the position of Head of Fraud for Major Loss Adjusters. Since founding a consultancy firm, Peter has expanded his areas of expertise and is a cross-industry specialist in and cybercrime and counter-fraud measures.

As Phronesis continues to expand, now offering our Mobile Identity and Fraud Prevention services directly to enterprise, we wanted to commission research into cybercrime, and the many facets within, to both add to our understanding, and to share with our growing network of partners, clients, followers, and of course to those who generally operate in the sector.

Sponsored by Phronesis Technologies Limited.

Edits and afterword by Toni Pickering