Earlier this week, news broke that residents of Britain, the United States, and several other countries, are among 36 defendants charged for their alleged involvement in a cyber crime operation responsible for more than $530 million (€433 million) of losses to consumers, businesses, and financial institutions.
According to a statement, the US Justice Department said the cyber crime ring was one of the largest it had ever prosecuted, and had targeted millions of people around the world. Operating under the slogan “In Fraud We Trust,” members of the Infraud Organization used an online forum to purchase and sell stolen identities, credit cards, and financial information.
Commenting on this, Ryan Wilk, vice president at NuData Security Inc., a Mastercard Company, said “Cyber crime is as well organised, well-resourced, and technologically advanced as many other industries. Infraud Organization proves how easy it is for fraudsters to access personal information– and how much of it is available out there.
Infraud and similar organisations affect every company, not just those in the retail sector, because they show how easily data from any source can be broadly distributed for profit. This data is used for account takeover and other successful tactics such as whale phishing.
Although the organisation has been dismantled, it still raises an important point for companies: how can they make sure they are providing services to the legitimate customers when bad actors make it so easy to buy personal information?
The success of an organisation whose motto is “In Fraud We Trust” is a clear sign that companies need to rethink authentication and incorporate continuous validation techniques based on data that can’t be mimicked, such as passive behavioural biometrics.”