June 8, 2020

By Brady Harrison, Senior Data Analyst, Kount

We often hear stories of credit card fraud, and in my role as Senior Data Analyst at Kount, I work to prevent it. Yet, who are the people behind acts of credit card fraud – the type of fraud that generates chargebacks and costs businesses financial pain and stolen product?

Based on the record rise in unemployment claims across the country, many people are facing financial and social strain as a result of COVID-19 shutdowns.

The U.S. unemployment rate jumped to 14.7 percent in April 2020 as the Covid-19 crisis threw millions out of work. The number of unemployed persons rose by 15.9 million to 23.1 million, according to recent reports. In addition, weekly unemployment numbers are also still affected by a backlog of claims that overwhelmed many state systems over April and May.

Financial pressures combined with the fear of “what if I get sick?” generates a combination of pressure that is giving rise to alternative or supplementary income opportunities.

During the period of state-wide lockdowns, which are now beginning to lessen, many people were sheltering in their homes and finding they had lots of time on their hands. After getting caught up with binge-watchable series, attention shifted and many decided to learn new skills, some of which are less than legal.

In a recent article in Cybernews, their research discovered that many individuals are turning to cybercrime as a potential source of income. Visits to hacker websites and chat forums increased by up to 66% in March. And they say, “2020 might prove to be the year when the ranks of cybercriminals spike exponentially due to the economic downturns caused by the COVID-19 pandemic.”

It’s no surprise that criminal activity aligns with worsening economic conditions, given the financial pressure of making ends meet among layoffs, furloughs, and bankruptcies. Fraud looks like an ever more attractive option when main streets are closed or barely hanging on.

4 Behavioral Elements that Lead to Fraud

Becoming a fraudster requires a few basic behavioral prerequisites best summarized by Donald R. Cressey, a well-known criminologist, who developed the Fraud Triangle. An abridged version of his hypothesis is this:

“Trusted persons become trust violators when they conceive of themselves as having a financial problem which is non-sharable, are aware this problem can be secretly resolved by violation of the position of financial trust…”

In order for a trusted person to become a fraudster, a paradigm shift must occur in each element of the Fraud Triangle: Opportunity, Pressure (also known as incentive or motivation), and Rationalization (sometimes called justification or attitude). Many of us have ample opportunity to commit fraud, but lack sufficient incentive, rationalization, or both to pull the trigger on stealing a gift card or saying a package was not delivered.

  • Opportunity: There must be something of value to steal and an opportunity to steal it.
  • Pressure: Financial pressure to make ends meet as a result of a COVID-19 job loss, gambling, or addiction, are examples here. This is commonly the case in economically depressed areas of the globe where tech savvy citizens have limited legitimate options in their communities for gainful employment and as a result, turn to fraud.
  • Rationalization: The fraudster needs to justify fraud in their own mind. Pressures increase when this person runs out of savings, the bailout stimulus check hasn’t arrived yet, and they are $300 short to pay for rent, and see no other options. They begin to rationalize this behavior as “just this once,” or “what is a couple thousand dollars to a billion-dollar business? They budget for loss in the price of everything they sell,” etc.

Though novel in its approach and framework, the Fraud Triangle was missing a critical element for committing fraud: Capability.

The Fraud Diamond – a newer theory– asserts that the fraudster’s capability must also be taken into account. To successfully commit credit card fraud, all four of these behavioral motivations are typically present.

  • Capability: This is where things get interesting. In the past, capability was the greatest barrier of entry for any would-be fraudster. They assumed a high-level of technical knowledge and assumption of risk was needed in order to successfully mount an attack against a target. However, the Capability barrier is coming down as necessary “tools” become more widely available. With more people at home and spending time on the computer, fraud tools are becoming more mainstream, popular, cheaper, and easier to access. With this extra time, financial pressure, and easy access to information, getting up to speed in becoming a criminal is getting easier and easier.

The Rise of the Lone Wolf Hacker

With the psychological and technical barriers falling on a day-by-day basis, fraud is no longer solely the dominion of highly sophisticated and well-funded criminal organizations. Much like the way the personal computer democratized the information era in business, the dark web is democratizing fraud. Individuals have never been more well equipped to execute fraud attacks without the support of a large criminal network by instead relying on information, tools, and resources that are now freely available online.

In just a few minutes, it is easy to go on the dark web and find steps in how to use bitcoin to buy stolen credit card numbers. Granted, the “quality” of these lists vary widely and perhaps the majority are old and inactive, but expensive alternatives can have a “fresher batch” of information and are available for purchase in abundance. Though the level of financial damage that can be inflicted with stolen cards remains constant, the need for support from a massive criminal organization or crime ring is waning. With the advent of fraud information marketplaces, discussion boards, and video tutorials, we are beginning to see the rise of individual criminals – lone wolves – who are finding quick-cash criminal niches.

Yet, this “instructional research” isn’t just available on the dark web. It is also available on popular streaming apps in an established music genre: scam rap.

The Rise of Popularity in Scam Rap

Listeners can find an easy through-line from normal music to scam rap via YouTube. These artists go beyond low level “soundcloud rappers” and are well represented in mainstream music. “Guapdad 4000” is one such high-profile former scam rapper (hacker rap) with millions of views and his albums are featured alongside mainstream artists including featured soundtracks from prominent artists. In another example, a rapper sells an audio CD entitled “Fraud Bible” on Amazon.

Musically, these artists are more instructional rather than lyrical. Most of the songs break down to 3 main themes:

  1. How to scam using stolen credit cards with detailed instructions and warnings
  2. Stories of successful scams
  3. Bragging about how much you scam

Lyrics such as “Make $100,000 in less than a month,” and “Now I’m going to teach you to swipe online,” and “Use the same card and go load up on ebay…” make it seem easy and appealing to engage in this activity.

Kount Prevents Credit Card Fraud

In the fraud prevention space, where I work, we see credit card fraud on a daily basis and analyze the financial impact of chargebacks on businesses.

The items that are getting stolen are changing, but the fundamental methodology is constant: a fraudster seeks to buy something in demand with a stolen card or identity and then resell it for cash. The items may vary, for example, data shows that electronic items like the Nintendo Switch are targets for fraud because people are at home and have time to play.

Once they take control of in-demand goods, by using a third-party shipper such as a freight forwarder, fraudsters can then resell those items on Craigslist or Ebay and pocket the cash.

When an unassuming cardholder sees charges on their statements for a Nintendo Switch or high-end TV that they didn’t purchase, they immediately call their bank to contest the charge and the bank refunds them the money.

While fraudsters might see this as a victimless crime, the original business is on the hook. When a charge is disputed, the bank then goes to the originating business that made the sale to recover the lost funds. The business bears the brunt of the cost, the lost product, and potentially brand reputation damage. All of this time and financial loss is due to a single stolen credit card number.

At Kount, we are extremely adept at catching this kind of behavior – it is Kount’s raison d’etre as a merchant-driven solution designed to stop chargebacks and fraud, and we have been successful for more than a decade. Kount came into existence because a merchant had a large chargeback problem and we needed to solve it quickly and efficiently with minimal false positives and manual reviews.

We evaluate risk with an extremely robust and advanced suite of tools. One of the key ways Kount identifies fraudulent activity is through network analysis. Kount completes what we call real-time linking on every transaction to catch stolen credit card numbers for millions of events for transactions from all around the world using supervised and unsupervised machine learning. For example, Kount’s advanced AI to link payment, location, and digital identifiers to confirm potentially risky behavior among hundreds of other data points to separate good customers from bad.

Kount’s AI-driven fraud prevention capabilities check numerous signals and measure velocities and linkages across multiple components in a purchase, including:

  • Device
  • IP
  • Payment
  • Address
  • Phone
  • Identifying anomalies and inconsistencies in linked transactions

We evaluate all of these data points and deliver to the merchant a risk transaction score – Omniscore. This is possible in milliseconds of a transaction and without generating additional operational costs and increased manual review of orders.

By having such a deep data set of billions of events, Kount’s AI provides visibility and intelligence that far outstrips the limited data available to a single company or even industry. Through the Identity Trust Global Network, Kount not only enables identity verification, but delivers accurate, real-time trust levels to confirm the identity behind every transaction and enable the most effective fraud prevention and risk strategy.

In terms of the ongoing criminal education of the lone wolf, the Cybernews article continues, “While it’s probably too early to tell if these interest spikes are causing a surge in actual cybercrime statistics, we have almost no doubt they will have at least some effect on year-end cybercrime reports.”

Brady Harrison is a Senior Data Analyst specializing in fraud mitigation and performance at Kount. Via machine learning, data analytics, and research, he ensures customers can scale their business while maintaining an appropriate risk posture against cybercriminals. With a passion for security and curiosity for all things cybercrime, he is an experienced speaker and panelist on fraud mitigation and risk covering a variety of topics from eGift card fraud to account takeover.

Prevent Chargebacks

Learn How