How the Dark Web is Fueling Internal Fraud

There is nothing fraudsters love more than anonymity.  They love to carry out their schemes with nobody ever having a clue of what they are doing.

The Dark Web gives fraudsters a place where they can buy and sell stolen data without ever being traced.  It is a perfect place for them to operate.

According to experts, it is also fueling an unprecedented rise in internal fraud by providing a marketplace for insiders to sell information that they have stolen.

The Dark Web is Like Ebay for insiders looking to make a quick buck off they data they steal from their employers

Last year, security experts like Red Owl detected a 100% increase in the level of “insider fraud” on the dark web – just an ominous sign of things to come.

In their report, Monetizing the Insider,” they tracked and noticed a large spike in conversations about “insiders” throughout 2015.

3 Biggest Insider Risk Identified

The monetization of insider fraud through the Dark Web is resulting in 3 significant risk which appears to have the most impact on companies.

These are the risks that companies should be concerned with:

#1 Risk – Insider Trading Information

Insiders at large companies are divulging non-public information or future announcements of their employers for money.  This information is then used by fraudsters to purchase stock and make a handy profit.

#2 Risk – Selling Credit Card Numbers

Retail employees are being solicited to sell credit card details including expiration dates, CVV (Card Verification Values), customer information and postal codes so that those card details can be used by fraudsters.

Below is an example from Red Owl of the type of posts that they are seeing on the dark web to recruit insiders.

#3 Risk – Recruiting Insider to Assist in Hacking and Data Breaches

Hackers are recruiting insiders that can act as their agents to steal data, commit fraud, and install malware on their employer computers.

By having someone on the inside that they can control, hackers can substantially increase their payout.  In this conversation, hackers are offering a 7 figure weekly income to an insider that helps them commit fraud.

Internal Fraud is Growing

Nearly 80 percent of security initiatives focus on perimeter defenses, while fewer than half of organizations budget for insider threat programs.  According to Gartner, only 18% of companies have an insider threat monitoring program.

My recommendation for companies to establish an Internal Fraud Prevention, Detection, and Reporting Program.  From my experience, Gartner and other experts are correct when pointing out that most internal fraud goes undetected.

I created a handy infographic that explains the internal fraud risk at financial companies, and what to do to prevent it.

If you are looking for some great technology to monitor internal fraud, I would recommend checking on Nice Actimize, Bottomline Technologies Intellinx Solution, or Memento from FIS.

Thanks for reading.

Frank McKenna is the Chief Fraud Strategist for PointPredictive and a Fraud Consultant based in San Diego California