Idan Aharoni
Idan Aharoni is the manager of the FraudAction Intelligence team at RSA where he is responsible for gathering, analyzing and reporting intelligence findings on cybercrime and fraud activity. Mr. Aharoni joined Cyota (later acquired by RSA) in February 2005 as an analyst at the Anti-Fraud Command Center. During his service, he founded the FraudAction Intelligence team, which he leads today. Between his work at the Anti-Fraud Command Center, as well as the unique insight he has gained by the intelligence and discoveries gathered by his team, Mr. Aharoni offers vast expertise into the underground fraud economy and how cybercriminals operate.
Popularity of automated stores in the black market increase as source code is traded in "kits"
|
In my last post, I discussed the trend of automated credit card stores proliferating in the fraudster underground. In addition to the reasons I listed...
Continue Reading
Automated Credit Card Stores and the Business of Trading in the Fraud Underground
|
Innovation and evolution are two words that are not hard to find in blog posts and news articles about fraud. It seems that almost every day security researchers uncover new features and improvements in fraudsters’ tools and infrastructure. Many of these innovations stem from the availability of new services in the underground.
Continue Reading
Call it What You Want: But it is Still the Black Market
|
Unless you accidentally wandered here while searching for the Road Safety Authority, you’ve most likely been introduced with the “fraudster underground” or “underground economy.” A lot has been written about the criminal bowels of the Internet, either in...
Continue Reading
Card Checking is Still a Booming Business
|
For those who commit it, fraud is similar to a game of chess. You can’t reach a check-mate if you haven’t aligned all your pieces appropriately before making your big move. If you’re trying to defraud a bank through the online channel, you first need...
Continue Reading
Universal Man-In-The-Middle: Next Generation Phishing Was Already Here
|
Over the years, phishing attacks have changed and evolved. Around 2005, it was popular to add a Javascript code to the simple HTML pages that took advantage of a vulnerability in the browser. This allowed the fraudsters to spoof the URL of the phishing attack so it would appear as...
Continue Reading
Fraudsters Still Earn a Paycheck from Traditional Methods: From Phishing Kits to Cash
|
Every fraud operation consists of two main stages. In the first stage, fraudsters use various tools and sources to obtain records of stolen identities, while in the second “cash out” stage, they turn those records into cold hard cash.
Continue Reading
Online Security is Like Football - You Need a Defensive Front Line
|
A recent blog by my colleague, Seth Geftic, discussed the inability of security education to prevent fraud. The issue of security education has always been a complex one. Until an empirical study comes along that...
Continue Reading
The Real Cost of a Pizza - and a Social Security Number
|
A good friend of mine who lives in New York engaged me in a conversation about identity theft recently where he said, “I don’t care if they steal my credit card information. For that, I’m covered. What I am worried about is my Social Security number. If that ever gets stolen – I’d be in serious trouble!”
Continue Reading
