Page 9 - Cyber Warnings
P. 9
Based on Flashpoint's in-depth knowledge of the criminal underground, we have noticed a
surprising level of consensus amongst cybercriminals that the latest generation of payment
platforms, such as Apple Pay and Google Pay, have thus far proved to be highly robust and
secure — far superior to EMV.
Recommendations
As much as we want to rely solely on banks to protect us from criminals, all of us can follow
these simple recommendations to significantly lower the chances of compromise:
1) Always utilize robust alerting systems built within banking applications.
2) Activate pre-authorization and purchase notifications for amounts as small as $1. Criminals
will often test stolen records on a cup of coffee before attempting to use it at the nearest Apple
store. If you only receive alerts for large amounts, by the time you spot a fraudulent purchase
and contact your bank, the criminals will be long gone and may have successfully spent
hundreds, if not thousands, of your money.
3) Never use your debit card for any online or in-store purchases. If the card is compromised, it
will be a painfully long process to get the money reimbursed by a bank. In some cases, if funds
are stolen using a PIN number, some banks may not reimburse you at all. Considering monthly
mortgage and loan payments among others, many people don't have the luxury of losing access
to their funds.
4) If possible, use a separate credit card for all commercial purchases. The compromise of a
credit card will not affect you financially while the bank investigates the theft. If you are
absolutely against credit cards and adhere to strict financial practices, open up a separate bank
account and only maintain a balance sufficient to cover your average monthly expenses, thus
limiting the exposure to your main bank account.
About the Author
Andrei Barysevich is the Director of Advanced Collection at Recorded Future.
He specializes in threat intelligence on highly restrictive criminal communities
and he oversees proactive intelligence operations. A native Russian speaker,
Andrei was previously an independent e-commerce fraud researcher, and a
private consultant for the FBI's New York Cybercrime field office. Andrei’s work
and commentary has been featured in The Wall Street Journal, Motherboard,
The Atlantic, and numerous other publications. For the past 13 years, he has
been involved in multiple high-profile international cases resulting in successful convictions of
members of crime syndicates operating global reshipping, money laundering, and bank fraud
schemes.
9 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
