Fraud Schemes Targeting Small Merchants

Indictments Point to Troubling Trends, Ex-Prosecutor Warns

By , August 30, 2013.
Fraud Schemes Targeting Small Merchants

Recent indictments of defendants allegedly linked to Heartland Payments hacker Albert Gonzalez and network breaches that affected Global Payments and others show a growing trend of payments fraud that's migrating down to smaller merchants, says former federal prosecutor Kim Peretti.

See Also: OPM Breach Aftermath: How Your Agency Can Improve on Breach Prevention Programs

Peretti, who helped prosecute Gonzalez, says new indictments offer insights into the actors behind global fraud schemes that compromised 160 million cardholders. Of note in these indictments is that numerous smaller merchants were targeted for card data, a growing concern for law enforcement and the payments industry, she says.

"We're seeing a push down from the big targets to smaller and midsized mom-and-pop stores ... where they're able to hit smaller targets, but over time gather a significant number of stolen [payments] cards to resell," says Peretti, who's now a partner at the Washington-based law firm Alston & Bird LLP's white collar crime group, during an interview with Information Security Media Group [transcript below].

The indictments offers detailed insight into understanding the threat actors, how they operate and who they target, she explains.

"We've learned that they have an ability to target different types of entities and get access to [their] systems and exploit information from those systems," Peretti says.

During this interview, Peretti discusses:

  • How the indictments will serve as a cybercrime deterrent;
  • Global card fraud trends investigators are watching;
  • Challenges investigators and prosecutors still face in bringing cybercriminals to justice.

Peretti is co-chair of Alston & Bird's security incident management and response team. She is also a former director of PricewaterhouseCoopers' cyberforensic service practice and a former senior litigator for the Department of Justice's computer crime and intellectual property section. While at the Department of Justice, Peretti led several benchmark cybercrime investigations and prosecutions.

Fraud Indictments

TRACY KITTEN: Indictments against five alleged cyberthieves connected to Albert Gonzalez were recently unsealed in New Jersey, along with a separate indictment unsealed in Manhattan about a related card fraud scam. What new details do these indictments reveal about the breaches that you prosecuted?

KIM PERETTI: As an initial matter, I just want to take a step back and say that this is really a masterful effort on behalf of U.S. law enforcement putting an indictment together of this nature with this number of victims; relating the victims through common malware and common connections to servers that were located across the globe on just about every different continent; gathering the evidence from the different countries that were involved. Identifying these top-level, elite carding and hacking group individuals is really a colossal effort on behalf of U.S. law enforcement. I wanted to start with that.

As far as what these indictments reveal about the breaches that we've seen lately, it's really our first detailed insight into understanding more about the threat actors for this particular type of financial fraud. We've seen some new information about Gonzalez and his conspirators. Back in 2009, Gonzalez was indicted along with two individuals, Hacker 1 and Hacker 2, who were really leading some of the intrusions. Now we have better insight into those individuals. What these indictments revealed is that these top elite carding and hacking groups had deep knowledge about different types of systems, that they have a range of victims from electronic stock markets to processors to airlines, banks and merchants - and not only in the United States, but also globally. We've learned that they have an ability to target different types of entities and get access to [their] systems and exploit information from those systems.

Breach Details

KITTEN: How much about the breach details outlined in these indictments was news to you?

Follow Jeffrey Roman on Twitter: @gen_sec

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Arrests Pending in Chase Breach?

Experts analyze a news report that the investigation into the hack attack against JPMorgan Chase...

Latest Tweets and Mentions

ARTICLE Arrests Pending in Chase Breach?

Experts analyze a news report that the investigation into the hack attack against JPMorgan Chase...

The ISMG Network