The Online Fraudcast with Brett Johnson & Karisse Hendrick
Summary: Brett Johnson and Karisse Hendrick are both anti-cybercrime experts. But, with very different experiences. Karisse has worked with hundreds of the World's largest e-commerce and mobile companies to help them prevent payment fraud and other threats to their bottom line and customers. Brett, started his journey as an online fraudster, creating the first darknet forum for buying & selling credit cards and was responsible for creating the criminal enterprise that commits identity theft, credit card fraud and many other online scams. But, after landing on the Secret Service's Most Wanted List and serving his time, he's been reformed and now dedicated his career to helping consumers and online companies prevent fraud from people he used to be.
The online fraud prevention industry has changed a lot. Even in the last decade, we have seen hundreds of 3rd party solutions enter the market, all promising to reduce chargebacks and false positives. We've also seen venture capital firms invest Billions of dollars in fraud prevention technology companies. And we've seen thousands more professionals join the industry as merchants, vendors and everything in between. What do these things mean for the current "state of the industry" and what can we learn for the next 10 years?In this episode, Karisse shares some of her thoughts on these topics after returning from one of the largest online fraud prevention conferences in the US, the Merchant Risk Council's spring conference in Las Vegas, Nevada. After having 100s of conversations with leading online merchants, talking to several 3rd party providers and walking through the exhibition hall, she'll re-cap her observations, learning opportunities and suggestions for how we can all move forward in the next decade, and beyond.
Beyond fraud prevention, what is a company's corporate and moral responsibility when it comes to content moderation and keeping their users safe? That is the question Brett & Karisse explore after another tragedy (Christchurch, NZ) was live-streamed on a social media platform. As commerce continues to connect strangers, allows people upload content without anyone reviewing it first, As commerce continues to connect strangers, allows people to upload content without being reviewed or approved first, and strangers get in each other's cars, houses, etc....the need to pivot from "just" preventing payment fraud to gaining consumer's trust and keeping them safe is apparent. But, what do you do when the company strategy conflicts with the strategy of a Trust & Safety team?
Collaboration in fraud fighting is essential, and on this episode, Brett & Karisse explain why it's important and various ways to collaborate within the industry. But first, they start off with a "What The Fraud" segment that involves El Chapo, Pre-paid debit cards and Brett being offered a job by the Sinaloa Drug Cartel! One of the main factors that contributed to Brett's success as a fraudster, was collaboration with his peers. Mostly on online forums, but also in person, online fraudsters share everything with each other. From which companies are the easiest to target, to the specific methods of various fraud strategies to online tutorials that include a glossary and tests. But, for the "good guys", it's much harder to collaborate with each other. It's equally just as important to share best practices, new fraud tactics that you're experiencing and which tools work best for which issues as it is for the "bad guys" to share with each other. But, privacy policies, competitive advantages and PR restrictions, it can be a challenge. Though difficult, it's not impossible and creating opportunities for merchant collaboration has been a passion project in Karisse's career, and it's become a topic important to Brett as well, and they share some of the ways they suggest to learn from others in the industry.Brett & Karisse will be recording an episode of Online FraudCast live at CNP Expo 2019, May 22-23 in San Francisco. Join them! Use promo code " FCast "to save 10% off Early Bird registration until April 5. www.CNPExpo.comSubscribe to Online FraudCast on your favorite podcast platform to be alerted to new episodes.
One of the most requested topics for this podcast has been around chargebacks. Listeners have even started referring to this as Karisse's "favorite subject" (it's definitely high on the list!). While an hour is a short amount of time to try to explain everything about chargebacks, this should be a good primer to get you thinking about your company's chargeback strategy. As much of a pain as they are, they can also have value in providing business intelligence to your company and internal processes, as well as a way to track your team's progress and efforts, as you see incoming chargeback volume reduced and recovered chargeback revenue increased. In this solo episode, Karisse discusses the overall chargeback process, as well as her own philosophy on chargeback management, which has been validated over 14 years of experience in chargeback reduction and recovery. Subscribe to Online FraudCast on your favorite podcast platform to be alerted when a new episode has been released. As mentioned at the beginning of the episode, Online FraudCast will be recording an episode live on stage at CNP Expo (San Francisco, May 21-23)! Use promo code "Fcast" to save 10% on registration as well as to be eligible for two "perks", to be announced soon.www.CNPExpo.com
Fake IDs are used for much more than minors trying to sneak in to bars. -And it's a subject Brett has been dying to talk about on the podcast for the last few weeks! But first, Brett & Karisse discuss last week's emotional episode and some of the responses of listeners. Then, they have two exciting announcements! The main topic of this week's episode is how fake identity documentation is being used to commit fraud online. As more companies are turning to identity documentation verification services for fraud/Trust & Safety efforts, fraudsters have found ways to get around this. -And it might surprise you to learn what they're doing! Brett believes this is going to become a much bigger issue as 2019 continues and he explains what he's doing to further educate online fraud fighters on this topic, outside of the podcast.Follow Online FraudCast on Facebook, or follow Brett Johnson and/or Karisse Hendrick individually on LinkedIn.To attend the first LIVE recording of Online FraudCast at CNP Expo 2019 (May 21-23 in San Francisco), register to attend CNP Expo! Use promo code FCast to receive 10% off early bird prices (while Early Bird prices remains). We're looking forward to seeing you there!
Brett & Karisse are both back and ready to catch everyone up on their lives from the last 2 weeks. Also, both hosts were recently interviewed for a large podcast (link below) and wanted to "clear the air" about a few things that were said on that show. Then, the episode takes a sharp left turn, with Brett opening up more than he ever has on this podcast about his past. This episode is emotional, honest and real. **Child abuse is discussed in this episode; if this is something triggering or difficult for you to hear, please catch up on past episodes or catch next week's episode when we'll return to the subject of fraudSlate Magazine's Decoder Ring episode about Brett:Titled: The Grifterhttps://slate.com/culture/2019/01/decoder-ring-brett-johnson-grifter.html
This week, Brett took one for the team, recording by himself, while Karisse recovers from losing her voice. In this episode, Brett touches on several topics such as sophisticated vs. unsophisticated fraud, preparing your employees to protect your company against the most vulnerable attack methods and a deep dive in to NEW techniques being used to commit synthetic identity theft. -This is especially important for financial institutions, companies with lines of credit and merchants with private label cards. Subscribe to Online FraudCast on your favorite podcast platform to be alerted when new episodes are out! To contact the hosts, go to www. OnlineFraudCast .com or connect with each host individually on LinkedIn.
Last week, news broke of a new cache of stolen PII data being released. "Collection #1" consisted of over 700 million e-mail addresses and over 20 million passwords. And, it was reported more collections (2-6) would be released soon. But, shortly after the news was announced, many experts reported the bulk of the data had already been released in to the dark markets, so the majority of the "Collection #1" data was "old". Many experts stated this wasn't a big deal because the information is already out. But, is this really no big deal for fraud?Brett & Karisse asked friend of the podcast, Aaron Sherman, Senior Director of Cyber Threat Intelligence at Braintrace. aaron had a few days to look through the Colllection #1 data and shares observations he found, as well as insights that can be gained from this data that will continue to be useful for fraudsters to commit fraud. Password safety, employee training, credential stuffing and business email compromise are just a few of the topics discussed in this episode.Subscribe to Online FraudCast to be alerted when new episodes are out!Original Article Detailing Collection #1:https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/Have I been pwned website:https://haveibeenpwned.com/
When a company first starts receiving fraudulent transactions on their website, it's usually fairly easy to spot (if you know what to look for). But, after awhile, the fraud tactics will get more sophisticated and frequent. When is that tipping point and what causes it? That's the main listener suggested question Brett and Karisse answer in this episode. They also explore how a fraudster selects a new company to exploit and the things they look at to select the method they use and the information they buy. And, to demonstrate the way they do this, Brett uses the online rental websites as an example. -A business model Karisse knows all about and shares some of her experience & stories.Subscribe to Online Listen to be alerted when new episodes are released. Follow Online FraudCast on Facebook and Brett & Karisse individually on LinkedIn.
Brett & Karisse dive in to one of the "Top CyberCrime Trends in 2019", fake reviews online. While not directly related to payment fraud, there are several connections to the methodology and goals of the perpetrators. -To create a perception of reality and a narrative to manipulate consumer behavior to their advantage. And if you're a company that allows consumer reviews on your website, chances are your fraud department oversees the integrity of these ads as well.Then, Karisse tackles a question that was posed in an article last week (and a question she receives fairly often from merchants): Are AVS & CVV necessary in this day and age? Both hosts will discuss the benefits and challenges that come with utilizing these services in an online environment. The answers may surprise you!Subscribe to Online FraudCast on your favorite podcast platform to be alerted when new episode are out! And, follow Online FraudCast on Facebook, or Brett & Karisse individually on LinkedIn for more fraud news throughout the week.
Brett & Karisse are both back from their travels & ready to dive in to talking about fraud. Brett starts out talking about his trip to speak at an International Security Conference in Istanbul, Turkey. Then, he convinces Karisse to share how she helped a famous former athlete re-cover their social media account after it was compromised due to Account Takeover. They also share their suggestions for New Years resolutions for fraud prevention professionals, based their observations of the merchants that they work with and talk to. Working on any of these best practices will lead to more streamlined processes, business intelligence and optimized systems. Subscribe to Online Fraud on your favorite podcast platform, follow us on Facebook or individually on LinkedIn.
Brett is out of the country, so Karisse is on her own! Fraud Fighters often ask her about career growth & personal development in this emerging industry of fraud prevention, so she took this opportunity to give her thoughts & experience and some advice she's learned along the way. You're hear about her long & windy road that lead her to consulting & speaking at events, and some of the advice she has for those fraud fighters wanting to take that next step, whatever it is.Subscribe to Online FraudCast to be alerted to new episodes and follow Online FraudCast on Facebook, or the hosts individually on LinkedIn. Or, e-mail us at Info@OnlineFraudcast.com
What happens when Brett Johnson records an episode without his co-host? You get to learn a lot from a former cyber-criminal! In this solo podcast, Brett shares his opinion on former colleague Max Butler's recent indictment of additional felonies while in jail, as well as insights on his own time in prison. Brett also discusses vulnerabilities in the USPS "Informed Delivery" program and smart doorbells and how both can provide a false sense of security unless you're informed. News Stories Referenced in this episode:Max Butler News:https://www.thedailybeast.com/feds-say-imprisoned-hacker-ran-a-drone-smuggling-ringAaron Sherman's Interview on Informed Delivery:https://www-abc4-com.cdn.ampproject.org/v/s/www.abc4.com/amp/news/local-news/criminals-can-target-your-packages-with-usps-informed-delivery/1639604014?amp_js_v=0.1&usqp=Brett Johnson's Blog Post about Smart doorbells:https://www.anglerphish.com/single-post/2018/11/12/Ring-a-Ling-Porch-Pirates-Defeating-the-Ring-Doorbell-SystemSubscribe to Online FraudCast to be alerted of new episodes when they're released. Also, follow Online FraudCast on Facebook, connect with co-hosts on LinkedIn or e-mail us at Info@OnlineFraudCast.com
Based on several reports from online merchants, law enforcement, cardholder victims and even posts on fraudster forums, it's become clear to Brett & Karisse that there's a new fraud tactic targeting online retailers. It's a new issue that they're not entirely sure of a solution yet, but it's rampant enough to discuss and notify online retailers this is happening. But, before diving in to that topic, Brett & Karisse discuss fraud during the holidays. Why do fraudsters love Christmas as much as everyone else? What are some of their goals for holiday orders? What are they posting on dark web fraudster forums? -It'll all be discussed prior to discussing what they're tentatively referring to as "white list fraud". Follow Online FraudCast on Facebook! Questions? e-mail: email@example.com
According to a recent study, experts are estimating that fraud targeting call centers and customer service departments of online companies will increase 250% by the end of 2018 (compared to 2017). And, based on the online companies Karisse and Brett have talked to, it's become a huge problem. Whether the fraudster is calling to re-route a package, place an expensive order or to pre-text, Karisse & Brett will discuss why these are becoming a bigger problem, examples of the tactics being used and ways to work with customer service to train them to identify fraud calls and prevent losses due to phone fraud. Especially with the holidays coming quickly, this is an important episode to listen to as this method will be used frequently by fraudsters for the Holidays 2018.To listen to the webinar the hosts mention they did with Sift Science and CardNotPresent.com, and hear more about this fraud trend and others impacting retailers this holiday season, go here:https://info.cardnotpresent.com/holiday-fraud-trends-targeting-retailers-webinar?utm_campaign=Webinar%20Rebroadcasts&utm_source=web&__hstc=244873690.753f11dbb2fd82bcb7ebeb3a7dfb2a58.1519760045432.1524771864226.1533093306402.8&__hssc=244873690.2.1542309146129&__hsfp=298233994Subscribe to Online FraudCast on your favorite podcast app to be alerted when new episodes are out. We love to hear from our listeners! Follow Online FraudCast on Facebook, follow the hosts individually on LinkedIn or e-mail us at firstname.lastname@example.org to stay connected, ask questions or provide feedback!