Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

Jill

Following the money: how spammers do their banking

Cory Doctorow at 8:46 am Wed, Jul 6, 2011

— FEATURED —

THE LATEST

Gweek 098: Win Hugh Howey's Paperwhite Kindle!

Book Review

Lexicon: smart, sharp technothriller from Max "Jennifer Government" Barry

Book Review

The 'Geisters: spooky, scary novel

Science

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

— FOLLOW US —

Boing Boing is on Twitter and Facebook. Subscribe to our RSS feed or daily email.

 

— POLICIES —

Except where indicated, Boing Boing is licensed under a Creative Commons License permitting non-commercial sharing with attribution

 

— FONTS —

Tweet
Kindle

Brian Krebs is continuing to report on the latest research on spammers and scammers, today naming and shaming the banks that process payments for fake anti-virus and rogue pharmacy affiliate networks, and on the system used by scammers to prevent being cut off by Visa and Mastercard.
Researchers from the University of California, Santa Barbara spent several months infiltrating three of the most popular fake antivirus (fake AV) "affiliate" networks, organized criminal operations that pay hackers to deploy the bunk software. The researchers uncovered a peculiar credit card processing pattern that was common to these scams; a pattern that Visa and MasterCard could use to detect and blacklist fake AV processors.

The pattern reflects each fake AV program's desire to minimize the threat from "chargebacks," which occur when consumers dispute a charge. The fake AV networks the UCSB team infiltrated tried to steer unhappy buyers to live customer support agents who could be reached via a toll-free number or online chat. When customers requested a refund, the fake AV firm either ignored the request or granted a refund. If the firm ignored the request, then the buyer could still contact their credit card provider to obtain satisfaction by initiating a chargeback; the credit card network grants a refund to the buyer and then forcibly collects the funds from the firm by reversing the charge.

Excessive chargebacks (more than 2-3 percent of sales) generally raise red flags at Visa and MasterCard, which employ a sliding scale of financial penalties for firms that generate too many chargebacks. But the fake AV companies also don't want to issue refunds voluntarily if they think a customer won't take the next step of requesting a chargeback...

According to the researchers, the banks are:
FMBE Bank Limited, Cyprus (SWIFT Code FBMECY2N)
Bank Hapoalim BM, Israel (SWIFT Code POALIL)
Ceska Sporitelna A.S., Czech Republic (SWIFT Code GIBACZPK)
International Bank of Azerbaijan (SWIFT Code IBAZAZ2X)
JSCB Bank Standard, Azerbaijan (SWIFT Code MOSZAZ22)

Makes me proud of my Azerbaijani background, it does (my dad was born in a refugee camp near Baku).

Which Banks Are Enabling Fake AV Scams?

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE:  ripoff

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

  • Anonymous

    Makes me ponder PayPal’s response to charge-backs…

  • Anonymous

    Seems to me this idea would generate a *ton* of false positives, made worse when the scammers figured it out.

    Public education seems to be the best solution.

    After all, people paying a recurring fee for no product is a common scam regardless of content.

  • Anonymous

    These guys can keep doing their work and wikileaks is blocked. Something is wrong?