December 3, 2017
|
Today sees part 4 of Yegate’s “Definitive Encyclopedia of Fraud” published a bit late. I’ve been in an airplane or stuck in an airport all day and only now got the chance to post it.
The response to my posting this writeup of Yegate’s has been interesting. Overall. the security people who have read over it find it fascinating.
Fraudsters? Well, the reception is decidedly mixed. I’ve received multiple requests for complete copies of the guide before I publish it here. I’ve also gotten requests for help in committing fraud. So there is that. Then there is another segment raising holy hell. They are upset I am publishing this Encyclopedia. One fraudster in particular, “Impulse666”, is so angry he alternates by calling the guide rubbish and also saying its publication is ruining the business for fraudsters everywhere. I could point out that if its publication is killing the scene that means it certainly isn’t rubbish, but I’m not sure there is any reasoning with the fellow. He threatened to actually come through the internet and kick my ass. Problem is—I think he may believe he can travel like that.
Yegate? Yegate doesn’t seem to mind I’m publishing the Encyclopedia. I did pay Mr. Yegate for the writeup. I think it’s worth it. That he doesn’t mind it being out there again speaks to the level of fraudster this fellow is. He understands publishing it only increases his status, and make him more money. I’m wagering he also knows that sharing information increases innovation on both sides.
Bear in mind–this is not a complete guide. It wasn’t meant to be. Yegate advertises it as an “Encyclopedia” and a work in progress. I think that is a fair assessment. Fraudsters can certainly learn from it as well as anti-fraud folks. My opinion is the anti-fraud people benefit from this far more than any would be cyber-criminals. Wanna-be fraudsters will gain knowledge from this, but to see any real gains or understanding they will need to sign up for some classes under Mr. Yegate. Or they could take the time-honored approach of actually learning how to commit fraud instead of paying to have someone teach them. But that likely aint gonna happen. We are, after all, dealing with a generation of Millennial Fraudsters. Have that crew sit down and learn something? Ha! So I imagine Mr Yegate will continue to have business.
Today’s publication deals with setting up bank accounts. Yegate goes into how to set up Suntrust accounts. I’m not sure if this exact method still works, but that isn’t the point. The point is that by understanding the process used to set up an account, a fraudster can tweak the method to hit a variety of banks, not just Suntrust. Likewise, for all those bankers out there wondering how fraudsters are setting up accounts to commit fraud? This is a good illustration. The method may still work like a charm. I know it did 6 months ago. If it doesn’t, then bankers can still learn from this and use the information here to counter people setting up fraudulent accounts.
With that—let’s see what Yegate wrote
Yegate’s “Definitive Encyclopedia of Fraud” Pages 35-44 Banking:
Wrapping up this segment. This is a difficult piece to publish. I speak to and consult a lot of banks. A fraudster can use the information here, apply some common-sense criminal tweaks, and start opening accounts. So why am I publishing it? First, the info here on Suntrust was widely available on AlphaBay 6 months ago. It may not have been posted publicly, but through private messages, jabber, and other behind the scenes methods of communication it was available. My understanding is Suntrust has been taking measures to counter the techniques described by Yegate. So fraudsters already had wide access to this information. Banks? Not so much. And while this technique might not work at Suntrust anymore, it could very well work at countless other banks. And, to be fair, with minor adjustments, it would easily still work at Suntrust.
So yes, fraudster learn from this. But banks and related institutions benefit more. A small banking group can read over this and take measure to combat potential fraud before it hits.
Remember though—Fraud will never be defeated, all an individual or business can do is hope to make themselves less a target than others.
GOllum
Contributing Writer at News247WorldPress