Back to work FraudFighters. Hope you all had a simply amazing Labor Day Weekend.

Back to school, back to work.

Here are the top fraud stories of the week 👇

• Fraudsters find ways to exploit fraud scores

• The FBI destroys the infamous QakBot BotNet

• Google Launches DeepFake Detector called SynthID

• Pretzal worker went on a wild Fraud Free Ride

• There are 2.5 million IRS fraud cases in limbo

• Most people chose my cloned voice as real in a poll

• Some people are exploiting credit freezes to get cards

• Millions were targeted by a Smishing Triad Group

• China’s hottest movie is about Fraud Compounds

Let’s dig deeper into these fraud stories of the week!

Uh Oh. Fraudsters Have Found Ways To Exploit Your Fraud Scores

Trust the fraud score. Until you can’t.

One fraud fighter, Nate Kharrl, is alerting the industry to a problem that he is seeing emerge and one that might have fraud analysts second-guessing the fraud score on the next online order they’re investigating.

He revealed the scheme on last week’s Fraudology Podcast with Karisse Hendrick.

According to Hendrick and Kharrl, fraudsters are increasingly shifting their methods to exploit solution vendors’ fraud scores by purposefully keeping key data points from making it into vendor fraud solutions.

Click This Link Or Image Below To Read The Blog

FBI Masterfully Destroys QakBot - An Army of 700,000 Infected Devices

An evil duck empire?

The FBI took down a network of over 700,000 infected devices last week, effectively removing the malware on those devices that caused untold losses.

QakBot used those devices to send malware spam emails that were successful in over 40 ransomware attacks that collected over $58 million from victim companies.

Read How The FBI Pulled It Off By Clicking This Link Or Image Below

Google Steps Into DeepFake Detection With SynthID

Google’s DeepMind research team launched a new solution called SynthID to detect if an image was created with Artificial Intelligence.

The solution is made up of two underlying models; one of which adds an imperceptible watermark to an AI image, and the other that can identify if an image is likely AI-generated.

With the fear of deep fakes and their impact spreading it’s good to see Google stepping in.

Click on This Link Or Image Below To Read Google’s Blog

Are Borrowers Exploiting Bank’s Soft Pull Strategies By Freezing Their Credit?

HoodRich Credit says you can get two Truist 12K limit credit cards on the sly. It involves two steps

#1 - Go to this link, open two tabs, fill out both forms, and submit them

#2 - Before you accept the offers, freeze your credit.

Apparently, if you freeze your credit, the bank will bypass the actual credit pull and rely on the original soft pull information to make the approval.

Hoodrich Credit understands most banks’ approval strategies more than the banks themselves.

On a weekly basis, he provides tips to consumers on how to stack/shotgun credit cards by doing things like applying for 4 different credit cards on 2 computers simultaneously.

All this would seem to be perfectly legal by the way, but banks should know how some borrowers can exploit their approval and underwriting strategies

Were You Targeted By This Massive Chinese Smishing Campaign Last Week?

A cybercrime group called “Smishing Triad” is responsible for a massive phishing campaign that hit the US last week.

According to researchers, the campaign was successful in accumulating over 108,000 American’s personal details. The sophisticated cybercrime group operates on Telegram and they operate like a real software company with graphic designers, web developers, and salespeople, who oversee the development of high-quality phishing kits as well as their marketing on dark web cybercrime forums.

Evidently, I was on the last because I received this text on my iPhone last week.

Pretzal Worker Had 9 Cents And Went On Wild $1 Million “Free Ride” Scheme 🎢

A part-time 23-year-old employee of Auntie Ann’s who had 9 cents in the bank was able to get a $200,000 line of credit to buy stocks on a wild free-ride scheme.

After initiating $1 million in unfunded deposits from his bank account, his brokerage gave him a credit massive credit to buy stocks which he did.

The dude only made $400 a week, but the brokerage took his income and employment claims at face value. Oh yeah, and they also didn’t question how this 23-year-old would apparently have $1 million in the bank with little employment history.

Click This Link Or Image Below To Read The Article

2.5 Million IRS Fraud Cases Are In Limbo With No Answers

The IRS sends out fraud letters when their fraud rules flag a tax return as having a high probability of being fraudulent.

The IRS sent out 4.5 million of “identity theft suspected” letters and only 2 million people even responded. That means 2.5 million suspected cases of identity theft on tax returns are still floating around out there.

Either identity theft victims are ignoring them, or they are fraud!

🚩 New Fraud Type Alert - AirBnB ATO

That is a doozy of a name for a new fraud type but it aptly describes the latest fraud trend.

Researchers at SlashNext found that cybercriminals are using phishing, stealer malware, and stolen cookies to gain unauthorized access to Airbnb accounts, then turning around and selling them online.

Apparently, they found a bustling market for Airbnb accounts. In the past few months, thousands of Airbnb accounts have become available for purchase on underground cybercrime stores, sometimes for as low as one dollar.

Breakout Movie “No More Bets” Explores Murky World Of Fraud Slave Compounds

In China, where criminal Triad gangs run empires of Pig Butchering and Online Gambling fraud compounds staffed by slaves, No More Bets is the breakout movie of the year - grossing close to half a billion in ticket sales.

Inspired by thousands of real cases, the movie offers an unparalleled glimpse into the dark world of overseas cyber fraud that has grown rampant in China.

I guess this is a sign of the times. We really are living in the age of fraud.

Bank Teller: ‘I Don’t Really Give A Crap If You Get Scammed

A Bank Teller is fed up with being abused by bank customers every day. So much so, that she could care less about customers that get scammed. Apparently, they deserve it.

As a former customer service, I can attest to the abuse. She says it’s OK if you are an older customer or a naive young person but for the most part could care less about people that get scammed.

Nice customer service! Which bank does she work at?

Poll Results- About 80% Of People Thought My Cloned Voice Was Real

The results of my poll in the last newsletter are in. I presented my real and cloned voice and asked people to pick which was real.

Initially, about 90% felt the cloned voice was real, but eventually it settled at 82%.

The second voice was my real voice. AI really is pretty powerful and improving quickly!

Fraud Analyst Tip - Dork Searches Help You Dig Deeper

Ever heard of a Dork Search? A Dork is a search string or custom query that uses advanced search operators to find information not readily available on a website.

It’s used by both hackers as well as security professionals because it can help you dig deeper into a website to find information that might not be revealed in a typical Google search.

It is often used by hackers to find sensitive information like PII buried in a website but that doesn’t mean that it can’t be used by fraud fighters as well to dig for information on shell companies, fake employers, prolific fraudsters, or other schemes by bad players you are investigating.

It’s also a great pen test tool to find vulnerabilities within your own sites.

Thanks for catching up with my weekly fraud trends and stories.

It’s a short week with the holiday but I hope you have an amazing one fighting fraud in all the ways you do.

FrankonFraud