This report, which is based upon information from law enforcement and complaints submitted to the FBI’s Internet Crimes unit, details recent cyber crime trends and new twists to previously-existing cyber scams.

TRIANGLE CREDIT CARD FRAUD
Triangle Credit Card Fraud is a common scam known to affect many on-line merchants. It has been called “Triangle Credit Card Fraud” because there are three primary parties involved or impacted by the scam.

The first party is the fraudster who acts as a seller on a popular auction or marketplace site. The fraudster “sells” a product to the second party, the buyer that knows nothing about the scam. The buyer pays the seller for the product or service.

The seller then needs to deliver the product or service to the buyer and does so by placing an order with the manufacturer of the product or service to the buyer and does so by placing an order with the manufacturer of the product or service, the third party.

That order will contain the buyer’s information for shipping and stolen credit card information for billing. When the company receives the order, the billing and shipping information is all legitimate, thus it looks like an order being placed as a gift, so the company delivers the product or service.

When the card holder finds a fraudulent charge on their card, they may file a dispute with the credit card company resulting in a chargeback for the company. This scheme is often much more complex as it is often led by overseas criminals who recruit established sellers (often referred to as mules) on auction or marketplace sites to “sell” the products.

Once a sale is completed, the mule will forward the buyer information and the bulk of the money to the fraudster to place the fraudulent order. Once a mule becomes trusted, they are often allowed to recruit other mules, leading to a complex pyramid of fraudsters and mules.

Through the on-line merchant community, many companies have been made aware of this scheme and have had great successes with stopping the illegal activity using fraud prevention and detection solutions as well as successful criminal prosecutions.

NEW TWIST TO THE WORK-AT-HOME SCHEME
The Internet Crimes unit has previously reported on work-at-home schemes where victims advised they applied for employment through on-line resumes. The alleged employers used the names of well-known financial institutions and industry agencies to lure their victims into the scheme. The potential employees were contacted via e-mail and interviewed for various positions using Yahoo! Instant Messenger.

In some cases, the employees were required to purchase various software packages to perform the tasks required for their employment. The employees received a check and were instructed to keep a portion of the funds for supplies and wire the remaining funds to another individual.

Once the employee wired the funds, the check was returned as counterfeit. The Internet Crimes unit has received over 80 complaints identifying a twist to the scheme reporting that employees were asked to post employment advertisements on Craigslist and provide full details of a credit card, including owner name, address, card number, security code, and the expiration date of the card. In doing so, the victim unknowingly became a recruiter for the fraudster.