Our loyalty fraud team recently partnered with Dark Web expert and Director of Security Research Jason B. Lancaster at SpyCloud to take a deeper dive into the Dark Web. As part of our loyalty fraud prevention series, this blog post will cover: the Dark Web Market, how fraudsters are selling rewards points and miles on the Dark Web, and what happens to member data after a breach has occurred.
This post is the second in our in-depth Dark Web series. If you missed our introductory piece, start here to learn what the Dark Web is, how users and fraudsters access it and how it contributes to loyalty program fraud.
What is the Dark Web Market?
The Dark Web Market commonly refers to the sites hosted within the Dark Web where users can buy and sell various goods. There are thousands of these marketplaces, and even search engines to find them.
Markets on the Dark Web are often used to sell illegal goods (drugs, weapons), stolen products (gift cards, merchandise), even account information (login credentials for bank or rewards accounts). These marketplaces are turning a major profit. Many of them rake in tens of millions of dollars, then disappear.
In 2015, a $50 million drug and gun Dark Web Market disappeared and millions in Bitcoin vanished with it. More recently, in July 2017, online market AlphaBay, the biggest online darknet drug market, went “dark,” in what could possibly be the largest exit scam in history. The growing consensus is that the site’s administrators shut down the site, taking millions of dollars in crypto-currency with them.
Loyalty program fraud on the Dark Web
How does all of this relate to loyalty program fraud? Remember, there are thousands of marketplaces selling illicit products and goods on the Dark Web, and loyalty accounts are among the “products” illegally bought and sold online.
Fraudsters with an eye for rewards (and the billions of dollars they’re worth in the U.S. alone) are making money off loyalty programs by selling both the points/miles and the loyalty account information. Generally, loyalty account information (login credentials) is labeled as stolen data, while points, miles and products are sold on sites like eBay and Craigslist and not advertised as stolen.
How rewards member data ends up on the Dark Web
Loyalty member accounts are most often taken over one at a time, rather than in a bulk database breach, though bulk breaches do occur. Fraudsters gain access to loyalty member account data when program members reuse a compromised password, or they simply brute force their way into an account.
After an account takeover or breach occurs, fraudsters either share loyalty program data publicly (to improve their reputation), sell program data online to other criminals (to turn a profit), or cash-in the account’s reward points and fraudulently redeem for physical merchandise to either keep for themselves or sell online.
Quite simply, fraudsters hack an individual loyalty account, record the member data (login credentials) then proceed to share or sell it on the Dark Web.
How can you protect your loyal customers?
Stay tuned for the next in our series of blog posts about the Dark Web. In it, we’ll cover specific steps loyalty program managers should take to ensure their members are protected.