USENIX Enigma 2016 - Drops for Stuff: An Analysis of Reshipping Mule Scams logo

USENIX Enigma 2016 - Drops for Stuff: An Analysis of Reshipping Mule Scams

Feb 09, 2016
Giovanni Vigna, Professor, University of California, Santa Barbara, and CTO, Lastline, Inc. Credit card fraud has seen rampant increase in the past years, as customers use credit cards and similar financial instruments frequently. Both online and brick-and-mortar outfits repeatedly fall victim to cybercriminals who siphon off credit card information in bulk. Despite the many and creative ways that attackers use to steal and trade credit card information, the stolen information can rarely be used to withdraw money directly, due to protection mechanisms such as PINs and cash advance limits. Therefore, cybercriminals devised more advanced monetization schemes to work around current restrictions. One monetization scheme that has been steadily gaining traction is represented by reshipping scams. In such scams, cybercriminals purchase high-value or highly demanded products from online merchants using stolen payment instruments, and then ship the items to a credulous U.S. citizen. This person, who has been recruited by the scammer under the guise of ""work-from-home"" opportunities, then forwards the received products to the cybercriminals, most of whom are located overseas. Once the goods reach the cybercriminals, they are then resold on the black market for an illicit profit. Due to the intricacies of this kind of scam, it is exceedingly difficult to trace, stop, and return shipments, which is why reshipping scams have become a common means for miscreants to turn stolen credit cards into cash. Sign up to find out more about Enigma conferences: Watch all Enigma 2016 videos at: