Login
iscover
With new data breach laws now in full swing, a former detective turned security expert for a major US retailer said most cyber criminals steal from small business simply "because it's easy."
Newsletter
'It's easy': former detective speaks on data crimes
28 March 2018
•
9 minute read
Addressing the Payments & Fraud 360 seminar in Sydney recently, Skip Myers – the director of loss prevention and fraud strategy at technology retailer Micro Center – said that this reasoning should form the basis of any prevention strategy.
You’re out of free articles for this month
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
He said it is necessary to think like a criminal who seeks the easiest means possible of ripping off the business, and then closing those loopholes.
A good place to stop future losses is to explore how past ones were allowed to happen, Mr Myers said.
“Fraud data tells a crime story – a digital whodunnit,” he said.
Mr Myers said it is possible to play detective to figure out how the theft occurred by treating everything like a crime scene, and tracing the culprit’s steps in reverse order.
He gave the example of a retailer discovering an empty box in the middle of an aisle, and how this detective process can identify how the theft occurred, and potentially even catch the culprit.
In this example, the theft was discovered at 2pm, providing a window of when to search the security cameras. Cross-checking records reveals that six employees called in sick that day, leaving the manager also off the floor trying to fill the staff shortage. This suggests the fraudster had scoped the store previously to determine staffing levels and took advantage of the prime time to strike.
In a bid to achieve this, Mr Myers suggested following this step-by-step process:
- Get into a crime scene mindset
- Analyse the root causes of the loss
- Examine internal variables
- Also examine external variables
- And then process your analysis
The same applies to tracing online fraud, only your crime scene will be a digital one, said Mr Myers.
“Any technology created for good, in the wrong hands, can be used for bad,” he said, noting the use of aeroplanes and cars as weapons by terrorists.
In the digital world, crime scene investigation will involve:
- Device fingerprint – what device was the fraudster using, when and where?
- Check the validity of their email address
- Embrace geolocation
- Explore the type of payment method used
- Dig into the shipping address
- The most important part of combatting fraud, Mr Myers said, is simply to do something about it.
“Get pissed off that someone can do this to your company and fight back,” he said.
You are not authorised to post comments.
Comments will undergo moderation before they get published.