I think she said at the start that she bought a used machine (presumably legitimately) which is what led her to be looking for cheap pods on eBay to begin with
The really scary thing is these are not some individual in their basement but organized crime gangs doing this, sometimes even governments, North Korea did this, they stole a whole bunch of credit cards and consulted Chinese state hackers how to launder them.
golf clap thanks for the lol!
The intriguing thing to me is the part where the fraudsters routinely ship extra stuff that wasn’t ordered. I was thinking at first that this made sense because, if the recipient thinks they got free stuff by mistake, their own complicity ensures they keep quiet. Which is a gross but highly plausible picture of how people operate.
But then I realised it’s not that, because if it weren’t for the free stuff, the recipient wouldn’t even notice anything unusual. And it can’t be about repeat business, because the sellers use burner accounts. If anything, the extra purchases will make the stolen cards get detected faster.
The only other thing I could think of was that maybe adding random accessories makes it harder for Nespresso and/or the card companies to spot a pattern. That’s still hard to believe, but I wouldn’t rule out the fraudsters being dumb.
You’re right. She did.
How quickly some commenters are to call foul. Does that make them liars? Or just lazy?
I thought about this, too. It’s probably just human error. There’s no disincentive for sloppy workmanship, and the actual order entry is probably done by the rock-bottom lowest level person in their enterprise. Sometimes they leave an item in their cart by accident, sometimes they forget to change the shipping address for the next order.
It factors in. Our software weights other things more heavily, though, like number of different cards attempted, whether the buyer is using a proxy, whether the order is placed from the country of the card’s issue, etc. Certain things are red flags on their own, others need to add up before the red flag is flown.
In my particular case, orders from Algeria are instant red flags. Sorry, Algerians.
She contacted the FBI. There was no response. BUT, 30 days later, the operation shut down.
Join the dots, people! THE FBI WAS RUNNING THE SCAM!
this seems like a lot of effort for something that should be only marginally effective at obfuscating the identity of the launderer - doesn’t seem very advanced - but is obviously effective which is infuriating for some reason.
Yeah, her reasoning was very unsatisfying. She said it’s that: (a) Oh, they’re just sloppy; (b) they want loyalty because of the “fragility” of the triangle.
Neither seem to make any sense. As for loyalty, you’re already getting a 50% discount on the product. And what does loyalty mean when the fraudster probably have to open up a new account every time Ebay finds out your old credit card is stolen. (Perhaps they want to quickly generate a good rating on their brand-new account in the short time they are in existence?)
But, the pods are Nespresso’s bread and butter. Surely, large numbers of people buy the pods every day? I guess I could perhaps believe these weird purchases were to fool the credit card company’s fraud heuristics, but not Nespresso.
Isn’t there? Stolen credit cards will max out or trigger an alert as more debt is incurred. Wouldn’t the fraudster want to keep the charges as low as possible, so he could keep using that same card as long as possible?
I think with stolen credit cards, the impetus is to extract as much value as possible immediately. Hanging onto and reusing a stolen credit card over extended periods is a recipe for trouble. Plus, in this case I think we’re talking about a bunch of people in an office somewhere working their way through a database of thousands or millions of stolen credit cards. It’s as boring as it can get. If one works, they use it until it stops, then move on to the next. And most won’t even work at all. I’ve seen them try up to six on our system before one goes through.
I don’t know if the actual amounts make any difference to fraud detection – I suspect it’s more about “what” and “where” than “how much” – but in any case there’s at least an opportunity cost to the fraudster. Every time you buy a $280 coffee machine with someone else’s card, and then give it away free, you’ve missed an opportunity to charge someone $50 or $100 for it. Even just typing in all those free gifts is time they could be spending on other frauds.
Thinking about it some more, perhaps it is a marketing thing. They’re saying to the recipient “hey, this is a fraud situation, but look how well you’ve done out of it – so when we get shut down, it’s worth your time to come seek out our new account”. After all, that’s pretty much exactly how this researcher did react. She kept hunting out these obscure, zero-rated sellers because it was fraudulent and because of the huge prizes.
Good talk, save for the fact there’s nary a mention what a FUCKING ECOLOGICAL DISASTER NESPRESSO IS.
Also possible: they add some free swag to encourage repeat business from buyers.
ETA: already discussed above
This topic was automatically closed after 5 days. New replies are no longer allowed.