Fraudster – Anonymous O on Open Banking Fraud

Open Banking is quietly transforming the financial world.

Put simply, it’s about opening your banking data to third party providers, so more companies can compete to offer you financial services.

It sounds great on paper, but of course, fraudsters are using that opportunity to target customers, fintechs and banks. In this episode of the Cat & Mouse podcast, we found someone who would share how: Anonymous O.

You can read more about Open Banking Risks in this dedicated post.

Phishing is Still a Big Part of the Fraud Ecosystem

As Anonymous O says, phishing is still the best technique to get ahold of someone’s information, whether it’s credit card details or open banking data:

“Phishing still happens. There are still people who are unaware of phishing attacks, social engineering scams, or the fact that someone is calling them pretending to be someone who works for the bank. As long as people like that exist, we can do our job and we can make money and make a living out of this.”

Here’s an example of how it works:

“You can easily create a site where you make people authorize themselves with their bank login details, like they’re going to be in something or they’re going to be able to purchase something at a very low price. Then you can send a phishing email claiming that one of the payments bounced and they have to log in. When you receive an email that states this payment has bounced, you have to log into your bank account to initiate the payment.”

This closely resembles what another fraudster, Anonymous P, shared about stealing web accounts in another episode.

Accessing Payment Information Helps Take Over Accounts

The second part of the grift is just as sophisticated. It involves logging into the user’s accounts and use the financial data as justification for more sophisticated attacks:

“We then access your historical data and the amount of those payments so we can verify or make providers understand that we actually see the history in the accounts. From there, we’re able to just take money from the balance of the bank account to different drop points, or exchange it to crypto and buy out to any third party.”

In a sense, it proves that open banking adds a layer of security. But for dedicated fraudsters, it’s still a challenge that they accept with enthusiasm:

“Open banking is not as easy as you just steal some password and login, then divide the money, it’s much harder. Banks have gotten smarter in the last 15 years so you have to use much more sophisticated techniques in order to obtain financial value from your operation.”

Challenger Bank Accounts for Sale Abound

Challenger bank accounts may seem more secure, as they’re inherently tied to an identity and a device. It turns out that many of them are created for the purpose of being sold.

“What you see is usually the different bank accounts that are being sold on clear and darknet marketplaces are mostly created accounts for using them as a drop or money mule, which means that these accounts are created with someone else’s identity.”

But They’re Usually a Stepping Stone Towards Full Bank Accounts

The fact that open banking essentially links challenger banks with financial institutions and third-party providers helps fraudster access a bridge from which they can perform their attacks:

It's rare to buy real, fully hacked bank accounts. I haven't come across those because if someone has access to those accounts, they are not going to resell it, but they're going to just cash out the money in different ways themselves. Click To Tweet

Finally, there are best practices for not getting caught when cashing out:

“If you have access to a bank account, cashing out is really easy, you just have to be aware of the different facts. Don’t try to take all the money out in 24 hours, try to be smart. Don’t try to shoot for big targets, try to stay under the radar and aim to make some small payments or subscribe to a service that charges you at the end of the month for a specific amount – replicating a legitimate person’s actions.”

Another Attack Vector: Online Loans

Anonymous explains how open banking fraud works with online loans. It’s just another way in which connecting financial data can help fraudsters find new avenues to exploit:

“What all the lending companies tend to do nowadays is verify your balance and paycheck history via accessing your history on the account and seeing what your incoming and outgoing payments are, how often you get, and how much. But if you steal someone’s identity and their bank login, it’s an easy step to just steal the victim’s username and password then add it to one of these authorization methods. The person who is impersonating their identity is going to see the actual history and then they are not the ones who are requesting the loan – even smarter.”

A Bright Future for Open Banking Fraudsters

Finally, Anonymous O explains that they believe open banking is challenging for fraudsters, but that it will actually open many avenues for scams in the future.

“Fraud today is 99% credit card payment fraud. But maybe 10 years from now, 80% of transactions will go to open banking, so 80% of fraud will also happen there.”

Is your fintech, challenger bank or financial institution ready for the risks of open banking? It’s certainly fascinating to see how obstacles are surmounted by fraudsters these days.

You might also be interested in reading about: