Fraudster – Anonymous P on Stealing Accounts

Fraudster – Anonymous P on Stealing Accounts

We spoke with Anonymous P, an online fraudster specialising in account takeover and creating bank drops.

New fraud techniques evolve fast, but some of them are considered classics in the industry. Take, for instance, the age-old phishing and scamming tactics. They have always been around, but only seem to rear up their ugly heads more and more these days.

To understand why these techniques still work, we spoke with Anonymous P, an online fraudsters who specialises in taking over user accounts, or creating new ones with stolen ID data. 

Bank Drops Are at the Top of Fraudsters’ Lists

While Anonymous P acknowledges that different industries have different appeals for fraudsters, there’s still one ultimate goal: being able to open bank accounts for drops. For the uninitiated, these are accounts which they control and can use to transfer stolen funds at their own leisure. 

“I would say what many fraudsters are after is opening bank drops. So, using someone’s identity to open a bank account, it’s becoming a bigger and bigger risk for those neobanks, especially when you can just download the app, provide some documents about yourself, and then you will have a unique IBAN number and bank account, which you can use to receive money to launder money with it. It’s quite easy to do that if you have the right documents at hand.”

Controlling an Account Opens the Door to Plenty of Scams

Once they control an account, fraudsters will use every technique they can think of to fund it. 

“You can use this unique bank account for a lot of scams, including scams that are done through social engineering. So, Nigerian prince scam and the new versions of those. If the Nigerian prince has a legit-looking bank account that’s not in Nigeria, then people are far more likely to fall for that trick. Romance scams work the same with bank drops. They use names where it would appear as a real person and the location of the bank account is also a very important thing.”

Another use for these bank accounts is to simply receive payment for stolen items, goods or services.

Travel scams mostly include reselling different accounts and different services, for example, reselling aeroplane tickets. You could purchase hotel bookings with stolen credit cards and then you could ask for money or bank transfers to your bank, or even for crypto in an exchange.”

You Can Buy Online Bank Accounts Everywhere

While every fraud manager is already familiar with darknet marketplaces, it may come as a shock that criminals are getting brazen about selling neobank accounts. As Anonymous P puts it:

“Yeah, if someone has access to all those IDs, which can be used to create accounts, they can resell it and get quick money as well. So, in terms of where people can buy those, it’s everywhere. You can buy on Facebook marketplace, you can buy on an online forum, you can buy on a credit marketplace, darknet marketplace etc…”

Alternatively: Account Takeovers Are Easy Enough

“The easiest way, if you are lucky, you find a working password from a data breach. That’s incredibly easy to do so just to try a few combinations from those passwords. The 2nd  type of use for these data breaches is people’s email addresses. These addresses can be used as targets for phishing attacks, utilizing different kinds of marketing tools to send emails from registered domains that look like the target’s website.”

At that stage, fraudsters can either decide to keep the information for attacks, or to resell it on marketplaces. In most cases, they do both, and have no qualms about reselling data which they know isn’t fresh any longer.

Final Step: Controlling the Email Account

Impersonating someone is child’s play for fraudsters, but when they take control of an account, they must also manage the communications between the original account holder and the company whose goods or services they purchased. 

“Yeah, you have to make sure that the account holder doesn’t receive any emails about updating their account. So obviously you have to know the mechanics of your target, when they email you, etc… It’s quite easy to do yourself. In most cases they send alerts to you if it’s an address change and in many cases you don’t even get that notification.”

Another way to remain under the radar? Be proactive about changing account details, by getting in touch with the customer service department.

“Many fraudsters are leveraging the customer support, calling them as the account holder, or via chat. That’s a very easy way to change your address and then they usually don’t have the same notification processes. If you contact the line address of the customer support assistance, then you can get more things done quicker. I think that’s a good solution for changing stuff and staying under the radar.”

Controlling Fraud Threats at Every Level

Yet another fascinating chat with a fraudster who reveals that fraud finds a way to infiltrate every level at a company. Employees are susceptible to phishing attempts. Customers risk losing their accounts to a takeover. And even the customer service is weaponised against the business.

To make matters worse, it’s all part of a vicious cycle: the more data is leaked, the more phishing opportunities. And the more phishing happens, the more data is leaked.

It’s certainly given us food for thought, here at SEON, as we continue building tools and products designed to reduce fraud at your company.

You might also be interested in reading about:

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API

Share podcast

Subscribe to our newsletter

Get anti-fraud and compliance insights and tips from SEONs experts.

Author avatar
Jimmy Fong

Jimmy Fong is the Chief Commercial Officer of SEON. His expertise in payments saw him supervise the acquisitions of companies by Ingenico, Visa and American Express. Jimmy’s enthusiasm for transparent sales and Product-Led-Growth companies drives SEON’s global expansion strategy, and he interviews both fraud managers and darknet fraudsters in our podcast to stay on top of the latest risk trends. Yes, it’s also him wearing the bear suit on our YouTube channel.