Visa threatens banks over spammer accounts

Powered by SC Magazine
 

Delinquent banks scared, shutter spammer bank accounts.

Visa has begun threatening banks that harbour spammer accounts in a move designed to crush the spam revenue model.

The initiative, described as a “major effort”, had been quietly underway since the start of the year and had already forced the closure of accounts held by major spam players.

Under the model, organisations who spot counterfeit products being sold by spammers can report the fraud to the International Anti-Counterfeiting Coalition, a task force composed of executives from corporations including Microsoft, Rolex and Apple.

The coalition would then investigate the compliant and refer the matter to Visa, which would then pressure the acquiring bank processing the spam transactions to shutter the accounts.

“Banking resources are drying up left and right,” Stefan Savage, a computer science professor at University of California and spam expert told SC Magazine Australia. “Merchant banks just roll over."

Savage led much of the work in fighting the economic model of spam. He said forcing banks to terminate spammer accounts targets a critical choke point in the spam revenue process and could destroy the current spam model.

“Acquiring banks have shown little effort to remove the accounts that spammers use,” Savage said. “They don’t care.”

Acquiring banks which process credit card transactions for spammers were identified in a study (pdf) led by Savage last year as the most significant choke point in the spam model.

Savage and a team of computer science researchers spent thousands buying about 120 spam products over a three month period in order to determine the nature of the spam revenue model. They identified that three banks based in Denmark, Azerbaijan, and the West Indies were responsible for processing credit cards used in 95 per cent of their spam transactions.

Precisely how Visa is threatening acquiring banks is not public, Savage said, but it is stern enough to see delinquent banks comply for the first time.

"It is promising, but it’s early days. People are now taking an approach that makes sense,” Savage said.

He said there were 15 steps required in the spam monetisation model, ranging from the creation of malware which harvests data, to processing victim credit cards.

Each step was critical to the model, but was also cheap and easy to replicate if disrupted. But while malware and web domains can be recreated, the point of transaction was the only step which could not easily be replicated, Savage said.

“We have been fighting this battle for a very long time … [Visa’s] effort is far more expensive (to spammers) and effective than anything else."

 

 

Copyright © SC Magazine, Australia


Visa threatens banks over spammer accounts
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 803

Vote