Heroes in Business - Experian Identity Report with Brian Stack Vice President of Engineering and Dark Web Intelligence for Experian
Episode Date: March 13, 2023Experian Identity Report with Brian Stack Vice President of Engineering and Dark Web Intelligence for Experian is interviewed by David Cogan Host of the Heroes Show. They discuss New Online Platforms ...for Cybercriminals.
Transcript
Discussion (0)
Up in the sky, look, it's captivating, it's energizing, it's Eliance's Heroes.
Eliance's is the destination for entrepreneurs, investors, CEOs, inventors, leaders, celebrities
and startups, where our heroes in business align.
Now here's your host flying in, David Kogan, founder of Eliance's.
That's right. And again, I'm so excited. Why? Because we're starting off the day with the
Experian Identity Report. I mean, let's face it, managing one's personal identity is complicated
on its own. At the business enterprise level, managing customer
identities in a strategic and secure way and at a scale across countless interactions is even more
complicated. And you know what? It's going to only get more complex in the future from what I
understand. That's why we're bringing you these special reports that will include interviews with
the world's leading experts about the game-changing impact of identity and the need to use reliable
data to make confident decisions that safely accelerate customer engagement. I'm excited today
because we have with us Brian Stack. He is the Vice President of engineering and dark web intelligence you can reach him at experian.com
that's e-x-p-e-r-i-a-n dot com so welcome to the show brian i really want to jump right in here
why are cyber criminals now moving to telegram yeah so i mean telegram is uh one of the biggest
uh mobile messaging services in the world.
And there's three drivers that we've noticed that have kind of is the genesis for this move from traditional dark web forums and sites.
And the three drivers are this. The first is data leaks.
So in the ultimate case of irony, cyber criminals are also annoyed when
their personal data is leaked online. And so there's been a number of forums, Cardi
Mafia, Mazza, BHF, they've been by competitors and the hackers themselves have had their
data leaked online. Also, some cyber criminal forums have taken over new ownership. And so
kind of like a new restaurant that often has a new manager, a lot of the current customers maybe
don't like how they run their business. Also, there have been several data compromises on these
large forums. And so because of that, there is a big move to say,
hey, we don't really trust these forums that we're used to. And so that's one of the main drivers.
The second big driver is a lot of the famous sites over the last few years, raid forums,
dark market have been seized by authorities, Interpol, the FBI. And so again, confidence drops because
of that. And then the third one is the move to global in general. I mean, Telegram, 700 million
users on it, but just the general move of everyone in our day-to-day life, moving more to mobile for
our communication and for our e-commerce is the third main driver, why Telegram really is one of the
kind of the premier, quote unquote, dark web cyber criminal markets. Can you share with us some of
the common scams that are taking place on Telegram? Yeah. So, I mean, there's some of the
classics that everyone knows, the romance scams, the friend in need scams where someone will date one of your friends by maybe
changing the handle uh just slightly enough so it looks like it's your friend who's messaging you
um along with kind of the classified ad scams people will post products um and they won't
deliver some of the ones that are very specific to telegram are uh things around a cryptocurrency
scam so people doing things to say, hey,
I have a crypto, I have, you know, a part of a Bitcoin giveaway, you know, give me your personal
information and I can or give me your potential private keys for your crypto. Let's I can send
you some free Bitcoin. There's also copycat telegram accounts. So this affects not just consumers, but businesses. So accounts on Telegram pretending to be a support center or a call agent.
Telegram, if someone posts a question to say, hey, I bought a product that, let's say, on Amazon or Walmart, and I had some issues, they'll reach out, pretend to be from Amazon, saying, hey,
I can rectify this issue. Give me your information. What was the order number? Maybe it was your
credit card number, and I can help you rectify it. So those are all the scams that are currently
happening on Telegram. Now, how do the bad actors really go about targeting
consumers though what how do they know who to target yeah so there's a number of ways one that
is kind of specific to telegram and this is normally what happens is they will directly
message you so maybe you posted something publicly online as mentioned, you've had an issue with a product or a service.
Impersonate that company.
But also with the volume of data.
So when I first got into this space several years ago, you know, we'd find breach sizes, you know, 10 million records, 20 million records.
Now it is not uncommon to find large data sets of personal information that can
be 500 million records, 600 million records.
And so they use that intelligence to build social engineering tactics to try to contact,
let's say, Brian Stack.
I know a little bit about Brian, maybe where he's from, what he's interested in, and try
to make a personal connection.
And then that leads to, again, the romance scams, the classified ad scams, or just trying to convince you that, hey,
I have a great deal on a product you may be interested in, with the motivation generally
to try to get you off of Telegram onto a website they control so they can harvest your information,
whether it be your personal information or your credit card information.
This is amazing information.
We appreciate you sharing it because, again, you're watching and listening to me, David
Kogan, host of the Alliance's Hero Show.
That's E-L-I-A-N-C-E-S dot com.
Make sure you go there and click on previous interviews where you can see other and listen
to other interviews that I've had with Experian.
Because, again, we have with us Brian Stack.
He is the vice president of engineering and dark web intelligence what amazing title and job to have at experian
so uh with that brian share with us about the what about businesses though is their brand reputation
at risk yeah definitely yes um this is not just an issue for consumers. It would be the dark web in
general or telegram, which is kind of the latest and most fashionable incarnation of how data is
traded and services are traded on the dark web. Telegram and cyber criminals are able to leverage the tools and community to target your
business brand. And they can do this in a number of ways. As I mentioned earlier, they could be
impersonating your technical administrators or your support agents. They also, especially if you
are in the premium brand of clothing, footwear, leather goods.
There's a lot of counterfeit products that are out there.
Now, those counterfeit products could be stolen products
or actual counterfeit, trying to impersonate your brand
to make a profit.
But also, and this is the part that I think
is the most fascinating to me,
and it shows the maturity of the dark web cyber community really as a mature business,
is there is very cheap denial of services attacks that are available for purchase.
And when I say cheap, I mean, for as little as $8 an hour, you can work with a third party to say,
you know what? I don't like X website. I don't like their product. So we're going to hire
this third party for just a few dollars an hour to do a denial of service attack on their network.
And for those who may not know what that is, that is where they often try to overwhelm a company's
website to not only at the very least slow it down, at the worst, take it completely offline.
at the very least, slow it down. At the worst, take it completely offline. And then lastly,
is about stealing trade secrets. There was a study from Positive Technologies at the end of 2022.
And in their research, they found that in terms of data being exfiltrated, stolen from companies due to a lot of the services and malware and tactics available on the dark web and telegram,
that about 18% of the data exfiltrated from company networks is related to either trade secrets or intellectual property or very sensitive company documentation.
Incredible information, Brian, that you're sharing.
But here's the thing. Now, what can consumers and businesses do then to prevent themselves from becoming a victim yeah so there are a number of steps you can take and i
think a lot of this applies to telegram but just in general um when when you're online one is
obviously be cautious of anyone reaching out to you offering offering you support, or claiming to be some type of official
or expert in a space, right?
So this applies to whether you're getting pinged
from someone who's claiming to be from your bank
or from someone you just purchased the product from.
Always reach out to the company directly.
Make sure you go to their website,
look at their phone number to make sure you call in
and make sure you're emailing
directly with their official company email site.
Also be aware of, again, premium support services.
You see a lot of this say, okay, you know what, we can help you with your iPhone issues
or your Microsoft issues for your laptop.
Be aware of those premium support that that are out there that really
don't see seem to be connected to um a legitimate company maybe or just a one-off never share i mean
this is probably obvious but it's good to reiterate never share your passwords two-factor
security codes um and and give your your primary email access to really anybody but yourself
um companies and brands uh and and this is advice I'm
trying to give, needs to start to look outward rather than inward. So companies are often
hyper-focused and rightfully so on how do we protect our network? How do we protect the
laptops of our employees? They need to start looking outwards. If they start to look outwards
at things like Telegram and Discord and some of
these other services, they can start to see how these criminals are piggybacking off of their
brand and their reputation to trick consumers and individuals into handing over personal information.
So I think they need to a little bit go on the offensive and the attack. Telegram, again,
Telegram is a legitimate application.
Hundreds of millions of people use it every day for legitimate reasons. And they do offer services
to block accounts, track accounts. So if you are a business, try to engage with Telegram and see
what potentially how people maybe are abusing your brand. There also is what's known as a DMCA, which is the Digital
Millennial Copyright Act. And so if you search DMCA and Telegram, there are third party services.
So if you are too busy or if you're really a small company, you don't have the time to
actively try to go on the offense, there are companies you can hire that will try to protect
your company's brand online
and make sure people are taking advantage of your copyright or your brand name to
steal information from consumers. What incredible information sharing. And again,
this has been the Experian Identity Report with Brian Stack, Vice President of Engineering
and Dark Web Intelligence. You can reach him at Experian.com.
That's E-X-P-E-R-I-A-N.com.
This has been David Kogan with the Alliances Hero Show.
Make sure that you check out Alliances.com.
That's E-L-I-A-N-C-S.com.
You're welcome to click on radio there and listen to past interviews,
including many from Experianian for the weekly report.
Thank you again, Brian, for being here today. Thanks, David. Have a great day.