$45M recurring porn charge credit card scam

Rohit Khare (rohit@uci.edu)
Sun, 23 May 1999 22:12:07 -0700

[A fascinating site Faughnan put together. It's really quite simple
if you understand payment systems -- it really is the case that the
"core routers" of the CC net range from strong neural-nets (AmEx) to
junk. Look for a valid point about the emergence of pseudo-spoofing
by Kragen there, too... RK]

>Author: <echeck@ls.fstc.org> at Internet
>Date: 5/17/99 9:53 AM
>A while back, I posted a reference to an interesting web site on
>credit card fraud set up by Dr. John G. Faughnan.
> http://www.labmed.umn.edu/%7Ejohn/ccfraud.html
>What I felt made this site interesting and relevant was that it
>was built by someone claiming to be a victim of a credit card
>scam, and presented a surprisingly detailed accounting for how
>such frauds might be conducted and the vulnerabilities within the
>existing credit card payments infrastructure. Since the author is
>an amateur in the financial payments arena, the point of view
>presented in his web site is decidedly different from other
>industry sources. However, I had to withhold judgment on the
>veracity of his story simply because there is so much fiction and
>urban mythology in the world of consumer commerce over the
>internet, especially where pornographic sites are involved.
>Still, I found Dr. Faughnan's story to be credible, and so I've
>been tracking it since late December. Gradually, he has presented
>more evidence backing up his case that there is widespread fraud
>with small-dollar, recurring charges against credit cards. On
>Friday, I came across the following story in ComputerWorld:
> http://www.computerworld.com/home/print.nsf/CWFlash/990510A51A
>It now appears that the original claims made by Dr. Faughnan have
>been substantiated by government prosecutors, who arrested a Mr.
>Kenneth Taves, the alleged ringleader of the particular scam that
>resulted in unauthorized charges against Dr. Faughnan's business
>credit card. What really caught my attention was that the
>prosecutors are alleging that Mr. Taves and his associates raked
>in over $45 million in fraudulent charges from 22 countries!
>Equally amazing is that it seems this case would never have even
>been pursued by the government had it not been for the
>persistence of Dr. Faughnan and other web site operators around
>the world (esp., Japan). For a background piece on Dr. Faughnan
>and his web site, check out the following MSNBC article:
> http://www.msnbc.com/news/231737.asp
>Although the type of fraud perpetrated in this case could have
>been conducted without ever using the Internet, the Internet
>became a powerful tool for victims to fight back. Move over "60
>minutes," you've met your match. A footnote: some of the victims
>were victimized a second time when their employers charged them
>with using corporate credit cards to purchase pornographic
>materials. In other words, the damage here was more than
>monetary, and people's lives and livelihoods were seriously
>I apologize to any recipients who feel I've wasted their
>bandwidth by posting a message that does not relate directly to
>echeck. However, I feel it is healthy to get a "customer's"
>perspective on issues such as fraud in the payments system. Dr.
>Faughnan's web site clearly points to some serious problems in
>the way financial firms are dealing with their customers in the
>context of fraud, but he also has high praise for those firms who
>are effectively dealing with their customers' problems or are
>taking steps to reduce the incidence of credit card fraud. I also
>believe that the technology vendors need to evaluate their roles
>in addressing these sorts of problems.
>Let's hope that we never have to confront a Dr. Faughnan bringing
>us to task for not doing all we can do to prevent fraud and abuse
>of echeck transactions.
>..Chuck Wade
> BBN Technologies, an operating unit of
> GTE Internetworking
> 617 873 6260 Voice
> 617 873 1896 Fax
> http://www.bbn.com/groups/profserv/