Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime
How Do You Detect - and Stop - Bank Identity Number Attacks?
Brightwell Payment's Ernie Moran on Lessons Learned From BIN Attack on His FirmHow do you identify a BIN - Bank Identity Number - attack, let alone stop it? Ernie Moran, senior vice president of risk at Brightwell Payments, an Atlanta, Georgia-based fintech company specializing in helping global workers get paid and in sending and spending money safely and easily worldwide, shares his experience of how he managed a BIN attack on his firm that led to losses of almost $2.5 million. BIN attacks happen when fraudsters take the first six digits of a card and use a software to generate the remaining digits.
See Also: Unit 42 Cloud Threat Report, Volume 7
"Initially, we did not know what was happening, and it caused a little bit of panic when we started seeing it. Our first reaction was: How do we figure out how much money has moved off the cards, and how do we get that money back to the customers?" says Moran.
In a video interview with Information Security Media Group, he also discusses:
- How the firm realized it had been hit by a BIN attack;
- The firm's initial, unsuccessful attempt to stop the attack and the approach it took after that;
- Lessons learned and tips to stop a BIN attack.
Moran is a 25-year veteran of the payments industry. Before joining Brightwell Payments, he was with Merchant e-Solutions.