Identity Fraud: Moving Beyond Document Verification
Former Cybercriminal Brett Johnson on How Fraudsters Are EvolvingIn order to improve identity verification, it is not enough to only verify documents; a multilayered approach is needed, says Brett Johnson, a former fraudster who is now a cybercrime consultant.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
"You have to verify documents, but you also have to look at the data that surround the applicants and applications," says Johnson. "Documents like a driver's license or proof of residence are easily forged and depending on the skills of the forger, you can bypass a lot of these identity verification services. So you also need to look at the data in real time that is coming into your system."
In a video interview with Information Security Media Group, Johnson also discusses:
- How fraudsters are exploiting identity verification tools;
- Why enterprises need a multilayered approach to securing identity;
- How fraud will evolve in 2022.
Johnson, referred to by the United States Secret Service as "The Original Internet Godfather," was a central figure in the cybercrime world for over 20 years. He built and was leader of ShadowCrew, the precursor to today's darknet markets. He was instrumental in developing many areas of online fraud while helping design, implement and refine identity theft, account takeover fraud, card-not-present fraud, IRS tax fraud and other social engineering attacks, breaches and hacking operations. Today, Johnson works as a cybersecurity consultant and public speaker.