FraudJournal Blog

July 27, 2010

Is CAPTCHA Dead?

Filed under: Fraud Schemes,Fraud Trends — fraudjournal @ 2:26 PM
Tags: , , ,

One of the discussions running around the fraud blogs and LinkedIn groups is about how fraudsters have been able to get past CAPTCHA. So is it dead? That question was asked in a 2007 article when Google filed for a patent that would allow computers to read images that contained a graphic of morphed characters. (http://www.blahblahtech.com/2008/01/google-patent-captcha-killer.html)

And if you ask the internet about CAPTCHA, you will find various requests to locate a program that would essentially ‘kill’ the CAPTCHA program temporarily when dealing with other languages. So is it dead? Not yet. Businesses and websites still are using this program as a security measure. So what is the fuss?

Most of you have already experienced CAPTCHA without knowing it. This is when you are required to type in what you see on the screen (usually a set of twisted or distorted letters, numbers or combo of both) when you purchase or create an account with an online storefront or organization. If you don’t, here is a link to Wikipedia to learn (http://en.wikipedia.org/wiki/CAPTCHA).

Recently in New York, scammers created another work around by setting up a network of users to purchase tickets online from Ticketmaster. The company under indictment ‘Wiseguys.com’, purchased the maximum of number of tickets to big name concerts and events by employing a vast network of purchasers who could type in the semi-obscured graphic used as a security measure to stop scammers from purchasing more than the allowed number of tickets. These tickets were then scalped online for prices far above the normal retail value. So, now you know why some of those concerts were sold out so fast and so many tickets were for sale online. ¬†You can read the article here: http://www.nbcnewyork.com/news/local-beat/Ticket-Scalpers-Defeat-Latest-Cyber-Security-85808497.html .

So how does this effect the fight against fraud? It means that fraud has truly become a global concern. While it creates jobs in India and China, it also allows fraud rings to branch out and work towards becoming an even bigger menace than before. If the sources of scamming is off-shore, then the process to shut them down becomes much more complicated and deals with multiple jurisdictions. Plus their costs are minimal, they have a dedicated work effort can be a 24/7, and you and I can’t see them at work. It allows them to blend in or hide in plain sight.

The economy is already creating budget havoc for everyone. Law enforcement is already overwhelmed with fraud on the grand scale, which means it is up to you and I to stay aware of what we see on the Internet and around us today. Help your local and regional fraud teams by reporting fraud when you see it. And don’t buy scalped tickets – most often they are not your everyday you and me that ended up with spare tickets. It’s guys just like the scammers ‘wiseguys.com’ that stole your right to purchase them at the retail price in the first place.

Blog at WordPress.com.