Sawt Falasteen - Visa's 24/7 war room takes on global cybercriminals

The numbers that the payments giant grapples with are enormous. Every year, $15 trillion flows through Visa's networks, representing roughly 15 percent of the world's economy. And bad actors constantly try to syphon off some of that money.

Modern fraudsters vary dramatically in sophistication.

To stay ahead, Visa has invested $12 billion over the past five years building AI-powered cyber fraud detection capabilities, knowing that criminals are also spending big.

"You have everybody from a single individual threat actor looking to make a quick buck all the way to really corporatized criminal organizations that generate tens or hundreds of millions of dollars annually from fraud and scam activities," Michael Jabbara, Visa's global head of fraud solutions, told AFP during a tour of the company's security campus.

"These organizations are very structured in how they operate."

The best-resourced criminal syndicates now focus on scams that directly target consumers, enticing them into purchases or transactions by manipulating their emotions.

"Consumers are continuously vulnerable. They can be exploited, and that's where we've seen a much higher incidence of attacks recently," Jabbara said.

- Scam centers -

The warning signs are clear: anything that seems too good to be true online is suspicious, and romance opportunities with strangers from distant countries are especially dangerous.

"What you don't realize is that the person you're chatting with is more likely than not in a place like Myanmar," Jabbara warned.

He said human-trafficking victims are forced to work in multi-billion-dollar cyber scam centers built by Asian crime networks in Myanmar's lawless border regions.

The most up-to-date fraud techniques are systematic and quietly devastating.

Once criminals obtain your card information, they automatically distribute it across numerous merchant websites that generate small recurring charges -- amounts low enough that victims may not notice for months.

Some of these operations increasingly resemble legitimate tech companies, offering services and digital products to fraudsters much like Google or Microsoft cater to businesses.

On the dark web, criminals can purchase comprehensive fraud toolkits.

"You can buy the software. You can buy a tutorial on how to use the software. You can get access to a mule network on the ground or you can get access to a bot network" to carry out denial-of-service attacks that overwhelm servers with traffic, effectively shutting them down.

Just as cloud computing lowered barriers for startups by eliminating the need to build servers, "the same type of trend has happened in the cyber crime and fraud space," Jabbara explained.

These off-the-shelf services can also enable bad actors to launch brute force attacks on an industrial scale -- using repeated payment attempts to crack a card's number, expiry date, and security code.

The sophistication extends to corporate-style management, Jabbara said.

Some criminal organizations now employ chief risk officers who determine operational risk appetite.

They might decide that targeting government infrastructure and hospitals generates an excessive amount of attention from law enforcement and is too risky to pursue.

- 'Millions of attacks' -

To combat these unprecedented threats, Jabbara leads a payment scam disruption team focused on understanding criminal methodologies.

From a small room called the Risk Operations Center in Virginia, employees analyze data streams on multiple screens, searching for patterns that distinguish fraudulent activity from legitimate credit card use.

In the larger Cyber Fusion Center, staff monitor potential cyberattacks targeting Visa's own infrastructure around the clock.

"We deal with millions of attacks across different parts of our network," Jabbara noted, emphasizing that most are handled automatically without human intervention.

Visa maintains identical facilities in London and Singapore, ensuring 24-hour global vigilance.

R.Shaban--SF-PST