Blog

July 13, 2022

When Imitation Isn't Flattery

By Robert Ellenhorn, Risk Analyst

EverC-Blog-Imitation-1

They say that imitation is the highest form of flattery. In many cases this is true… but, as is usually the case, it's not always so straightforward when it comes to the Internet.

In the world of money laundering, the ability to establish a credible front is crucial. To launder the proceeds for the sale of illicit goods such as drugs, weapons and counterfeit products, bad actors need to create a smokescreen to obscure their activity. This comes in the form of a “front” which allows the hiding of what is truly being sold. For those seeking to launder funds digitally, it is no different.

Do you believe me?

Anyone who enjoys a good mafia movie will know that a front is only as convincing as it is real. The carwash or laundromat will need to have actual laundry machines and employees who wash cars. Even the famous character Gus Fring from the series Breaking Bad was the day-to-day manager of Los Pollos Hermanos, a regional fast-food chain that doubled as the logistics hub for a drug cartel. Cleaning money necessitates a substantial investment in an active and public facing front offering real goods and services.

In the digital age, it is easier than ever to have a convincing front. There are no washing machines to buy, employees to pay, storefronts to rent or chickens to grill. What lends believability to a front in the digital space is mainly how a website presents itself.

The use of a believable front will allow a seller of illicit goods to gain access to a merchant account through an acquiring bank or payment facilitator, therefore granting them the ability to accept mainstream payment methods, such as credit cards.

Copy Paste

While there are numerous ways in which digital launderers build convincing front sites that fool banks and payment processors, there is a trending method in this space that warrants attention: the copycat.

Why bother building a front site from scratch when there are millions of active and beautifully designed websites to copy?

This is exactly what launderers are doing.

For example, in the laundering scheme, before there is a front, there is an illegal product to be sold. In this case, it is the unlicensed sale of knockoff sneakers. The website www.courneysweiger.com sells counterfeit Puma shoes at a heavy discount from the original, legitimate products.

Flattery 1

EverC’s transaction laundering detection program revealed that transactions for the sale of these illicit goods were being laundered through the website www.satoyamaspirit.com. At the time of detection, www.satoyamaspirit.com was registered with a merchant service provider and approved for the acceptance of credit card payments.

The routing of a transaction for the unlicensed sale of sneakers through a harmless ecommerce site like www.satoyamaspirit.com is a textbook case of transaction laundering. Transaction Laundering is the action whereby a merchant processes payment card transactions on behalf of another merchant.

In this case, the counterfeit shoe seller was able to successfully route their transactions through a front merchant.

So, who is this front merchant and what can we find out about them?

As seen below, www.satoyamaspirit.com purports to sell baby clothes:

 

EverC-Blog-RagsExample1

Adorable right? Perhaps not so much.

The design of the website which was being used as a front (www.satoyamaspirit.com) appears to be taken directly from a legitimate seller of baby clothes. With just a simple reverse search, we were able to find www.rags.com, the original site from which the front site operators stole their design.

 

EverC-Blog-RagsExample2

 

The front site directly lifted the text, products, logos, the terms and conditions and privacy policy from a legitimate merchant. All of this with the aim of establishing credibility and strengthening the believability of the front vis-a-vis the bank or payment facilitator.

The bad actor has not only injected illicit transactions into the payments ecosystem but has also managed to abuse the likeness and reputation of a genuine E-commerce merchant.

 

Flattery 4

Best Practices

The ability to generate front sites easily and cheaply has enabled the growth of transaction laundering, leaving acquiring banks, payment facilitators, processors and the entire payments ecosystem playing catch up.

When onboarding new merchants, organizations should consider employing the following best practices when suspecting that a merchant may be a front:

  • Examine the website’s outgoing links – e.g., Twitter, Facebook, LinkedIn, etc. Do they exist? Do they lead anywhere?
  • Look for discrepancies between the name of the website and the information presented on the website. g., Is there a difference between the contact email domain and the URL itself?
  • Check for signs the website may not actually be intended for an outward facing audience. g., there is no checkout flow, typos, poor user experience, etc.

Any of the above could be reasons to take a deeper look into a merchant and raise a red flag. EverC uses a combination of cutting-edge graph-based technology and human-in-the-loop expert analysis to uncover fronts and keep the financial system safe from copycats and others seeking to launder illicit transactions.

Seen something similar? Have questions? Want to hear more about our solutions? Feel free to reach out to us at knowledge@everc.com