Skip to content

Exploring the Stolen Check Market on the Dark Net with Dr. David Maimon

  • The Dark Net is emerging as a supplier for fraudsters
  • Dr. David Maimon shares his insights into the Dark Net ecosystem
  • A proactive approach to rising fraud cases is recommended

OrboGraph's Joseph J. Gregory and Dr. David Maimon recently discussed the Dark Web or Dark Net, which is becoming the supermarket for fraudsters looking for raw materials to use as tools in check fraud schemes, specifically images lifted from stolen checks.

Dr. Maimon is a professor and Next Generation Scholar in the Andrew Young School of Policy Studies’ Department of Criminal Justice & Criminology, and he directs the Evidence-based Cybersecurity Research Group at Georgia State University. He is also a research associate with the HUJI Cyber-Security Research Center at The Hebrew University in Jerusalem.

With check fraud seeing a 3-4X increase from 2018, it's obviously vital to learn the fraudsters methods and cut off their supply chain whereever and whenever possible.

The Dark Net/Web

It is important to understand that the dark net or dark web is a subsection of the deep web. For most people, we frequent different websites such as social media, news, and sports pages that are common amongst the general public. However, these types are sites only account for 5-10% of websites on the internet. The other 90-95% is known as the deep web -- the part of the internet that is not indexed by search engines such as Google, Bing, etc.

Dr. Maimon explains that the vastness of the Dark Net and its constant fluctuation makes it difficult to quantify the effect it has on check fraud frequency.

The extra level of anonymity makes them more comfortable sharing these with each other these types of illicit commodities.

In his research, Dr. Maimon monitors over 80 different channels/markets for check fraud activity, noting the peak of nearly 12,000 in April of 2022:

Screenshot-2024-02-19 cropped

Volume of checks found on "dark net."

Dr. Maimon provides further analysis, focusing on the median vs. the mean, as the median provides the exact middle, whereas the mean can be skewed by a few rather large or small checks:

cropped 2

Median value of stolen checks

Additionally, Dr. Maimon goes on to explain FraudGPT, an AI tool that is very useful to fraudsters, and illustrated its effect on fraud rates since its introduction in July '23:

cropped 3

The Challenges of the Dark Web

He also reminds us that not all sites on the Dark Web have criminal intent. The New York Times, Facebook, even CIA recruitment sites reside on the Dark Web, so a simple "shut down the Dark Web" approach is not practical.

"One important thing to understand is that the Dark Net, even though folks believe it's just a place where a lot of crime takes place -- it could be that that's the case; we don't really know -- but there's a lot of legitimate activities taking place on that specific platform as well," Dr. Maimon advised.

The data gathered is helping financial institutions and law enforcement, both proactively scouring the dark net for compromised accounts and stolen checks, allowing FIs and law enforcement to take action to close accounts before funds are lost.

Banks are now able to deploy dark net monitoring services -- the latest tool for check fraud prevention. However, banks need to understand that this should only be one part of their overall check fraud detection strategy. It's impossible for anyone to know what portion of the stolen checks are making their way for sale on the dark net, but increases in check fraud existed before the dark net was even a thought. Given the ease of which fraudster can commit check fraud, banks need to continue deploying a multitude of technologies -- such as behavioral analytics and image forensic AI -- to ensure complete protection from check fraud.

Leave a Comment