Dmitry Naskovets, who ran the crime ring from 2007 to 2010, made sure his caller was the same gender as the fraud victim, and even gave each caller plenty of information to answer security challenges—everything from Social Security number to oldest sibling's nickname and city where the victim was married. With that much personal information in the hands of thieves, maybe it's time for retailers, banks and payment-card companies to jettison security questions completely and go with something more secure. Voiceprints, anyone?
Remember that problem with too-easy authentication questions? Now retailers can start worrying about whether the entire authentication process is too easy. On Wednesday (Feb. 23), a 26-year-old man from Belarus pleaded guilty in a Manhattan federal court to running a network of English and German speakers who would call up banks and retailers and use stolen identities to confirm fraudulent transactions rung up by other criminals.