Visa's 24/7 war room takes on global cybercriminals
The numbers that the payments giant grapples with are enormous. Every year, £15 trillion flows through Visa's networks, representing roughly 15 per cent of the world's economy. And bad actors constantly try to siphon off some of that money.
Modern fraudsters vary dramatically in sophistication. To stay ahead, Visa has invested £12 billion over the past five years building AI-powered cyber fraud detection capabilities, knowing that criminals are also spending big.
"You have everybody from a single individual threat actor looking to make a quick buck all the way to really corporatised criminal organisations that generate tens or hundreds of millions of pounds annually from fraud and scam activities," Michael Jabbara, Visa's global head of fraud solutions, told AFP during a tour of the company's security campus.
"These organisations are very structured in how they operate."
The best-resourced criminal syndicates now focus on scams that directly target consumers, enticing them into purchases or transactions by manipulating their emotions.
"Consumers are continuously vulnerable. They can be exploited, and that's where we've seen a much higher incidence of attacks recently," Jabbara said.
Scam centres
The warning signs are clear: anything that seems too good to be true online is suspicious and romance opportunities with strangers from distant countries are especially dangerous.
"What you don't realise is that the person you're chatting with is more likely than not in a place like Myanmar," Jabbara warned.
He said human-trafficking victims are forced to work in multi-billion-pound cyber scam centres built by Asian crime networks in Myanmar's lawless border regions.
The most up-to-date fraud techniques are systematic and quietly devastating. Once criminals obtain your card information, they automatically distribute it across numerous merchant websites that generate small recurring charges — amounts low enough that victims may not notice for months.
Some of these operations increasingly resemble legitimate tech companies, offering services and digital products to fraudsters much like Google or Microsoft cater to businesses.
On the dark web, criminals can purchase comprehensive fraud toolkits.
"You can buy the software. You can buy a tutorial on how to use the software. You can get access to a mule network on the ground or you can get access to a bot network" to carry out denial-of-service attacks that overwhelm servers with traffic, effectively shutting them down.
Just as cloud computing lowered barriers for start-ups by eliminating the need to build servers, "the same type of trend has happened in the cyber crime and fraud space," Jabbara explained.
These off-the-shelf services can also enable bad actors to launch brute force attacks on an industrial scale — using repeated payment attempts to crack a card's number, expiry date, and security code.
The sophistication extends to corporate-style management, Jabbara said. Some criminal organisations now employ chief risk officers who determine operational risk appetite. They might decide that targeting government infrastructure and hospitals generates an excessive amount of attention from law enforcement and is too risky to pursue.
'Millions of attacks'
To combat these unprecedented threats, Jabbara leads a payment scam disruption team focused on understanding criminal methodologies.
From a small room called the Risk Operations Centre in Virginia, employees analyse data streams on multiple screens, searching for patterns that distinguish fraudulent activity from legitimate credit card use.
In the larger Cyber Fusion Centre, staff monitor potential cyberattacks targeting Visa's own infrastructure around the clock.
"We deal with millions of attacks across different parts of our network," Jabbara noted, stating that most are handled automatically without human intervention.
Visa maintains identical facilities in London and Singapore, ensuring 24-hour global vigilance.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
New Straits Times
an hour ago
- New Straits Times
India committed to 'fair, balanced' trade with US
NEW DELHI: India on Wednesday said it was committed to negotiating a "fair, balanced" trade deal with Washington, after US President Donald Trump said Indian goods would face steep tariffs and New Delhi would be penalised for purchases of Russian weapons and energy. Months of trade negotiations between India and the United States have failed to seal a deal, with sticking points including Trump's sweeping demands and New Delhi's reluctance to fully open its agricultural and dairy sectors. Two days before Trump's August 1 tariffs deadline, the US president announced that imports from India would be hit with a 25 per cent tariff. The Indian government said it had "taken note" of Trump's announcement and was "studying its implications". "India and the US have been engaged in negotiations on concluding a fair, balanced and mutually beneficial bilateral trade agreement over the last few months. We remain committed to that objective," it said in a statement, also noting that it was determined to protect the welfare of Indian farmers and entrepreneurs. "The Government will take all steps necessary to secure our national interest, as has been the case with other trade agreements including the latest Comprehensive Economic and Trade Agreement with the UK." - AFP
The Star
3 hours ago
- The Star
Thailand fireworks factory blast kills nine
The factory ignited around 11am in Mueang district of Suphan Buri province, north of Bangkok. - Photo: SUPHAN BURI PROVINCIAL PUBLIC RELATIONS OFFICE/Facebook BANGKOK: At least nine people died and two others were injured in a fireworks factory explosion in central Thailand on Wednesday (July 30), police told AFP, as officers continued to search for casualties. The factory ignited around 11am (0400 GMT) in Mueang district of Suphan Buri province, north of Bangkok, where images shared by a rescue group showed a charred building reduced to rubble. Thai police said nine people were confirmed dead -- up from an earlier toll of four -- and two others were being treated at a nearby hospital. "We are trying to identify the cause of the blast," local police chief Wanchai Khaoram told AFP. Factory fires are common in Thailand, where enforcement of safety regulations remain weak. Last year, an explosion at another firework factory in the same province killed at least 23 people. - AFP
The Star
3 hours ago
- The Star
Google to invest $6 billion in southern India data centre, sources say
FILE PHOTO: A logo of Google is seen on its office building in Hyderabad, India, January 29, 2024. REUTERS/Francis Mascarenhas/File Photo SINGAPORE (Reuters) -Google will invest $6 billion to develop a 1-gigawatt data centre and its power infrastructure in the southern Indian state of Andhra Pradesh in the Alphabet unit's first such investment in India, government sources said on Wednesday. Due to be built in the port city of Visakhapatnam, the data centre investment includes $2 billion in renewable energy capacity that will be used to power the facility, two Andhra Pradesh government sources with direct knowledge of the matter told Reuters. The search giant's data centre will be the largest in capacity and investment size in Asia and is part a multi-billion-dollar expansion of its data centre portfolio across the region in countries including Singapore, Malaysia and Thailand. In April, Alphabet said it was still committed to spending some $75 billion this year to build data centre capacity despite the economic uncertainty resulting from U.S. President Donald Trump's global tariff offensive. Alphabet did not immediately respond to Reuters' request for comment. Andhra Pradesh's information technology minister Nara Lokesh, who is in Singapore to discuss investments with thegovernment and business leaders there, did not comment on the Google investment. "We've made certain announcements like Sify, which are public," he said, referring to a 550-MW data centre Sify Technologies plans to build in the state. "There are certain announcements which are not yet public. In October, we will make those announcements." STATE'S POST-SPLIT INVESTMENT DRIVE Andhra Pradesh, a state run by a leading ally of India's Prime Minister Narendra Modi, was split into two in 2014, losing its former capital Hyderabad and a major revenue source to the newly created Telangana state. Andhra Pradesh has since been looking to attract investments to ease the financial strains of high debt and social spending. Lokesh said Andhra Pradesh has already been able to finalise investments in data centres with total capacity of 1.6 GW, adding that it aims to build 6 GW of data centres over the next five years from nearly zero currently. He expects the initial 1.6 GW of already agreed data centres to be operational in the next 24 months. That would be more than the 1.4 GW currently in operation in the entire country, according to real estate consultancy Anarock. "We're also working on getting three cable landing stations in Visakhapatnam. We want to create enough of cable network, which will be two times what Mumbai has today," Lokesh said. Cable landing stations - typically located close to data centres requiring fast and reliable connections to global networks - are used to store equipment which receives and relays data from undersea cables. Lokesh also said the state was looking to build up energy infrastructure to meet sustainability requirements of data centres. He said he anticipated power generation capacity requirements of as much as 10 GW from the electricity-intensive industry over the next five years. "Majority will end up being actually green energy, and that's the unique value proposition that we bring to the table," he said. Some of the additional capacity will be coal-fired, however, as data centres require reliable, high volume power throughout the day, he added. (Reporting by Sudarshan Varadhan; Editing by Joe Bavier)
