Advertisement

SOE hires crime fighting gnomes to fend off credit card worms

Brooke Pilley
Updated ·7 min read

Online credit card fraud is big business and even MMORPGs aren't safe from it's far reach. We recently had a chance to sit down with Executive Director of Global Customer Service, Brad Wilcox, and discuss how SOE is dealing with gold selling and power-leveling services for their games. They are taking this war so seriously that they have put all transactional business under keen gnomish scrutiny.

Can you tell us how this fraud prevention task force came to be?

Brad Wilcox: Since the inception of EQ1, we always had components of a fraud prevention team. These were game masters and individuals tasked with looking at the game economy and making sure that people weren't exploiting. Since September 2007, we started to see a big increase in fraudulent activity in regards to stolen credit cards. That is when it was decided to put a few more resources specifically related to the fraud that was happening with accounts and subs being created with these stolen credit cards. That's when we formed what we call the NUGIT team, which stands for Norrathian Underground Gnome Investigation Team. As you can tell by the name, our employees enjoy having as much fun on the back end as we do on the front end of these games


As you start experimenting more with the RMT business model, does this make your team even more important than it used to be?

Brad Wilcox: I guess you could say that it definitely is. The NUGIT team and our other tools look at all orders. It doesn't matter if it's a subscription or if it's purchasing something off the Station store or even a Legends of Norrath booster pack. More transactions and more services mean more opportunities for fraud. We will continue to have the possibilities of fraud on the table in the early stages of any new service or offering, and be there as fly on the wall, watching the transactions.

Does the team use custom tools or software that constantly keeps an eye out for shady behavior?

Brad Wilcox: About the same time that we formed the NUGIT team, we were working closely with our development platform teams to create systematic ways to reduce fraud. Things like Verified by Visa (tm), system checks, velocity checks, logs, triggers, etc. There are two aspects of it. We want to stop these fraudsters from getting into the game, but while they're in the game, we want to collect the info and data to get them out of the game as well. This is also the team that investigates and responds to in-game petitions in regards to botters, farmers, and spammers.

What SOE products are currently overseen by this task force and how many accounts have you banned so far?

Brad Wilcox: The NUGIT team oversees all our products. We really started tracking what the team was doing in January 2008. From Jan 2008 to present, we're up to 239,000 accounts that have been banned. This is a very organized operation. As the NUGIT team investigates individuals, they will find a whole tree of individuals. Money and items will pass from person to person or character to character or account to account. We have even discovered entire guilds dedicated to farming and botting. It is their business to make a profit from our games, so we've had to make it our business to stop them.

This sounds a lot like organized crime.

Brad Wilcox: It's exactly like organized crime. It's a matter of following the money and seeing where it goes. That's why it can take so much time. They will try to move the money and items around so that you can't find them. We do what we call our own sting operations where we may have a player that will report a botter in a certain area and then the player will get mad that the botter is still there an hour later. We know the botter is still there. We don't want to kick him out of the game and ban them on the spot because we want to see where the botter sends their stuff. We can then nab a bunch of accounts rather than just one.

One of the things I find interesting is just how organized they really are. We see four different types of characters or accounts created. The first one is the actual "farmer" or "botter" who is there to put a lot of time into those chars so they are able to get into the sweet farm spots for the most lucrative loot. Those accounts transfer all their stuff to "mule" accounts that are simply there to hold loot secretly so that no-one knows where they're at. The third account is the "deliverer," who transfers the goods to the customer. The last one is the "spammer" that are typically throw-away accounts because they know they'll get shut down quickly. They are the ones advertising where to get your gold or power-leveling.

Are these people always adjusting and adapting and how do you keep up them?

Brad Wilcox: We see them changing their methods constantly. We don't want to say too much because we don't want to give away what we can do and what we track, but one example is that if someone is going to buy 1000 gold in a game, very rarely do they just buy and go get the gold. That's something these companies know we can easily track. Instead of just sending or trading it, they'll ask customers to go put a root up on the broker and make it sell for a thousand gold. It's a way they try to hide it in a different manner.

Do you think it's possible to eliminate MMO fraud and cheating completely?

Brad Wilcox: I don't actually think we'll ever be able to eliminate it because customers utilize their services. It's that age-old debate that's happening in the MMO industry that whether or not gold selling or gold buying should be part of the game. As long as there are people out there buying the gold or power-leveling their characters, I'm sure they will be in existence. I look at it as being our job to make it as difficult as possible. At the same time, we want to make it have a minimal impact on our paying customers that hate it with a passion.

Some people think it may be advantageous for MMO devs to ban these accounts because they will simply register more accounts, pay more monthly subs, and buy new boxes. Is that argument valid?

Brad Wilcox: It's two-fold. There is definitely the issue where they are using fraudulent credit cards. We'll get calls from a grandmother from Wisconsin asking what the heck EQ2 is and why do I have $15,000 charged to my credit card? We don't consider them customers. They're there to fraud us out. The second issue is they are using credit card numbers they have received from their own customers. We have an enormous amount of these cases where all of a sudden good paying customers who have been our customers for 5-6 years who have used one of these services have had their credit card stolen. We will find one valid account and then 15 other accounts that are registered to their card. Finally, it just creates an overall lower entertainment value in the game. We get many tickets every day from people complaining about farmers, botters and spammer. It's not just the financial aspects of chargebacks and credit card fraud.