So they bought $500 Vanilla Visa cards. Likely used these cards to buy more $500 Vanilla Visa cards. Then they requested refunds back to these cards from transactions that were not originally done using the card. Then they used those funds, likely to buy more Vanilla Visa cards.
I wonder what transactions were done that got put onto the cards. Maybe it was hacked data.
InComm issues pre-paid debit and credit cards under the “Vanilla VISA” brand to cardholders who use the cards to buy goods and services. Global is a financial data payment processor. Global provides its clients, primarily merchants, with payment technology hardware and software that allows them to accept card payments and to communicate electronically with card networks and card issuers. For example, when a Vanilla VISA cardholder makes a purchase from a merchant who is a client of Global, Global transmits the payment data it receives from the merchant to the VISA network, and the VISA network relays the data to the card issuer, InComm. In this case, thieves purchased Vanilla VISA pre-paid debit and credit cards and used them to buy goods and services. Then, using certain merchants that were not the merchants who originally sold the goods and services, the thieves initiated counterfeit electronic “reversal transactions” – basically requests for refunds on behalf of the cardholders. Upon receiving the reversal transaction data from the merchants, Global relayed the data to the VISA network. The VISA network then submitted the reversal transaction data to InComm. InComm received the data, posted the reversal transactions to the cardholder accounts, and then issued credits to the merchants who, in turn, passed the credits on to the thieves holding the Vanilla VISA cards. The thieves then converted those credits (in excess of $1.5 million made over 3,600 transactions) to their use.
https://caselaw.findlaw.com/court/ga-supreme-court/2069177.html
