Card fraud detection utilizing real-time identification of merchant test sites

What is claimed: 1. A computer-implemented method for detecting a test event involving a financial transaction device at an Internet website of a merchant, the test event being a likely fraudulent use of the financial transaction device, the merchant having a merchant profile, the merchant profile associated with a set of variables, the method comprising: receiving, from a first computing device controlling one or more financial services and over one or more financial channels, data associated with a transaction involving the financial transaction device, the transaction occurring at the Internet website of the merchant; retrieving, from a merchant profile store, the merchant profile for the merchant; retrieving, from a card profile store, a financial transaction device profile for the financial transaction device; determining whether the transaction is a test event by: calculating a score using the received data and the set of variables; and comparing the score to a threshold value; attaching a merchant probe flag to the merchant profile if the score exceeds the threshold value, the merchant probe flag indicating a likelihood that a test event has occurred at the Internet website of the merchant; and attaching, to the financial transaction profile, a probe flag associated with the financial transaction device to indicate that the financial transaction device has been involved in a test event in response to the merchant probe flag being attached to the merchant profile, the attaching of the probe flag causing a probe risk to be associated with the financial transaction device specifying a period of time that the financial transaction device is considered to remain at risk after the test event; receiving, from a second computing device controlling one or more financial services and over one or more financial channels, data associated with a second transaction involving the financial transaction device having the probe flag; retrieving, from the card profile store and in response to receiving the data associated with the second transaction, the financial transaction device profile for the financial transaction device; subjecting, in response to the financial transaction device profile for the financial transaction device having a probe flag, the second transaction and the financial transaction device to a specialized fraud scoring model, the specialized fraud scoring model separate from the fraud model applied to financial transactions associated with financial transaction devices that do not have the probe flag; blocking the second transaction from completing based on a fraud score using the specialized fraud scoring model satisfying a threshold value, and wherein the receiving, the calculating, the comparing, the attaching, the subjecting, and the blocking are performed by at least one processor. 2. The method of claim 1 , wherein the attaching of the probe flag associated with the financial transaction device occurs after the merchant probe flag is attached to the merchant profile. 3. The method of claim 2 , further comprising: executing, by at least one processor, a first scoring methodology when the probe flag indicates that the financial transaction device is in the probed state and a second scoring methodology when the probe flag indicates that the financial transaction device is in the unprobed state. 4. The method of claim 2 , further comprising: updating, by at least one processor, the probe risk associated with the financial transaction device. 5. The method of claim 4 , wherein the updating involves decrementing the probe risk after a predefined period of time or after a predefined number of transactions involving the financial transaction device. 6. The method of claim 4 , wherein the financial transaction device is associated with an event key representing the test event, and wherein the updating involves increasing the probe risk when at least a second financial transaction device having the same event key has been used fraudulently or has been involved in a transaction associated with a high fraud score. 7. The method of claim 1 , wherein the calculating uses a recursive transaction function to characterize behavior indicative of the test event. 8. The method of claim 7 , wherein the test event is a pattern of successive low dollar purchases. 9. The method of claim 1 , wherein the financial transaction device is a credit card, a debit card, or a smart phone configured to execute a financial transaction application. 10. The method of claim 1 , wherein the specialized fraud model is a specialized high risk neural network model, the specialized high risk neural network model configured to detect fraudulent transactions with greater accuracy than a low risk neural network model. 11. A computer program product comprising: a non-transitory storage medium readable by at least one processor and storing instructions for execution by the at least one processor for detecting a test event involving a financial transaction device at an Internet website of a merchant, the test event being a likely fraudulent use of the financial transaction device, the merchant having a merchant profile, the merchant profile associated with a set of variables, the instructions comprising: receiving data associated with a transaction involving the financial transaction device, the transaction occurring at the Internet website of the merchant; determining whether the transaction is a test event by: calculating a score using the received data and the set of variables; comparing the score to a threshold value; attaching a merchant probe flag to the merchant profile if the score exceeds the threshold value, the merchant probe flag indicating a likelihood that a test event has occurred at the Internet website of the merchant based on the score; and setting a probe flag associated with the financial transaction device to indicate that the financial transaction device has been involved in a test event in response to the merchant probe flag being attached to the merchant profile, the setting of the probe flag causing a probe risk to be associated with the financial transaction device specifying a period of time that the financial transaction device is consider to remain at risk after the test event; receiving data associated with a second transaction involving the financial transaction device having the probe flag; subjecting the second transaction and the financial transaction device having the probe flag to a specialized fraud scoring model, the specialized fraud scoring model separate from the fraud model applied to financial transactions associated with financial transaction devices that do not have the probe flag; and blocking the second transaction from completing based on a fraud score using the specialized fraud scoring model satisfying a threshold value. 12. The computer program product of claim 11 , wherein the setting occurs after the merchant probe flag is attached to the merchant profile. 13. The computer program product of claim 12 , the instructions further comprising executing a first scoring methodology when the probe flag indicates that the financial transaction device is in the probed state and a second scoring methodology when the probe flag indicates that the financial transaction device is in the unprobed state. 14. The computer program product of claim 12 , the instructions further comprising updating the probe risk associated with the financial transaction device. 15. The computer program product of claim 14 , wherein the updating involves decrementing the probe risk after a predefined peri