Best Practices for Detecting Fraud

Being in the fraud prevention industry gives me an insider’s view of how fraud attacks work - including seeing new patterns emerge. Here are recent insights on how fraudsters are increasingly targeting people to take control of their bank accounts and initiate unauthorized wire transfers. 📞 The Phone Call Scam: Scammers exploit the vulnerability in PSTN to spoof caller IDs, making it seem like the call is coming from a trusted bank. A number of well-known VoIP providers make this possible. 🔓 Remote Access: Once they establish contact, scammers mention there is some suspicious activity or other important reason behind their call. They then persuade victims to install remote desktop applications like AnyDesk, or to turn on WhatsApp or Skype's screen sharing. This allows them to access banking apps and initiate transfers. This helps them to intercept login data and one-time passcodes. Banks also don't insure against such scams, leaving victims exposed. 🤖 AI in Voice Scams: Imagine combining voice recognition with GPT-based text-to-speech technology. Scammers scale their operations massively, this is a future risk we must prepare for now. So what proactive measures can banks and digital wallets take? 1. Customer Education: Many banks already do this; keeping their customers informed about official communication channels and the importance of calling back through their verified numbers. 2. One-Time Passcodes for Payments: OTPs aren’t just for logins but also useful for transactions, with detailed payment information included. 3. Being On a Call During Transactions: The top FinTechs are already looking into, or developing technology to detect if a customer is on a call (phone, WhatsApp, Skype) during banking activities. 4. Detect Remote Access: Implement detection mechanisms for any remote access protocol usage during banking sessions. 5. Behavior and Velocity-Based Rules: Sophisticated monitoring should be used to flag activities in real-time based on unusual behaviour and transaction speed. 6. Device, Browser, and Proxy Monitoring: This is a quick win, as there are many technologies available to flag unusual devices, browsers, and proxy usage that deviates from the customer's norm. 7. Multiple Users on Same Device/IP: Ability to identify and flag multiple customers who are using the same device or IP address in one way to detect bots. 8. Monitoring Bank Drops and Crypto Exchanges: Pay special attention to transactions involving neobanks, crypto exchanges, or other out-of-norm receiving parties, to identify potential fraud. Some of them might not ask for ID and even if they do, it can be easily faked with photoshopped templates. Hope you find that useful, and in the meantime, I’d love to hear what other emerging threats you’ve seen or heard of. Fostering these open conversations is what enables us all to unite together against combating fraud 👊 #FraudPrevention #CyberSecurity #DigitalBanking #ScamAwareness #AIinFraudDetection

Some 🚩 to monitor when you're done onboarding and underwriting a new customer: 1. Business location marked as "permanently closed" on Google Maps but still processing payments (saw this lead to $250K in losses at a previous company) 🏚 2. Sudden drop in review ratings (e.g., consistent 4-5 stars suddenly becoming 1-2 stars) ⭐ 3. Reviews abruptly stop but transaction volume continues or increases 🔇 4. Unusual refund patterns that don't align with business seasonality 💸 5. Chargeback rates creeping up, especially when chargebacks cite "service not received" 📈 6. Adverse media mentions or consumer complaints appearing online 📰 7. Undisclosed change in business ownership or management structure 👥 8. Aggressive attempts to increase processing limits immediately after probationary period ends 💳 9. Urgent requests for instant payouts shortly after account creation ⚡ 10. Multiple bank account changes for payouts within short timeframes 🏦 Trust me, the most sophisticated fraudsters are patient. They'll maintain perfect behavior during the ramp up period, then dramatically change operations once they think you're not watching 👀 Continuous, ongoing monitoring of these signs (we've just scratched the surface!) is the best way to combat these fraudsters 🚀

Many people think being overly stringent with upfront identity checks will reduce fraud. After a decade of building advanced fraud prevention strategies, I'm here to tell you that many people are wrong. I know it's counterintuitive, but let me explain: When institutions make their onboarding processes overly strict (i.e. requiring extensive documentation and multiple verifications), they gain a false sense of security. They assume these rigorous checks eliminate fraud risks and often let their guard down once users are onboarded. Fraudsters exploit this confidence by learning and bypassing the rules upfront, gaining access, and wreaking havoc from the inside. The better approach? ▪️ Don’t front-load all your checks. ▪️ Create the least amount of friction for each stage of risk. ▪️ Continuously monitor user behavior throughout their lifecycle. ▪️ Add step-ups as risk scores dictate. It forces you to stay vigilant, and it produces better outcomes.

This article highlights a St. Louis federal court indicted 14 North Korean nationals for allegedly using false identities to secure remote IT jobs at U.S. companies and nonprofits. Working through DPRK-controlled firms in China and Russia, the suspects are accused of violating U.S. sanctions and committing crimes such as wire fraud, money laundering, and identity theft. Their actions involved masking their true nationalities and locations to gain unauthorized access and financial benefits. To prevent similar schemes from affecting you businesses, we recommend a multi-layered approach to security, recruitment, and compliance practices. Below are key measures: 1. Enhanced Recruitment and Background Verification - Identity Verification: Implement strict verification procedures, including checking legal identification and performing background and reference checks. Geolocation Monitoring: Use tools to verify candidates’ actual geographic locations. Require in-person interviews for critical roles. - Portfolio Validation: Request verifiable references and cross-check submitted credentials or work samples with previous employers. - Deepfake Detection Tools: Analyze video interviews for signs of deepfake manipulation, such as unnatural facial movements, mismatched audio-visual syncing, or artifacts in the video. - Vendor Assessments: Conduct due diligence on contractors, especially in IT services, to ensure they comply with sanctions and security requirements. 2. Cybersecurity and Fraud Prevention - Access Control: Limit access to sensitive data and systems based on job roles and implement zero-trust security principles. - Network Monitoring: Monitor for suspicious activity, such as access from IPs associated with VPNs or high-risk countries. - Two-Factor Authentication (2FA): Enforce 2FA for all employee accounts to secure logins and prevent unauthorized access. - Device Management: Require company-issued devices with endpoint protection for remote work to prevent external control. - AI and Behavioral Analytics: Monitor employee behavior for anomalies such as unusual working hours, repeated access to restricted data, or large data downloads. 3. Employee Training and Incident Response - Cybersecurity Awareness: Regularly train employees on recognizing phishing, social engineering, and fraud attempts, using simulations to enhance awareness of emerging threats like deepfakes. - Incident Management and Reporting: Develop a clear plan to handle cybersecurity or fraud incidents, including internal investigations and containment protocols. - Cross-Functional Drills and Communication: Conduct company-wide simulations to test response plans and promote a culture of security through leadership-driven initiatives. #Cybersecurity #HumanResources #Deepfake #Recruiting #InsiderThreats

Here's how Stripe detects frauds with a 99.9% accuracy in 100 milliseconds (that too by checking over 1000 parameters for one transaction) Fraud detection in online payments isn’t just about stopping bad transactions it’s about doing it fast, at scale, and without blocking legitimate users. Stripe’s fraud prevention system, Radar, evaluates 1,000+ signals within 100 milliseconds to make decisions. Here’s how it works and why it’s so effective: 1. ML Models That Learn and Scale Stripe started with simple ML models (logistic regression) but quickly scaled to hybrid architectures combining: –XGBoost for memorization (catching known patterns). –Deep Neural Networks (DNNs) for generalization (handling unseen patterns). –Key Problem: XGBoost couldn’t scale or integrate modern ML techniques like transfer learning and embeddings. –The Solution: Stripe moved to a multi-branch DNN-only architecture inspired by ResNeXt. This setup allowed it to memorize patterns while staying scalable. It reduced training times by 85%, enabling multiple experiments in a single day instead of overnight runs. 2. Learning From Real Fraud Patterns Radar doesn’t just rely on static rules, it learns from data across Stripe’s network. –Engineers analyze fraud attacks in detail, e.g., patterns of disposable emails or repeated card testing. –Features like IP clustering and velocity checks were added to detect suspicious activity. –Fraud insights are shared across the network, so lessons learned from one business protect others automatically. Example: Analyzing IP patterns helped detect high-volume attacks where fraudsters used multiple stolen cards from the same source. 3. Scaling With More Data, Not Just Smarter Models Stripe realized that more training data could unlock better performance, similar to modern LLMs like GPT models. It tested scaling datasets by 10x and 100x. Result? Performance kept improving, confirming that larger datasets and faster training cycles work better than complex rules alone. Key Insight: Bigger datasets help uncover rare fraud cases, even if they occur in only 0.1% of transactions. 4. Explaining Fraud Decisions Clearly Fraud systems often act like black boxes, leaving businesses guessing why a payment failed. Stripe built Risk Insights to provide clear explanations: –Shows features contributing to fraud scores like mismatched billing and shipping addresses. –Displays maps and transaction histories for visual context. –Enables custom rules to fine-tune fraud checks for specific business needs. Result: Businesses trust Radar’s decisions because they can see why a payment was flagged. 5. Constant Adaptation to Stay Ahead Fraud patterns evolve, so Stripe built Radar to adapt in real time: Uses transfer learning and multi-task learning to generalize better. Incorporates insights from the dark web and emerging fraud tactics. Continuously retrains models without disrupting performance.

Welcome to 𝐓𝐡𝐞 𝐏𝐚𝐲𝐦𝐞𝐧𝐭𝐬 𝐀𝐜𝐚𝐝𝐞𝐦𝐲 by Checkout.com — Episode 6 👋 𝐓𝐡𝐞 𝐓𝐲𝐩𝐞𝐬 𝐨𝐟 𝐅𝐫𝐚𝐮𝐝 𝐢𝐧 𝐏𝐚𝐲𝐦𝐞𝐧𝐭𝐬: ► Fraud in payments is a growing challenge for merchants, issuers, and payment processors. Fraudulent transactions not only cause financial losses but also damage a merchant’s reputation ► To combat fraud effectively, businesses must leverage fraud detection tools, authentication techniques, and dispute management strategies to stay ahead of bad actors while maintaining a seamless customer experience — 𝐓𝐡𝐞 𝐓𝐲𝐩𝐞𝐬 𝐨𝐟 𝐅𝐫𝐚𝐮𝐝 & 𝐄𝐱𝐚𝐦𝐩𝐥𝐞𝐬 ► 3-𝐏𝐚𝐫𝐭𝐲 𝐅𝐫𝐚𝐮𝐝 – This occurs when a fraudster uses stolen card details to make purchases. ► 𝐅𝐫𝐢𝐞𝐧𝐝𝐥𝐲 𝐅𝐫𝐚𝐮𝐝 – A cardholder disputes a legitimate transaction, either by mistake or to reverse a purchase. ► 𝐆𝐨𝐨𝐝 𝐅𝐚𝐢𝐭𝐡 𝐏𝐚𝐲𝐦𝐞𝐧𝐭 𝐃𝐢𝐬𝐩𝐮𝐭𝐞𝐬 – The customer disputes a payment due to issues with product quality or fulfillment. Fraud prevention strategies must be tailored to identify, assess, and respond to these types of fraud in real time. — 𝐓𝐡𝐞 𝐏𝐫𝐨𝐜𝐞𝐬𝐬: 𝐂𝐮𝐭𝐭𝐢𝐧𝐠 𝐃𝐨𝐰𝐧 𝐨𝐧 𝐂𝐚𝐫𝐝 𝐅𝐫𝐚𝐮𝐝 1️⃣ 𝐅𝐫𝐚𝐮𝐝 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐄𝐧𝐠𝐢𝐧𝐞𝐬 – These tools analyze transaction data (e.g., IP addresses, device data...) to assess fraud risks. 2️⃣ 3𝐃 𝐒𝐞𝐜𝐮𝐫𝐞 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧 – Adds an extra layer of protection by requiring customer verification for high-risk transactions. 3️⃣ 𝐌𝐚𝐜𝐡𝐢𝐧𝐞 𝐋𝐞𝐚𝐫𝐧𝐢𝐧𝐠 & 𝐀𝐈 – Predicts fraud patterns based on historical transactions and behavioral analytics. 4️⃣ 𝐓𝐨𝐤𝐞𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧 – Converts sensitive payment data into tokens, reducing the risk of stolen card details being misused. 5️⃣ 𝐂𝐡𝐚𝐫𝐠𝐞𝐛𝐚𝐜𝐤 𝐏𝐫𝐞𝐯𝐞𝐧𝐭𝐢𝐨𝐧 – Strategies like real-time alerts and clear billing descriptors — 𝐓𝐡𝐞 𝐃𝐚𝐭𝐚: 𝐊𝐞𝐲 𝐃𝐚𝐭𝐚 𝐏𝐨𝐢𝐧𝐭𝐬 𝐭𝐨 𝐑𝐞𝐝𝐮𝐜𝐞 𝐅𝐫𝐚𝐮𝐝 Fraud detection relies on rich transaction data to identify suspicious activity and block fraudulent payments: ► Customer Name – Verifies the cardholder’s identity and checks for patterns of fraudulent behavior (e.g., fake names...). ► IP Address – Flags transactions from high-risk regions or locations inconsistent with the customer’s normal behavior. ► Billing Address – Used for Address Verification System (AVS) checks to confirm that the billing address matches the cardholder’s bank records. ► Delivery Address – Helps detect fraudulent transactions by assessing mismatched shipping details. ► Email Address – Identifies fraud patterns, such as disposable email addresses or emails associated with prior chargebacks. Providing complete and accurate data in payment requests enhances fraud detection and reduces false declines, improving both security and conversion rates. —— Source: Checkout.com x Connecting the dots in payments... ► Sign up to 𝐓𝐡𝐞 𝐏𝐚𝐲𝐦𝐞𝐧𝐭𝐬 𝐁𝐫𝐞𝐰𝐬 : https://lnkd.in/g5cDhnjC ► Connecting the dots in payments... and Marcel van Oost