Insights From Fraud Prevention Experts

"We need more data to catch fraud" is usually wrong. You need better questions. I once inherited a fraud team drowning in data: • 100+ insights per transaction • 6 different risk tools • Terabytes of historical data Their chargeback rate was 1.5%+ Six months later, with the same data but different questions, we hit 0.6%. Instead of asking "Is this transaction fraudulent?" We asked "Why would a fraudster choose us?" That revealed a lot.... • We had instant payouts (fraudster candy) • Our refund process was automated (easy to exploit) • New account benefits were stackable (hello, farming) The framework that cut fraud 75%: 1. Map your honeypots    What makes your business attractive to fraud?    List your top 10 fraudster benefits.     2. Price the exploit    Calculate the ROI for each attack vector.    Fraudsters are ROI-driven. Make their math not work.     3. Break the economics    Don't block the fraud. Make it unprofitable.    Add delays. Require deposits. Limit stacking. Example: We had fraudsters creating 50+ accounts for new user promos. Instead of better detection, we made promo codes single-use per payment method. Simple. But effective. Fraud farms started to disappear. You already have the data. You're just asking it the wrong questions. BD²¹

Being in the fraud prevention industry gives me an insider’s view of how fraud attacks work - including seeing new patterns emerge. Here are recent insights on how fraudsters are increasingly targeting people to take control of their bank accounts and initiate unauthorized wire transfers. 📞 The Phone Call Scam: Scammers exploit the vulnerability in PSTN to spoof caller IDs, making it seem like the call is coming from a trusted bank. A number of well-known VoIP providers make this possible. 🔓 Remote Access: Once they establish contact, scammers mention there is some suspicious activity or other important reason behind their call. They then persuade victims to install remote desktop applications like AnyDesk, or to turn on WhatsApp or Skype's screen sharing. This allows them to access banking apps and initiate transfers. This helps them to intercept login data and one-time passcodes. Banks also don't insure against such scams, leaving victims exposed. 🤖 AI in Voice Scams: Imagine combining voice recognition with GPT-based text-to-speech technology. Scammers scale their operations massively, this is a future risk we must prepare for now. So what proactive measures can banks and digital wallets take? 1. Customer Education: Many banks already do this; keeping their customers informed about official communication channels and the importance of calling back through their verified numbers. 2. One-Time Passcodes for Payments: OTPs aren’t just for logins but also useful for transactions, with detailed payment information included. 3. Being On a Call During Transactions: The top FinTechs are already looking into, or developing technology to detect if a customer is on a call (phone, WhatsApp, Skype) during banking activities. 4. Detect Remote Access: Implement detection mechanisms for any remote access protocol usage during banking sessions. 5. Behavior and Velocity-Based Rules: Sophisticated monitoring should be used to flag activities in real-time based on unusual behaviour and transaction speed. 6. Device, Browser, and Proxy Monitoring: This is a quick win, as there are many technologies available to flag unusual devices, browsers, and proxy usage that deviates from the customer's norm. 7. Multiple Users on Same Device/IP: Ability to identify and flag multiple customers who are using the same device or IP address in one way to detect bots. 8. Monitoring Bank Drops and Crypto Exchanges: Pay special attention to transactions involving neobanks, crypto exchanges, or other out-of-norm receiving parties, to identify potential fraud. Some of them might not ask for ID and even if they do, it can be easily faked with photoshopped templates. Hope you find that useful, and in the meantime, I’d love to hear what other emerging threats you’ve seen or heard of. Fostering these open conversations is what enables us all to unite together against combating fraud 👊 #FraudPrevention #CyberSecurity #DigitalBanking #ScamAwareness #AIinFraudDetection

What if I told you there are entire YouTube channels and Twitch streaming groups dedicated to teaching people how to defraud businesses? As a Senior Risk Intelligence Analyst at Signifyd, Vito is part of a Risk Intelligence (RI) team that's constantly monitoring the evolving landscape of fraud tactics. Recently, our RI team observed some troubling trends that are reshaping the way we think about fraud prevention. First, there's an alarming proliferation of scam "playbooks" on popular social media platforms. These aren't hidden in dark corners of the web; they're openly shared and celebrated on YouTube, Facebook, and Instagram. We've seen how quickly these tactics can spread, like the recent Citibank incident where people attempted to exploit a perceived loophole in checking accounts. Secondly, peoples' increasing willingness to share data with third parties is inadvertently fueling fraud. As we provide more information about ourselves online, we're expanding the pool of data available for bad actors to exploit. Perhaps most concerning is the rise of first-party fraud, often misleadingly called "friendly fraud." This isn't just about supply chain issues causing legitimate disputes. We're seeing a growing disillusionment among typically law-abiding citizens who are rationalizing fraudulent behavior against large corporations. These trends point to a significant increase in fraud pressure, potentially even beyond the 19% rise we've observed. As fraud fighters, we must stay vigilant and adaptive in our strategies to protect both businesses and consumers in this rapidly changing environment.

In today’s fintech world: Fraud Protection = Trust = Growth 📚 After catching up on the latest fintech research and news, from Evercore’s “Back to the Future” to company-level updates, fraud prevention is emerging not only as a defensive necessity but as an offensive differentiator. Fraud protection, done right, is doing a lot of heavy lifting: 💡Revenue generator (VAS, anyone?) 💡Product differentiator (looking at you, Affirm and Adyen) 💡Conversion enhancer (fraud filter = approval booster) 💡Brand builder (trust = scalability) 💡Inclusion enabler (especially in underbanked segments) 🔍 Visa and Mastercard are turning fraud prevention into premium real estate in their value-added services stack- complete with AI-based anomaly detection and behavioral biometrics. 🔍 Adyen’s risk engine doesn’t just stop fraud- it enhances conversion. Affirm bakes fraud scoring into credit risk itself. 🔍 Block and PayPal are leaning into AI-driven tools to protect the most vulnerable users- micro-merchants and lower-income consumers. So yes, fraud is costly. But more interestingly, it’s strategic. Fintechs that treat fraud as a core product function build deeper moats, stronger brands, and more resilient business models. #Fintech #FraudPrevention #TrustAndSafety #Payments #FinancialInclusion #TechStrategy #Innovation

Fraud actors pose a major threat to government programs, but there are government fraud fighting #success stories. Across government, federal agencies are employing data and technology to fight fraud. One example: U.S. Small Business Administration. Actions SBA has taken in recent years to protect your tax dollars from fraud: 1) In response to the fraud risks heightened by COVID-19, SBA proactively strengthened fraud prevention within its disaster programs through collaborative efforts with other federal agencies. This coordinated approach focuses on early detection and information sharing, reinforcing program integrity and prioritizing prevention over recovery. 2) In 2023, SBA updated its loan servicing system to screen new borrowers against its population of PPP and COVID EIDL loans flagged as likely fraudulent, automatically halting matched loans for review. Following review, more than half of the loans are denied, resulting in significant cost avoidance on potentially fraudulent new loans for the government. 3) Using a range of tools, including pioneering artificial intelligence, the SBA successfully prevented 21.3 million fraudulent applications for pandemic relief, safeguarding $511 billion in funds across its four largest pandemic programs. This effort targeted duplicate applications, ineligible submissions, and attempted fraudulent activities. 4) Since 2020, the SBA has facilitated the recovery of $30 billion through law enforcement actions, asset seizures, voluntary borrower repayments, and returns from financial institutions. 5) SBA created a COVID-19 fraud enforcement taskforce and established a cross-functional team of expert SBA personnel that assists in designing and implementing policies and strategies to prevent, detect, and address fraud risks enterprise-wide. These proactive efforts across government must be celebrated and expanded if fraud, waste and abuse are a chief concern. #DOGE #fraudprevention #dataanalytics #AI