The Cybercrime Race – Will Fraudsters Always Remain One Step Ahead?
Posted April 14, 2016
Cybercrime has changed with the times. Phishing scams used to be fairly easy to spot for a savvy consumer on the lookout for fraud. “Click here to re-set your password.” “Just enter your account details and we’ll do the rest.” Banks in particular have done a good job raising awareness of how and why they communicate with users, along with the red-flags that should raise suspicion.
We are now entering murkier waters however, where the valuable loot of numerous data breaches is filtering through to the dark web and fraudsters are gaining the upper hand. Personal data is everywhere. Breaches are a regular fact of life and cybercriminals can now get their hands on more consumer data than some marketing departments. They’re starting to behave more like legitimate users than legitimate users are! Bank workers have even fallen victim to scams, proving how slick the world of cyber fraud has become.
Full and convincing user identities can be stitched together for mere dollars, meaning that fraudsters can create pitch-perfect social engineering attacks. Could a consumer really differentiate between a fraudster and their bank if the person on the end of the phone was able to validate all relevant personal credentials? Likewise, how could the bank know that the login attempt or new account application they received was fraudulent if all the standard authentication checks were cleared? Fraudsters not only have usernames and passwords at their disposal, they are also better at answering step-up questions than legitimate users. When businesses do have suspicions about a transaction, many of their existing methods of authentication are near useless.
To compound the problem, huge automated botnet attacks are now used to test the validity of stolen credentials before a direct attack. This automated traffic no longer looks like a huge brute force attack, battering at the gates of a WAF. Attacks are modified to just slip under the radar of rate controls, so they appear more and more like normal user traffic.
With the explosion of global digital businesses, organized fraud has followed suit, with knowledge sharing and attack patterns extending across dispersed geographies. Organizations are often in the dark as to the origination of attacks with fraudsters using VPNs, the TOR browser and other location spoofing techniques. Even if businesses are winning short-term battles against individual fraud attacks, they need to ensure that their security defenses stand up to global attacks.
Global businesses need a smarter approach to understand legitimate user behavior that goes beyond transaction velocity, static identity assessment methods, location characteristics or even verified usernames and passwords. After all, it’s no good constantly rejecting transactions from users simply because they are traveling to a different location, or buying from a new website. Neither can businesses assume that when a “user” logs on, it isn’t actually a fraudster in disguise. They need to take proactive steps to analyze behavior behind the transaction, using collective intelligence to predict fraud patterns of the future.
ThreatMetrix Smart Analytics have been developed in response to a demand from our customers to have the best possible insight into their user’s behavioral patterns, using this intelligence to better predict and detect future fraud.
Smart Analytics combines:
- Smart Rules behavioral analytics to accurately detect and analyze changes in user behavior. This approach identifies complex fraud patterns with high accuracy based on dynamic user behavior modeling.
- Smart Learning, a cognitive system that gives customers an effective, predictive model based on past behavior and transaction data. This clear-box approach to machine learning combines global intelligence from the ThreatMetrix Digital Identity Network with customer truth data to produce a more accurate model.
This combined approach to fraud analytics can give businesses the power to stay one step ahead of cybercrime by really leveraging accurate behavior patterns to produce better predictive models. Businesses can start to compete with fraudsters on a global scale with dynamic, proactive, and predictive security defenses.
When underpinned by global shared intelligence from the ThreatMetrix Digital Identity Network, businesses can be proactive in the fight against fraudsters.