book

Practical Fraud Prevention

by Gilit Saporta, Shoshana Maraney

March 2022

Beginner

394 pages

12h 39m

English

O'Reilly Media, Inc.

Audiobook available

Read now

Unlock full access

Foreword
Preface
Introduction to Practical Fraud PreventionHow to Read This BookWho Should Read This Book?Conventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
I. Introduction to Fraud Analytics
1. Fraudster Traits
Impersonation TechniquesDeception TechniquesSocial EngineeringThe Dark WebFraud Rings/LinkingVolatilityCard and Account TestingAbuse Versus FraudMoney Laundering and Compliance ViolationsSummary
2. Fraudster Archetypes
Amateur FraudsterCookie-Cutter FraudsterGig Economy FraudsterPsychological FraudsterProduct-Savvy FraudsterTech-Savvy FraudsterBot GeneratorHackerOrganized Crime FraudsterDistinction Between Organized Crime and Cookie-Cutter FraudstersSmall But Organized CrimeFriendly FraudsterPop QuizSummary
3. Fraud Analysis Fundamentals
Thinking Like a FraudsterA Professional Approach to FraudTreat Categories with CautionAccount Versus TransactionThe Delicate Balance Between Blocking Fraud and Avoiding FrictionProfit MarginsMaintaining Dynamic TensionThe Psychological CostTiers of TrustAnomaly DetectionPractical Anomaly Detection: Density Case StudyCrises: Planning and ResponseEconomic Stress Affects Consumers’ Situations—and DecisionsPrepare for Shifts in User BehaviorsInterdepartmental Communication and CollaborationFriendly FraudSummary
4. Fraud Prevention Evaluation and Investment
Types of Fraud Prevention SolutionsRules EnginesMachine LearningHybrid SystemsData Enrichment ToolsConsortium ModelBuilding a Research Analytics TeamCollaborating with Customer SupportMeasuring Loss and ImpactJustifying the Cost of Fraud Prevention InvestmentInterdepartmental RelationsData Analysis StrategyFraud Tech StrategyData Privacy ConsiderationsIdentifying and Combating New Threats Without Undue FrictionKeeping Up with New Fraud-Fighting ToolsSummary
5. Machine Learning and Fraud Modeling
Advantages of Machine LearningThe Challenges of Machine Learning in Fraud PreventionRelative Paucity of DataDelayed Feedback and OverfittingThe Labeled Data DifficultyIntelligent AdversaryExplainability, Ethics, and BiasDynamic Policies and the Merits of Story-Based ModelsData Scientists and Domain Experts: Best Practices for a Fruitful CollaborationWorking Well TogetherPopular Machine Learning ApproachesAccuracy Versus Explainability and PredictabilityClassification Versus ClusteringSummary
II. Ecommerce Fraud Analytics
6. Stolen Credit Card Fraud
Defining Stolen Credit Card FraudModus OperandiIdentificationMismatched IPRepeat Offender IPNonunique IPsMasked IPWarning: The Reliability of IP Analysis May Vary Depending on LocaleMitigationExample 1: Using IP Geolocation to Identify Legitimate Hotel IPsExample 2: Using IP Traffic Trends to Identify Fake-Hotel IPsExample 3: Using Hierarchy in Variable DesignUsing Hierarchy in IP Typology Variable DesignSummary

7. Address Manipulation and Mules
So Many Different Ways to StealPhysical Interception of Package: Porch PiracyPhysical Interception of Package: Convince the CourierSend Package to a Convenient Location: Open House for FraudSend Package to a Convenient Location: ReshippersRemote Interception of Package: Convince Customer SupportRemote Interception of Package: AVS ManipulationMule Interception of PackageMore Advanced: Adding an Address to the CardMore Advanced: Adding an Address to Data Enrichment ServicesMore Advanced: Dropshipping Direct/TriangulationIdentification and MitigationOpen HouseMulesReshippersSummary
8. BORIS and BOPIS Fraud
Identification and MitigationPickup and Return: Educating Employees Outside Your DepartmentPolicy Decisions: Part of Fraud PreventionOnline Identification and MitigationSummary
9. Digital Goods and Cryptocurrency Fraud
Definition and Fraudster MOTicketing FraudGift Card FraudSocial EngineeringIdentification and MitigationSummary
10. First-Party Fraud (aka Friendly Fraud) and Refund Fraud
Types of Friendly FraudGenuine MistakeFamily FraudBuyer’s Remorse, Customer Resentment, and Mens ReaFraud Versus AbuseThe Tendency to Tolerate AbuseReseller AbuseRefund FraudIdentification and MitigationIdentificationMitigationSummary
III. Consumer Banking Fraud Analytics
11. Banking Fraud Prevention: Wider Context
Differences Between Banking and EcommerceThe Context of CybercrimeSocial Engineering in BankingA Note on PerspectiveDeepfakes: A Word of WarningSummary
12. Online Account Opening Fraud
False Accounts: ContextIdentification and MitigationAsking Questions, Mapping the StoryDocument VerificationCustomer PersonasData RetentionSummary
13. Account Takeover
ATO: Fueled by Stolen DataThe Attack Stages of ATOThe Advantages of ATOOverlay AttacksIdentification and MitigationBiometricsMultifactor AuthenticationDevice FingerprintingNetwork ContextCustomer KnowledgeDynamic FrictionExample: Identifying a Trusted SessionSummary
14. Common Malware Attacks
Types of Malware AttacksAs Part of Phishing AttacksMalware with Social EngineeringIdentification and MitigationCollaboration Is KeyAnomaly DetectionSummary
15. Identity Theft and Synthetic Identities
How Identity Fraud WorksIdentification and MitigationLinkingCollaborationSummary
16. Credit and Lending Fraud
Nonprofessional Fraudsters Engaging in Credit and Lending FraudProfessional Fraudsters and Credit and Lending FraudBuy Now Pay Later FraudIdentification and MitigationSummary
IV. Marketplace Fraud
17. Marketplace Attacks: Collusion and Exit
Types of Collusion AttacksMoney LaunderingFeedback Padding and ScamsIncentives and Refund AbuseSelling Illegal GoodsThe Gig Economy of FraudIdentification and MitigationWhy Proximity Is Different in MarketplacesThinking Beyond Immediate Fraud PreventionSummary
18. Marketplace Attacks: Seller Fraud
Types of Seller FraudSeller Slipup Segues into FraudScamsDubious GoodsIdentification and MitigationSeller Slipup Segues into FraudScamsDubious GoodsSummary
V. AML and Compliance Analytics
19. Anti–Money Laundering and Compliance: Wider Context
AML Challenges and AdvantagesSummary
20. Shell Payments: Criminal and Terrorist Screening
How Shell Payments WorkIdentification and MitigationCriminal and Terrorist ScreeningSummary
21. Prohibited Items
Identification and MitigationSummary
22. Cryptocurrency Money Laundering
Cryptocurrency: More Regulated Than You Think, and Likely to Become More SoThe Challenge of Cryptocurrency Money LaunderingIdentification and MitigationKYC: Combating Money Laundering from the StartBeyond KYCSummary
23. Adtech Fraud
The Ultimate Money MakerBeyond Bot Detection: Looking into Invisible AdsBot Identification in Adtech and BeyondSummary
24. Fraud, Fraud Prevention, and the Future
Collaboration in the Era of “The New Normal”
Index
About the Authors

Content preview from Practical Fraud Prevention

Chapter 13. Account Takeover

All of me, why not take all of me…

Gerald Marks and Seymour Simons¹

We’ve mentioned account takeover (ATO) so many times already in this book that it’s a relief to arrive at the chapter where we can really dive in! We saved it for this part of the book because while ATO is a common attack method against all industries, it’s both particularly serious and, via social engineering and malware, particularly common in banking.

The reason ATO has come up so often already, of course, is because it’s such a prominent attack tool in the fraudster toolbox. Gaining access to a victim’s account opens up a huge range of possibilities for a creative fraudster. For this reason, though it’s often an end in itself—meaning ATO is carried out solely to facilitate fraudulent transactions—it’s also sometimes simply one step in a more complex plan that may involve many different fraudster tactics. This is especially true with ATO attacks against banks, but it can happen in ecommerce stores and marketplaces as well.

Note

This chapter is about account takeover, which occurs when a fraudster hacks into an account and starts to leverage it; it’s not about account handover, which occurs when a previously respectable account is handed over voluntarily to a fraudster, usually either after a period of account aging or as a way to cash out a little before declaring bankruptcy. Account handover can cause considerable chaos, particularly in terms of money laundering but also on online ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Defensive Security Handbook, 2nd Edition

Lee Brotherston, Amanda Berlin, William F. Reyor

Fraud Analytics Using Descriptive, Predictive, and Social Network Techniques: A Guide to Data Science for Fraud Detection

Bart Baesens, Veronique Van Vlasselaer, Wouter Verbeke

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition

Mike Chapple, James Michael Stewart, Darril Gibson

Learning Digital Identity

Phillip J. Windley

Publisher Resources

ISBN: 9781492093312Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Practical Fraud Prevention

by Gilit Saporta, Shoshana Maraney

Chapter 13. Account Takeover

Note

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.