Ai Editorial: Do you know fraudsters can be classified into 3 categories? Why mobile fraudsters take time in stealing? Find out answers to these and other interesting aspect of a fraudster’s functioning.
First Posted 29th March, 2021
The fear of unknown has got bigger.
This holds true in the realm of #cybersecurity, payment-related fraud and #databreaches, and specifically those behind it, be it for scammers or fraudsters – how they indulge in such illegitimate activities.
“(Expect a) different world out of #Covid and be prepared for it,” acc. to Forter’s Stuart Barwood, referring to what all fraudsters do to prepare and conduct their nefarious operations, be it for account takeover (ATP) fraud, debit or credit card fraud, any kind of identity theft or the new ones such as #Covidpassport theft!
It is fascinating to delve into the proficiency of fraudsters.
Explaining the same during a webinar late last year, Daniel Shkedi, Senior Product Marketing Manager at Forter mentioned that fraudsters broadly can be classified into three categories. These are:
- Experts/ professional category – Out of the whole pie, 10% of the fraud community belongs to this category. “They possess highly advanced skills, are capable of creating tools or malicious codes, provide fraud as a service and can be hired for a specific cyber or fraud attack),” mentioned Shkedi.
- Advanced level – These fraudsters have good technical skills, launch sophisticated attacks but unlikely to offer services.
- Newbies – This is the largest group of fraudsters. It includes sub-groups e. g. teenagers trying to get into fraud, people who are in a finance fix now etc.
It is imperative to delve into the same as fraudsters continue to evolve.
As Hubert Rachwalski von Rejchwald, CEO Nethone told Ai’s Ritesh Gupta in a recent interview, there is currently a big offensive among the most sophisticated and organized fraudsters to leverage more and more professional tools. “These days it’s actually becoming less about the manual setups and configurations organized by individual fraudsters. It has become a problem of dealing with sophisticated, sometimes ML-based, scalable solutions that were specifically designed for “frauding”,” he said. According to him, the barrier to entry to this space is merely having the financial resources to subscribe to these tools; there is less training needed, fraudsters just purchase access, generate credentials, go through basic configuration of parameters, and they’re ready to go. “And it’s difficult to detect these tools. In order to stand a chance in this fight, you need profiling capability that is able to recognize that you’re not dealing with a normal user, but instead an excellent imitation. Just to put in perspective how quickly the evolution happened, 12-18 months ago, these tools just started to appear. The majority of fraud was conducted with easier tactics and less advanced tools.”
He added, “Just as with any innovation, it’s a matter of convenience and ROI. If you’re a fraudster and have the financial resources, why not go for tools that will automate your work, supported by SaaS organizations that provide professional, 24/7 customer support complete with YouTube tutorials. It’s an arms race. So much innovation is being poured into methods to extract money from the system. It needs to be met with comparable investment on the merchant side.”
Online vs. mobile fraudsters
Shield, a mobile-first risk intelligence and fraud prevention company, explained that online fraudsters like to take the shortest path, as they take evasive action to make the most of a hacked account or payment-related details. The same might hold true for mobile fraudsters. It is being highlighted that mobile app fraudsters work on a relatively detailed mechanism, for setting up loads of fake accounts to “exploit referral credits, before offloading the reward points at a discount.” In a blog post, the company also stated that mobile fraudsters steal less, more frequently and find it easier to attack mobile apps.
Ai’s upcoming events: https://www.aiconnects.us/events/upcoming-events/
