Banks and Insurance companies lose billions of dollars every year to fraud.
Traditional methods of fraud detection play an important role in minimizing
these losses. However increasingly sophisticated fraudsters have developed a
variety of ways to elude discovery, both by working together and by
leveraging various other means of constructing false identities.
Graph databases offer new methods of uncovering fraud rings and other
sophisticated scams with a high-level of accuracy, and are capable of
stopping advanced fraud scenarios in real-time.
While no fraud prevention measures can ever be perfect, significant
opportunity for improvement can be achieved by looking beyond the individual
data points, to the connections that link them. Oftentimes these connections
go unnoticed until it is too late- something that is unfortunate, as these
connections oftentimes hold the... (more)
(Today, Part 3: anatomy of collusion-based first party bank fraud, a.k.a. how
fraudsters work together to defraud a bank. Do not try this at home!!)
While the exact details behind each first-party fraud collusion vary from
operation to operation, the pattern below illustrates how fraud rings
A group of two or more people organize into a fraud ring The ring shares a
subset of legitimate contact information, for example phone numbers and
addresses, combining them to create a number of synthetic identities Ring
members open accounts using these synthetic identities... (more)
Catching fraud rings and stopping them before they cause damage is a
challenge. One reason for the challenge is that traditional methods of fraud
detection are either not geared to look for the right thing: in this case,
the rings created by shared identifiers. Standard instruments-such as a
deviation from normal purchasing patterns- use discrete data and not
connections. Discrete methods are useful for catching fraudsters acting
alone, but they fall short in their ability to detect rings. Further, many
such methods are prone to false positives, which creates undesired side
Another hack attack hits the headlines http://tinyurl.com/yebvj8p
Big deal. This stuff happens every day now right? Wrong. Not on this scale
it doesn’t. The Kneber Bot has penetrated 75,000 systems, 2,500 companies
across in 196 countries. This is not a straightforward Trojan - a simple
smash and grab. This one’s a game changer.
Systems compromised by this botnet provide the attackers with not only user
credentials and confidential information, but remote access inside the
compromised network. Just some of the data stolen includes:
68,000 corporate log-in credentials Access to ... (more)
We saw what typically happens when trying to use static rule-based log
correlation to perform real-time incident management... combinatory explosion
and lack of scalability. How do you automate non-deterministic attacks in a
few discrete steps???
Today, we'll look at more scenarios for which static rule-based log
correlation doesn't make sense.
Attack Scenario Example 2: Brute Force Attack
Let's look at another example scenario. Brute Force Attack.
- A user tries to log in to his account
- He fails many times in a row and then finally succeeds
- Then "probably" a successful Brute ... (more)