Practical Fraud Prevention

Practical Fraud Prevention

by Gilit Saporta, Shoshana Maraney
Released March 2022
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781492093329

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Buy on Amazon Buy on ebooks.com
Start your free trial

Book description

Over the past two decades, the booming ecommerce and fintech industries have become a breeding ground for fraud. Organizations that conduct business online are constantly engaged in a cat-and-mouse game with these invaders. In this practical book, Gilit Saporta and Shoshana Maraney draw on their fraud-fighting experience to provide best practices, methodologies, and tools to help you detect and prevent fraud and other malicious activities.

Data scientists, data analysts, and fraud analysts will learn how to identify and quickly respond to attacks. You'll get a comprehensive view of typical incursions as well as recommended detection methods. Online fraud is constantly evolving. This book helps experienced researchers safely guide and protect their organizations in this ever-changing fraud landscape.

With this book, you will:

  • Examine current fraud attacks and learn how to mitigate them
  • Find the right balance between preventing fraud and providing a smooth customer experience
  • Share insights across multiple business areas, including ecommerce, banking, cryptocurrency, anti-money laundering, and ad tech
  • Evaluate potential risks for a new vertical, market, or product
  • Train and mentor teams by boosting collaboration and kickstarting brainstorming sessions
  • Get a framework of fraud methods, fraud-fighting analytics, and data science methodologies

Publisher resources

View/Submit Errata

Table of contents

  1. Foreword
  2. Preface
    1. Introduction to Practical Fraud Prevention
    2. How to Read This Book
    3. Who Should Read This Book?
    4. Conventions Used in This Book
    5. O’Reilly Online Learning
    6. How to Contact Us
    7. Acknowledgments
  3. I. Introduction to Fraud Analytics
  4. 1. Fraudster Traits
    1. Impersonation Techniques
    2. Deception Techniques
      1. Social Engineering
    3. The Dark Web
      1. Fraud Rings/Linking
    4. Volatility
    5. Card and Account Testing
    6. Abuse Versus Fraud
    7. Money Laundering and Compliance Violations
    8. Summary
  5. 2. Fraudster Archetypes
    1. Amateur Fraudster
    2. Cookie-Cutter Fraudster
    3. Gig Economy Fraudster
    4. Psychological Fraudster
    5. Product-Savvy Fraudster
    6. Tech-Savvy Fraudster
      1. Bot Generator
      2. Hacker
    7. Organized Crime Fraudster
      1. Distinction Between Organized Crime and Cookie-Cutter Fraudsters
      2. Small But Organized Crime
    8. Friendly Fraudster
    9. Pop Quiz
    10. Summary
  6. 3. Fraud Analysis Fundamentals
    1. Thinking Like a Fraudster
      1. A Professional Approach to Fraud
      2. Treat Categories with Caution
    2. Account Versus Transaction
    3. The Delicate Balance Between Blocking Fraud and Avoiding Friction
      1. Profit Margins
      2. Maintaining Dynamic Tension
      3. The Psychological Cost
      4. Tiers of Trust
    4. Anomaly Detection
    5. Practical Anomaly Detection: Density Case Study
    6. Crises: Planning and Response
      1. Economic Stress Affects Consumers’ Situations—and Decisions
      2. Prepare for Shifts in User Behaviors
      3. Interdepartmental Communication and Collaboration
      4. Friendly Fraud
    7. Summary
  7. 4. Fraud Prevention Evaluation and Investment
    1. Types of Fraud Prevention Solutions
      1. Rules Engines
      2. Machine Learning
      3. Hybrid Systems
      4. Data Enrichment Tools
      5. Consortium Model
    2. Building a Research Analytics Team
    3. Collaborating with Customer Support
    4. Measuring Loss and Impact
    5. Justifying the Cost of Fraud Prevention Investment
    6. Interdepartmental Relations
    7. Data Analysis Strategy
    8. Fraud Tech Strategy
    9. Data Privacy Considerations
    10. Identifying and Combating New Threats Without Undue Friction
    11. Keeping Up with New Fraud-Fighting Tools
    12. Summary
  8. 5. Machine Learning and Fraud Modeling
    1. Advantages of Machine Learning
    2. The Challenges of Machine Learning in Fraud Prevention
      1. Relative Paucity of Data
      2. Delayed Feedback and Overfitting
      3. The Labeled Data Difficulty
      4. Intelligent Adversary
      5. Explainability, Ethics, and Bias
    3. Dynamic Policies and the Merits of Story-Based Models
    4. Data Scientists and Domain Experts: Best Practices for a Fruitful Collaboration
      1. Working Well Together
    5. Popular Machine Learning Approaches
      1. Accuracy Versus Explainability and Predictability
      2. Classification Versus Clustering
    6. Summary
  9. II. Ecommerce Fraud Analytics
  10. 6. Stolen Credit Card Fraud
    1. Defining Stolen Credit Card Fraud
      1. Modus Operandi
    2. Identification
      1. Mismatched IP
      2. Repeat Offender IP
      3. Nonunique IPs
      4. Masked IP
      5. Warning: The Reliability of IP Analysis May Vary Depending on Locale
    3. Mitigation
      1. Example 1: Using IP Geolocation to Identify Legitimate Hotel IPs
      2. Example 2: Using IP Traffic Trends to Identify Fake-Hotel IPs
      3. Example 3: Using Hierarchy in Variable Design
      4. Using Hierarchy in IP Typology Variable Design
    4. Summary
  11. 7. Address Manipulation and Mules
    1. So Many Different Ways to Steal
      1. Physical Interception of Package: Porch Piracy
      2. Physical Interception of Package: Convince the Courier
      3. Send Package to a Convenient Location: Open House for Fraud
      4. Send Package to a Convenient Location: Reshippers
      5. Remote Interception of Package: Convince Customer Support
      6. Remote Interception of Package: AVS Manipulation
      7. Mule Interception of Package
      8. More Advanced: Adding an Address to the Card
      9. More Advanced: Adding an Address to Data Enrichment Services
      10. More Advanced: Dropshipping Direct/Triangulation
    2. Identification and Mitigation
      1. Open House
      2. Mules
      3. Reshippers
    3. Summary
  12. 8. BORIS and BOPIS Fraud
    1. Identification and Mitigation
      1. Pickup and Return: Educating Employees Outside Your Department
      2. Policy Decisions: Part of Fraud Prevention
      3. Online Identification and Mitigation
    2. Summary
  13. 9. Digital Goods and Cryptocurrency Fraud
    1. Definition and Fraudster MO
    2. Ticketing Fraud
    3. Gift Card Fraud
    4. Social Engineering
    5. Identification and Mitigation
    6. Summary
  14. 10. First-Party Fraud (aka Friendly Fraud) and Refund Fraud
    1. Types of Friendly Fraud
      1. Genuine Mistake
      2. Family Fraud
      3. Buyer’s Remorse, Customer Resentment, and Mens Rea
      4. Fraud Versus Abuse
      5. The Tendency to Tolerate Abuse
      6. Reseller Abuse
      7. Refund Fraud
    2. Identification and Mitigation
      1. Identification
      2. Mitigation
    3. Summary
  15. III. Consumer Banking Fraud Analytics
  16. 11. Banking Fraud Prevention: Wider Context
    1. Differences Between Banking and Ecommerce
    2. The Context of Cybercrime
    3. Social Engineering in Banking
    4. A Note on Perspective
    5. Deepfakes: A Word of Warning
    6. Summary
  17. 12. Online Account Opening Fraud
    1. False Accounts: Context
    2. Identification and Mitigation
      1. Asking Questions, Mapping the Story
      2. Document Verification
      3. Customer Personas
      4. Data Retention
    3. Summary
  18. 13. Account Takeover
    1. ATO: Fueled by Stolen Data
    2. The Attack Stages of ATO
    3. The Advantages of ATO
    4. Overlay Attacks
    5. Identification and Mitigation
      1. Biometrics
      2. Multifactor Authentication
      3. Device Fingerprinting
      4. Network Context
      5. Customer Knowledge
      6. Dynamic Friction
      7. Example: Identifying a Trusted Session
    6. Summary
  19. 14. Common Malware Attacks
    1. Types of Malware Attacks
      1. As Part of Phishing Attacks
      2. Malware with Social Engineering
    2. Identification and Mitigation
      1. Collaboration Is Key
      2. Anomaly Detection
    3. Summary
  20. 15. Identity Theft and Synthetic Identities
    1. How Identity Fraud Works
    2. Identification and Mitigation
      1. Linking
      2. Collaboration
    3. Summary
  21. 16. Credit and Lending Fraud
    1. Nonprofessional Fraudsters Engaging in Credit and Lending Fraud
    2. Professional Fraudsters and Credit and Lending Fraud
    3. Buy Now Pay Later Fraud
    4. Identification and Mitigation
    5. Summary
  22. IV. Marketplace Fraud
  23. 17. Marketplace Attacks: Collusion and Exit
    1. Types of Collusion Attacks
      1. Money Laundering
      2. Feedback Padding and Scams
      3. Incentives and Refund Abuse
      4. Selling Illegal Goods
      5. The Gig Economy of Fraud
    2. Identification and Mitigation
      1. Why Proximity Is Different in Marketplaces
      2. Thinking Beyond Immediate Fraud Prevention
    3. Summary
  24. 18. Marketplace Attacks: Seller Fraud
    1. Types of Seller Fraud
      1. Seller Slipup Segues into Fraud
      2. Scams
      3. Dubious Goods
    2. Identification and Mitigation
      1. Seller Slipup Segues into Fraud
      2. Scams
      3. Dubious Goods
    3. Summary
  25. V. AML and Compliance Analytics
  26. 19. Anti–Money Laundering and Compliance: Wider Context
    1. AML Challenges and Advantages
    2. Summary
  27. 20. Shell Payments: Criminal and Terrorist Screening
    1. How Shell Payments Work
    2. Identification and Mitigation
    3. Criminal and Terrorist Screening
    4. Summary
  28. 21. Prohibited Items
    1. Identification and Mitigation
    2. Summary
  29. 22. Cryptocurrency Money Laundering
    1. Cryptocurrency: More Regulated Than You Think, and Likely to Become More So
    2. The Challenge of Cryptocurrency Money Laundering
    3. Identification and Mitigation
      1. KYC: Combating Money Laundering from the Start
      2. Beyond KYC
    4. Summary
  30. 23. Adtech Fraud
    1. The Ultimate Money Maker
    2. Beyond Bot Detection: Looking into Invisible Ads
    3. Bot Identification in Adtech and Beyond
    4. Summary
  31. 24. Fraud, Fraud Prevention, and the Future
    1. Collaboration in the Era of “The New Normal”
  32. Index
  33. About the Authors

Product information

  • Title: Practical Fraud Prevention
  • Author(s): Gilit Saporta, Shoshana Maraney
  • Release date: March 2022
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781492093329