arrow left facebook twitter linkedin medium menu play circle

3 Keys to Fraud Detection for the Modern Wave of Sophisticated Fraud

DataVisor Threat Blog

By Ting Fang Yen December 18, 2018

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.

Digital fraud attacks have become increasingly sophisticated and their complexity brings more and more concern for social forums, digital commerce, online banking and other consumer-facing enterprises. As part of our initiative to educate and equip fraud and risk management leaders with data-backed insights, the DataVisor research team tracked and analyzed 1.1 billion attack events and 887K fraud attacks across some of the largest internet properties and financial services in the world from July to September 2018. Our learnings will allow fraud management teams to reevaluate their fraud detection strategies and secure their technology architecture.

DataVisor’s approach to fraud detection is particularly effective because it utilizes DataVisor’s Unsupervised Machine Learning (UML) Engine that looks at all events and users holistically, and then identifies correlated groups of malicious users that share similar attributes. This approach allows us to detect attacks that have never been seen before. Traditional approaches such as rule-based or supervised machine learning need to constantly update their models and are unable to see the varied ways of sophisticated fraudulent attacks.

Fraud Has a Wide Gamut of Operation

Our research findings show that fraudsters display diverse behaviors ranging from varying size, duration and degree of sophistication.

Layers of Sophistication

On one end, less sophisticated fraud attacks are typically bursty and short-lived. They are easier to detect and block because fraudsters tend to reuse known bad fraud signals and exploit large volumes of malicious activities that make them noticeable. In our data, we observed that 59% of low-sophistication fraud attacks have a median user lifetime of less than one day, and 70% have a median user lifetime of less than one week.

On the other end, a sophisticated attack has fraudsters engage various tools so that the fraudulent accounts can blend with other “normal” users. Their fake accounts may have legitimate-looking user profiles with pictures and originate from residential, educational, or mobile networks with good reputation. Such attacks often have longer duration since they are able to evade detection, operate under the radar and scale up to cause greater damage on the service. High sophistication attacks are 2.3x larger than low sophistication attacks.

We observe that fraud attacks on financial platforms are the most complicated. Fifty-six percent of attacks on financial platforms have high sophistication, compared to 17% for ecommerce and 14% for social platforms.

Fraudsters Change Tactics

Change is the name of their game and fraudsters are good at evading static signals with a flexible backend infrastructure to advance quickly. For example, 36% of IP fraud signals were active for less than one day, and 64% were active for less than one week.

Fraudsters are Adept at Camouflaging

As traffic from datacenter IP ranges faces increasing scrutiny from online services, fraudsters are leveraging proxy services from residential or mobile network ranges to keep moving under disguise.

Clearly, to stay ahead of the game, enterprises must bolster detection efforts with a complete solution that can detect new and emerging fraud patterns. Find out how three ways you can curb fast-evolving fraud by downloading a copy of the DataVisor Q3 2018 Fraud Index Report here.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q1 2019

Learn More

Access proprietary data and research results to discover the latest attack techniques and prevention strategies.

Download the Q1 2019 Fraud Index Report from DataVisor to receive unparalleled data-driven insights into the latest attack trends, and the most effective prevention strategies, based on analysis of over 44 billion events, 800 million users, 396 million IP addresses, and more.

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Guard Your Online Marketplace Against Fraud

Learn More

Discover AI-powered fraud strategies for preventing financial and reputational damage in this powerful eBook.

Online marketplaces withstand a complicated array of fraud attacks—spam, scam, and all points in between. Only the most comprehensive, proactive AI-powered solutions can fully protect against reputational and financial damage. This eBook details the entire lifecycle of a fraud attack, and lays out…


Protect your business, your customers, and your data.

Request Demo