arrow left facebook twitter linkedin medium menu play circle

3 Keys to Fraud Detection for the Modern Wave of Sophisticated Fraud

DataVisor Threat Blog

By Ting Fang Yen December 18, 2018

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.

Digital fraud attacks have become increasingly sophisticated and their complexity brings more and more concern for social forums, digital commerce, online banking and other consumer-facing enterprises. As part of our initiative to educate and equip fraud and risk management leaders with data-backed insights, the DataVisor research team tracked and analyzed 1.1 billion attack events and 887K fraud attacks across some of the largest internet properties and financial services in the world from July to September 2018. Our learnings will allow fraud management teams to reevaluate their fraud detection strategies and secure their technology architecture.

DataVisor’s approach to fraud detection is particularly effective because it utilizes DataVisor’s Unsupervised Machine Learning (UML) Engine that looks at all events and users holistically, and then identifies correlated groups of malicious users that share similar attributes. This approach allows us to detect attacks that have never been seen before. Traditional approaches such as rule-based or supervised machine learning need to constantly update their models and are unable to see the varied ways of sophisticated fraudulent attacks.

Fraud Has a Wide Gamut of Operation

Our research findings show that fraudsters display diverse behaviors ranging from varying size, duration and degree of sophistication.

Layers of Sophistication

On one end, less sophisticated fraud attacks are typically bursty and short-lived. They are easier to detect and block because fraudsters tend to reuse known bad fraud signals and exploit large volumes of malicious activities that make them noticeable. In our data, we observed that 59% of low-sophistication fraud attacks have a median user lifetime of less than one day, and 70% have a median user lifetime of less than one week.

On the other end, a sophisticated attack has fraudsters engage various tools so that the fraudulent accounts can blend with other “normal” users. Their fake accounts may have legitimate-looking user profiles with pictures and originate from residential, educational, or mobile networks with good reputation. Such attacks often have longer duration since they are able to evade detection, operate under the radar and scale up to cause greater damage on the service. High sophistication attacks are 2.3x larger than low sophistication attacks.

We observe that fraud attacks on financial platforms are the most complicated. Fifty-six percent of attacks on financial platforms have high sophistication, compared to 17% for ecommerce and 14% for social platforms.

Fraudsters Change Tactics

Change is the name of their game and fraudsters are good at evading static signals with a flexible backend infrastructure to advance quickly. For example, 36% of IP fraud signals were active for less than one day, and 64% were active for less than one week.

Fraudsters are Adept at Camouflaging

As traffic from datacenter IP ranges faces increasing scrutiny from online services, fraudsters are leveraging proxy services from residential or mobile network ranges to keep moving under disguise.

Clearly, to stay ahead of the game, enterprises must bolster detection efforts with a complete solution that can detect new and emerging fraud patterns. Find out how three ways you can curb fast-evolving fraud by downloading a copy of the DataVisor Q3 2018 Fraud Index Report here.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q2 2019

Learn More

The DataVisor Q2 2019 Fraud Index Report is here.

Customers online want convenience, ease, and access. Fortunately, your business offers it all. Unfortunately, that’s what fraudsters want too. To a cyber criminal, those features means vulnerabilities. To bring you the very latest and most actionable insights about where the risks are and what you…

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Diagnose and Defeat Application Fraud with the Latest AI-Powered Tools

Learn More

Learn how leading financial institutions are using ML to proactively detect card application fraud.

In this insightful webinar, you’ll explore how organizations are leveraging AI-powered fraud management solutions to get tangible, real-world benefits as they work to proactively detect and defeat sophisticated modern fraud attacks. Plus, you’ll discover strategies for empowering cross-team…


Protect your business, your customers, and your data.

Request Demo