arrow left facebook twitter linkedin medium menu play circle

React, or Prevent? Why Organizations Must Embrace A Proactive Approach To Fraud Management

The increasingly rapid emergence of new tools and technologies—and the ready access to them which fraudsters enjoy—has enabled bad actors to adjust their techniques and approaches with unprecedented speed and finesse.

By Christopher Watkins June 19, 2019

Photo of Christopher Watkins

about Christopher Watkins
Christopher Watkins is Senior Creative Writer at DataVisor. He brings 10+ years of writing, editing, and strategy experience to his role. He was previously Senior Writer and Chief Words Officer at Udacity. He holds an MFA in Creative Writing from the University of Southern Maine.

In the June edition of their Digital Fraud Tracker, the editorial team from PYMNTS uses an unexpected metaphor to describe what it’s like to battle modern fraud:

“Stopping digital fraud is a lot like playing whack-a-mole: as soon as one fraudster is caught, two more pop up where they’re least expected.”

The description is apt, as it vividly illustrates the agility of the modern fraudster. The increasingly rapid emergence of new tools and technologies—and the ready access to them which fraudsters enjoy—has enabled bad actors to adjust their techniques and approaches with unprecedented speed and finesse.

The Shortcomings of Speed

The metaphor is also helpful in that it affords an easy way to enunciate the importance of adopting a proactive approach to combating digital fraud. In a game of whack-a-mole, moles appear at random from different holes across the landscape; as a player, your job is to use your mallet to “whack” them before they return below the surface. You’re ultimately doomed to fail in the game because no matter how fast you play, the moles eventually outpace you.

In the real world of fraud prevention, speed—on its own—is a doomed power as well. No matter how fast you respond, fraudsters will find ways to move faster, and at the end of the day, you’re still in reactive mode. They act, you respond. That’s not fraud prevention. That’s just damage control.

This is why a proactive approach is so critical. The proactive approach to whack-a-mole would be to stop the moles from ever appearing in the first place.

If You Are Only Keeping Up With Fraud, You Are Already Behind

DataVisor Co-Founder and CEO Yinglian Xie spoke about proactive fraud prevention at length in a new interview with Financial IT:

“If you are only keeping up with fraud, you are already behind. Both rules-based and supervised machine learning-based approaches are inherently reactive, and as such, can only identify known fraud. So they help, but they can’t do everything. To meet emerging threats and prevent fraud before damage occurs, organizations must be able to accurately identify unknown fraud types as well. Unsupervised Machine Learning (UML) offers fraud teams a new superpower—the ability to deploy highly accurate detection models without the requirement of historical data or preexisting labels. This approach can feed into an overall strategy that prioritizes holistic analysis and contextual detection. It is important to look at events as a whole as opposed to reacting to them one at a time, and businesses must be empowered to discover the clandestine correlations and patterns that signify fraudulent attacks before they’re unleashed.”

Proactive Fraud Prevention At The Modeling Level

Proactive fraud prevention is a concept, but it’s also something that can be applied in very tangible and tactical ways. A recent product announcement highlighting new enhancements for dCube—DataVisor’s flagship fraud management solution—offers a look at how our tools and capabilities continue to advance the practice of proactive fraud prevention:

“Just as proactive detection and automated model development represent a quantum leap forward from legacy fraud solutions tethered to labels, rules, and manual review, these enhancements further push the envelope by introducing an intelligent optimization mode that offers access to a wide range of additional parameters to further precision and recall. Teams can now tune fine-grained model parameters including feature similarity threshold, cluster size, correlation features, and more.”

The Account Incubation Use Case

Account incubation is a particularly vexing fraud problem, and it’s only through proactive detection that it can be solved. A new article from CyberScoop titled “When Your Apps Are Dormant, You Become A More Likely Target For Crooks” explores current challenges with account takeover fraud (ATO) and includes proprietary research from DataVisor on how ATO attacks take advantage of account dormancy to hijack accounts for malicious purposes. The article also notes the role incubation plays, particularly as it applies to social platforms:

“It’s different for social media accounts, where hackers can afford to linger for some time before they risk exposing themselves by taking action. In one large attack, DataVisor found, 81 percent of the compromised accounts started posting spam and attempted scam messages three weeks after initially logging in. Researchers dubbed this technique “account incubation,” a method that’s especially hard to detect because scammers’ activity may have mingled with the true account owner.”

Proactive Fraud Prevention for Social Platforms

Momo, a DataVisor client, is a revolutionary mobile-based social networking app that enables users to chat and meet with people nearby. It is one of the largest social platforms in China, with more than 290 million users. Our work with Momo has involved directly confronting the challenges associated with account incubation. The following is an excerpt taken from a recent case study highlighting the success Momo has achieved since adopting a proactive approach:

“DataVisor was able to detect these “sleeper cell” accounts at their incubation stage to prevent damages. This early warning system resulted in a dramatic reduction of spam, illegal commerce, phishing, prostitution ads and account hijacking for Momo so they could keep the focus on their core business and continue the rapid expansion of their user base.”

React, or Prevent?

In a game of whack-a-mole, the ending is foreshadowed; eventually, the pace is too fast, and the player cannot keep up. This is not unlike what we are seeing today as bots become an increasingly omnipresent fixture of modern fraud. Here is Yinglian Xie again, from her Financial IT interview:

“Bot-powered fraud is supremely challenging to detect and even harder to prevent. Attacks are often massive in scale and can adapt very rapidly. So the question isn’t whether your organization can afford to invest in prevention. The question is, can you afford not to?”

It comes down to a simple choice. React, or prevent?

Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q1 2019

Learn More

Access proprietary data and research results to discover the latest attack techniques and prevention strategies.

Download the Q1 2019 Fraud Index Report from DataVisor to receive unparalleled data-driven insights into the latest attack trends, and the most effective prevention strategies, based on analysis of over 44 billion events, 800 million users, 396 million IP addresses, and more.

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Guard Your Online Marketplace Against Fraud

Learn More

Discover AI-powered fraud strategies for preventing financial and reputational damage in this powerful eBook.

Online marketplaces withstand a complicated array of fraud attacks—spam, scam, and all points in between. Only the most comprehensive, proactive AI-powered solutions can fully protect against reputational and financial damage. This eBook details the entire lifecycle of a fraud attack, and lays out…

Protect your business, your customers, and your data.

Request Demo