Posts By :

Stuart O'Brien

WEBINAR: Unlock your revenue potential – Strategic chargeback management for EMEA payment leaders
By:

As chargebacks are projected to reach $165 billion by the end of 2024, ecommerce payments professionals are facing an unprecedented challenge—yet most are leaving 40% or more of disputes uncontested, leading to substantial revenue losses. This webinar will dive into the root causes, including the rise of first-party fraud and why neglecting to fight chargeback sends a signal to bad actors that you are “open for fraud.”

Tailored for payment professionals, this webinar will teach you how to safeguard your revenue, alleviate operational strain, and strengthen your standing with banks and processors.

Join Riskified on September 18th at 3 PM (GMT+1) to equip your business with the latest strategies and advanced tools to stay ahead in the evolving fraud landscape. You’ll walk away with the knowledge to:

  • Implement revenue-saving chargeback management strategies
  • Effectively prevent chargebacks upfront
  • Boost operational efficiency and unburden internal resources

September 18th, 2024 

3 PM GMT+1

Click Here To Register

AI MONTH: Identifying the key anti-fraud use cases in your organisation
By:

AI is revolutionising the fight against financial fraud, offering sophisticated solutions that can outsmart even the most sophisticated fraudsters. Here are some of the key ways AI is being deployed by delegates at the Fraud Protection Summit…

  1. Real-time Transaction Monitoring: AI algorithms can analyze vast amounts of transaction data in real-time, identifying suspicious patterns and flagging potentially fraudulent activity. This enables swift intervention and reduces financial losses.  
  2. Behavioral Biometrics: By analyzing user behavior patterns, AI can detect anomalies that may indicate fraudulent activity. This includes factors like typing speed, mouse movements, and even voice patterns.  
  3. Fraud Detection Models: AI models can learn from historical data to identify new fraud patterns and adapt to evolving tactics. This helps prevent fraudsters from exploiting vulnerabilities in traditional detection systems.  
  4. Customer Onboarding and Verification: AI can automate customer onboarding processes, verifying identities and detecting potential fraud risks at the initial stages. This reduces the likelihood of fraudulent accounts being created.  
  5. Synthetic Data Generation: AI can generate synthetic data to train fraud detection models without compromising customer privacy. This allows for continuous improvement of fraud prevention capabilities.  
  6. Bot Detection: AI can effectively detect and block bots that are used to automate fraudulent activities, such as account creation or credential stuffing.  
  7. Social Network Analysis: AI can analyze social media data to identify potential fraudsters based on their online behavior and connections.
  8. Machine Learning for Anomaly Detection: Machine learning algorithms can identify unusual patterns in transaction data that may indicate fraudulent activity, even if the patterns are not explicitly defined.  
  9. Natural Language Processing (NLP): AI-powered NLP can analyze text data, such as emails or chat logs, to detect fraudulent communication patterns.  

AI is a powerful tool in the fight against financial fraud, offering real-time detection, adaptability, and the ability to handle vast amounts of data. As AI technology continues to evolve, we can expect even more sophisticated and effective solutions to emerge.

Are you looking for AI-powered anti-fraud solutions for your organisation? The Fraud Protection Summit can help!

Photo by Nathana Rebouças on Unsplash

TIme is running out to attend the Fraud Prevention Summit
By:

Can you join 60 of your peers as a delegate at the Fraud Prevention Summit on the 6th November 2024 in London? Places are running out fast!

Attendance to the is completely FREE and includes meetings with top suppliers, inspiration and knowledge sharing from our educational speakers, opportunities to network with your peers, lunch and refreshments throughout, and much more!

This event in unlike a traditional trade show with NO hard sell!

Places are limited and going quickly! – Book your place here or please contact us here if you’d like more info.

Should the SFO be scrapped? The IEA thinks so
By:

The Institute of Economic Affairs has published a paper asserting the Serious Fraud Office (SFO) should be replaced with a new body dedicated to combating economic crime with greater emphasis on prevention.

In the paper, the IEA says the SFO has been plagued by a series of high-profile failures, ‘including ethical misconduct and incompetence’. In cites examples, including from 2021 when a high-profile bribery conviction of a former Unaoil executive was overturned due to the SFO’s failure to disclose key material relating to its director’s ‘inappropriate’ communications with a Unaoil advisor during the prosecution.

Economic crime academics Professor Mark Button, Dr Branislav Hock, and Dr David Shepherd are now calling for the SFO to be abolished and the establishment of a Serious Economic Crimes Office (SECO).

The new body would keep powers to prosecute serious fraud, but would also have new responsibilities to deter fraud before it occurs. The office would be expected to develop good practice advice on prevention in closer collaboration with the private sector. 

According to the report authors, the criminal justice system is incapable of addressing the intricate, technical and complex nature of cases involving serious fraud. This is leading to costly delays and, often, failed prosecutions.

The SECO would instead be encouraged to embrace alternative justice mechanisms, including Deferred Prosecution Agreements and using larger fines. There would also be expanded powers to set standards and impose regulatory sanctions. This would include ‘Ethics orders’, which would require corporations to implement ethics and compliance programmes.

The authors also envisage the creation of a register of serious economic crime offenders, modelled on HMRC’s list of individual and company tax defaulters. A spot on the register could result in prohibition from being a company director or selling financial products.

The report suggests enhancing collaboration with private investigators specialising in economic crime. This could involve staff exchanges or outsourcing partial or full investigations to experienced firms such as Kroll, KPMG, or EY.

The paper says that the SFO’s focus on high-profile prosecutions has diverted resources away from other important areas, such as crime prevention and the support of small and medium-sized enterprises that are increasingly susceptible to fraud. 

The proposed SECO would address these gaps by prioritising a more balanced approach, combining enforcement with preventative measures. 

Professor Mark Button, Co-Founder and Co-Director of the Centre for Cybercrime and Economic Crime at the University of Portsmouth, said: “Serious economic crime is at record level and set to continue to rise. The existing structures and approaches are failing to have a significant impact and this report sets out a wide range of innovative reforms and actions to cope with this increasing challenge.”

Dr Branislav Hock, Co-Editor in Chief of the Journal of Economic Criminology, said: “Segregated serious economic crime policing structure in the UK requires new enforcement authority that operates above the surface of institutional and procedural complexities.”

Dr David Shepherd, economic crime researcher and Senior Lecturer at the University of Portsmouth, said: “The SFO is hamstrung by its focus on criminal justice and courts that are not fit-for-purpose. Breaking these constraints with a revitalised agency, a new identity and a broader range of regulatory-style powers would better serve the public good.”

ANTI-FRAUD MONTH: Behavioural biometrics is a powerful tool – but how does it work?
By:

Behavioural biometrics, a subset of biometric technology, analyses individual user behaviours to verify identity. Unlike traditional biometrics like fingerprints or facial recognition, behavioural biometrics focus on how users interact with devices, making them more difficult to spoof. Here’s a handy cheat sheet…

How BEHAVIOURAL Biometrics Works

Behavioral biometrics tracks various user behaviors, including:

  • Typing patterns: The rhythm, speed, and pressure applied to keys.
  • Mouse movements: The way a user moves the mouse cursor.
  • Keystroke dynamics: The timing and rhythm of keystrokes.
  • Voice patterns: Unique voice characteristics, such as pitch, tone, and cadence.

By analyzing these patterns, behavioral biometrics can create a unique profile for each user. When a user attempts to log in, their behavior is compared to their profile. If there are significant deviations, it could indicate a potential fraudulent attempt.

Applications in E-commerce, Payments, and Financial Services

Behavioral biometrics is increasingly being adopted in the e-commerce, payments, and financial services sectors to enhance security and reduce fraud. Some common applications include:

  • Account Login: Replacing traditional passwords with behavioral authentication for stronger security.
  • Transaction Authorization: Verifying user identity before authorizing payments or sensitive transactions.
  • Fraud Detection: Identifying suspicious activity by detecting deviations from normal user behavior patterns.
  • Risk Assessment: Evaluating the risk level of a transaction based on user behaviour.

Benefits of BEHAVIOURAL Biometrics

  • Enhanced Security: Behavioral biometrics are more difficult to spoof than traditional biometrics, making them a stronger security measure.
  • Improved User Experience: Behavioral authentication can eliminate the need for passwords, simplifying the login process.
  • Reduced Fraud: By detecting fraudulent activity early, behavioral biometrics can help prevent financial losses.
  • Scalability: Behavioral biometrics can be easily integrated into existing systems and scaled to accommodate large user bases.

Challenges and Considerations

  • Data Privacy: Collecting and analyzing user behavior data raises privacy concerns. Organizations must ensure compliance with data protection regulations.
  • Accuracy: The accuracy of behavioral biometrics can be affected by factors like user fatigue, stress, or illness.
  • User Acceptance: Some users may find behavioural authentication intrusive or inconvenient.

Despite these challenges, behavioural biometrics offer a promising solution for enhancing security in the e-commerce, payments, and financial services sectors. As technology continues to advance, we can expect to see even more sophisticated and effective applications of behavioural biometrics in the future.

Are you looking for Anti-Fraud solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Evgeniy Alyoshin on Unsplash

If you specialise in AI for Fraud Prevention we want to hear from you!
By:

Each month on Fraud Prevention Briefing we’re shining the spotlight on a different part of the market – and in September we’ll be focussing on AI for Fraud Prevention.

It’s all part of our ‘Recommended’ editorial feature, designed to help industry buyers find the best products and services available today.

So, if you specialise in AI for Fraud and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jennie Lane on 01992 374 098 | j.lane@forumevents.co.uk.

Sep – AI for Fraud
Oct – Chargebacks
Nov – Biometrics for Fraud prevention
Dec – Mobile Fraud Prevention
Jan – Digital Identity Verification
Feb – Fraud Prevention Solutions
Mar – Risk Prevention & Compliance
Apr – Financial Crime
May – Multi-factor Authentication
Jun – Digital Identity Verification
Jul – Fraud Detection Tools
Aug – Anti Fraud Platforms

ANTI-FRAUD MONTH: Identifying core and specialist solutions for retail and financial services
By:

The retail and financial services sectors are prime targets for fraudsters. For senior anti-fraud professionals, understanding and deploying the right anti-fraud solutions is crucial. Here are the key solutions in demand among delegates at the Fraud Prevention Summit…

Core Anti-Fraud Solutions

  • Fraud Prevention Systems: These systems use algorithms and machine learning to identify suspicious transactions in real-time.
  • Identity Verification Tools: Verify customer identity through various methods, such as biometric authentication,document verification, and address verification.
  • Device Fingerprinting: Detects and analyzes device characteristics to identify potential fraudsters.
  • Behavioral Biometrics: Analyzes user behavior patterns to identify anomalies indicative of fraudulent activity.
  • Chargeback Management Solutions: Helps manage and dispute fraudulent chargebacks.

Specialized Anti-Fraud Solutions

  • Payment Fraud Prevention: Specifically designed to detect and prevent payment card fraud, including card-not-present (CNP) fraud.
  • Account Takeover Prevention: Protects customer accounts from unauthorized access.
  • Fraud Investigation Tools: Provides tools for investigating fraudulent activity and gathering evidence.
  • Customer Education Tools: Helps customers understand fraud risks and prevention measures.
  • Cybersecurity Solutions: Protects the overall IT infrastructure from cyberattacks that can lead to fraud.

Key Considerations for Anti-Fraud Solution Selection

  • False Positive Rates: Evaluate the solution’s accuracy in identifying genuine transactions and minimizing customer inconvenience.
  • Integration Capabilities: Ensure seamless integration with existing systems and data sources.
  • Scalability: Choose a solution that can adapt to changing fraud trends and business growth.
  • Cost-Benefit Analysis: Assess the return on investment for each solution, considering both cost and potential fraud losses.
  • Data Privacy: Ensure compliance with data protection regulations when handling customer information.

By carefully selecting and implementing the appropriate anti-fraud solutions, senior anti-fraud professionals can significantly reduce the risk of financial loss and protect the reputation of their organizations.

Are you looking for Anti-Fraud solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Towfiqu barbhuiya on Unsplash

AI-enhanced malicious attacks and soft ransomware targets front of mind for risk execs
By:

Concern about artificial intelligence (AI)-enhanced malicious attacks have again topped Gartner’s emerging risk rankings in the second quarter of 2024, while new concerns regarding soft ransomware targets are also coming to the forefront of enterprise risks.

“Similar to AI-enhanced malicious attacks, soft ransomware targets require minimal experience and cost to cause significant financial and reputational damage,” said Gamika Takkar, director, research in the Gartner Risk & Audit Practice.

During the second quarter of 2024, Gartner surveyed 274 senior risk executives and managers to document and compare emerging risks, which are those that hold higher uncertainty because their evolution is rapid, nonlinear, or both.

Three of the top five most cited emerging risks are in the technology category (see Table 1) and new concern regarding soft ransomware targets enter the tracker for the first time. Escalating political polarization, which first entered the tracker in 4Q23, held steady as the third most cited concern, while misaligned organizational talent profile moved up from the fifth to fourth most cited risk.

Table 1: Top Five Most Commonly Cited Emerging Risks in Q2 2024
[Image Alt Text for SEO]

Source: Gartner (JULY, 2024)

Causes of Soft Ransomware Targets

Soft ransomware targets include the types of systems that may be especially vulnerable to ransomware due to underinvestment or technical debt, leading to longer disruptions in business operations when attacks occur. The ease of carrying out such attacks, via what’s known as ransomware-as-a-service (RaaS), allows cybercriminals with even minimal experience and technical skill to deploy attacks at low cost.

“Ransomware-as-a-service lowers the barrier to entry for inexperienced cybercriminals who know just enough about how to attack and disrupt business operations, creating worse impacts than usual when attacks occur,” said Takkar.

Potential Consequences to Mitigate

The potential impacts of soft ransomware targets range from operational disruptions and delay of services, to increased exposure to multi-extortion (e.g., ransom demand follows threats of selling, publishing or permanently deleting data), to increased financial burden in the form of direct and indirect costs. Direct costs include ransoms, remediation, litigation, and public relations, while indirect costs, such as reputational damage and loss of intellectual property, also create burden on the organization.

“While operational disruption and increased costs are dire consequences of soft ransomware targets, the exposure to extortion can impact not just the organization itself, but any and all associated third-parties as well, further underscoring the importance of understanding and preventing such risk,” said Takkar.

Research points to Business Email Compromise as new frontier in AI-powered fraud
By:

A report has highlighted the ingenuity of cyber criminals in using AI to evade detection and maliciously scam individuals and enterprises, analysing 1.8 billion emails globally and detecting 226.45 million spam emails and 16.91 million malicious URLs to identify the email threat trends that impact enterprises the most. 

VIPRE Security Group’s Q2 2024 Email Threat Trends Report says BEC remains a major scourge. Nearly half (49%) of all detected spam emails are attributed to BEC scams, with the CEO, followed by HR and IT, being the most common targets. It takes on a more sinister complexion when a full 40% of the BEC emails uncovered were AI-generated, and in some instances, AI likely created the entire message. 

Q2 2024 saw twice as many evasive malicious attachments compared to the previous year, underlining the sophistication of modern email exploits. Entities without measures to detect these advanced threats could find themselves in hot water, facing double the risk compared to 12 months ago.

The research identified 16.91 million malicious URLs, a 74% rise from the previous year. This surge highlights the growing use of advanced evasion techniques by attackers.

Emerging trends in phishing and malspam 

Phishing remains a dominant threat with attackers favouring URL redirection and cloud-hosting services. Cloudflare Turnstile was the most commonly used technique (51%) in phishing emails. Cloudflare Turnstile is a free service designed to protect websites from malicious traffic and functions as an advanced CAPTCHA alternative. 

A significant shift in malspam tactics is observed. 86% of malspam emails used malicious links and only 14% contained attachments – a reverse of the Q1 2024 trend, where 78% of malspam emails contained malicious attachments, while only 22% used malicious links. This swing may be due to the increasing difficulty in detecting malicious links leading to seemingly legitimate websites that harbor infected links. 

Threat actors increasingly targeted the manufacturing sector with 25% of email attacks, followed by retail (which was absent from 2023’s targets) at 20% and real estate at 11%. Attackers appear to be focusing on industries perceived as lacking advanced cybersecurity measures. In 2023, finance led the way with 25% of email attacks, and manufacturing surged to 43% in Q1 2024, a top position the sector continues to hold. 

Regional spam sources 

The US continues to be the top contender when it comes to sending and receiving spam (receiving nearly half of all phishing emails), most likely thanks to its vast data center infrastructure. Consistent with last quarter, the UK was the second-largest source of spam, followed by Canada, Sweden, and Iceland; three countries that failed to make the list either last quarter or this time last year. 

“As AI technology advances, the potential for BEC attacks grows exponentially. Malefactors are now leveraging sophisticated AI algorithms to craft compelling phishing emails, mimicking the tone and style of legitimate communications,” Usman Choudhary, Chief Product and Technology Officer, VIPRE Security Group, says. “The next wave of BEC attacks could see attackers using AI to dynamically analyse and exploit real-time information, creating tailored and contextually accurate scams nearly indistinguishable from genuine correspondence. Enterprises must stay ahead by adopting robust AI-driven defenses and continuously educating their workforce on emerging threats.”

To read the full report, click here: VIPRE’s Email Threat Trends Report: Q2 2024.

HSBC, John Lewis, Sky and more will be attending the Fraud Prevention Summit – Will your organisation be joining them?
By:

The Fraud Prevention Summit enables you to network with peers, meet with leading suppliers & enjoy a series of seminar sessions – delegate places are going fast, so secure yours today to avoid disappointment!

Wednesday, 6th November 2024 | Hilton London Canary Wharf

As a fraud professional, you can attend for FREE – Secure your place here

Add your name to the guest list HERE, where you’ll be joining peers representing the likes of:

  • AS EU Ltd
  • Aspers Casino
  • Baxi Heating UK Ltd
  • Citi
  • Domestic & General
  • HSBC
  • John Lewis Partnership Plc
  • KFC
  • London Borough of Lambeth
  • PWC
  • Senior Plc
  • Sky
  • Tesco Mobile
  • Vanguard
  • Vanquis Bank
  • Virgin Atlantic Airways
  • Vitality
  • Which?

….And many more!

BOOK YOUR FREE PLACE!

As well as multiple opportunities to network with other industry professionals, your pass will also include:

Your own itinerary of 1-2-1 meetings with suppliers, access to our educational seminar programme presented by top industry speakers, lunch and refreshments throughout, personalised attendance options to suit your schedule, and more! – See what you can expect at the event >>>
 

To find out more, please get in touch with me and I will be happy to provide more information.