Tag: best fraud prevention blog

Is Credit Repair Fueling the Rise in Synthetic ID Fraud?
Doug wasn’t a very good credit risk. In fact, he defaulted on just about every credit card and loan he ever had. He was about as lousy as paying his bills as anyone out there and his credit score was below 500. But that didn’t stop him from walking into his local car dealership and buying a brand new $75,000, 2017 Cadillac Escalade, with zero money down.

He bragged about it on YouTube and offered to help others do exactly the same thing. He had a foolproof secret and a “contact” that could help anyone do the same thing.

So why would a car dealer give a brand new luxury car to this deadbeat when he never paid any of his bills?

From FICO Score 480 to 720 in 30 Days!

It turns out Doug wasn’t exactly telling the car dealer everything about himself. And maybe that was why they let him walk out of the dealership with the car and without putting a penny of his own money as a down payment.

A month earlier, Doug had seen a video on how he could improve his credit score with “tradelines”. For $1,000, he was promised that a well-known credit repair company could get his credit score to over 700.

So he paid $1,000, then did exactly what the credit repair company told him to do. 1 month later he was walking out of the dealership with his Escalade and he could not believe his luck.

But it didn’t just stop there. He applied for and received an exclusive Chase Sapphire Card, A Capital One Card, and a Discover Card. All in all, he had over $100,000 in credit limits and a $75,000 car loan with his crappy credit score of 480.

So how did the credit repair company work their magic? They used a time-tested questionable method of altering and disguising Brad’s true credit profile and replacing it with a synthetic identity that they tailor-made just for him.

In the end, this method made Doug’s credit score jump from an awful 480 to a fantastic credit score of 720 in less than 30 days. Armed with that new credit score, Brad was a brand new person with a great credit history.

The Slippery Slope of Credit Repair

I have a good credit score, but I wanted to see for myself how these credit repair companies can achieve so much success helping people with bad credit improve their scores so quickly.

So, I started with a Google Search – “How To Repair My Credit”

It turns out there were lots of legitimate credit repair companies out there that offered services to help consumers improve their credit by reducing their debt and removing inaccurate information from their credit bureaus.

But there were also some other services that offered to improve my credit just by having access to good tradelines that they could add to my credit bureau.

This process which is called “PiggyBacking” is the very shady but completely legal practice of boosting your credit score by having people you don’t know add you to their credit card accounts as an authorized user. When they add you, you get to share their FICO score. If they have a 720 FICO score, now you have the same score.

While this is perfectly legal, it does seem like misrepresentation, doesn’t it? You are essentially borrowing a random person’s payment history and claiming it as your own.

This is where credit repair starts to go down a slippery slope. As I investigated more, I was about to find out that many credit repair sites trick customers into committing full-scale fraud to improve their credit reports.

I Paid $19.95 To Learn From The Experts How To Improve My Credit

One website, in particular, caught my eye. It promised me for $19.95 they would teach me a fool proof method to improve my credit.

What the heck, I paid the $19.95 to see what they would recommend. What I received was a tutorial called, “CPN Program”. It came to me in a series of “How To” documentation that walked me through step by step instructions on how to repair my credit. This program was not a credit repair program at all

The only problem? It was no credit repair process at all. It was teaching me how to successfully commit Synthetic Identity Fraud! I could get in big trouble if I actually followed the directions in this guide. It was a step by step guide of how to completely change my identity, borrower other people’s credit scores and hide who I really was from lenders and card issuers.

The process to repair my credit followed the basic steps below.

Step 1 – Get A CPN Number

Credit Protection Numbers (CPN) are not issued by the Social Security Administration or any government agency. The tutorial advised me to CREATE MY OWN CPN number by constructing a fake SSN that would fit my age and location profile. They recommended I use this site to do it – SSN Decoder Site. The key they say is to find a social security number that has not been issued yet.

After I found a likely SSN that would work, I could validate the number on another site that receives updates from the social security administration – SSN Validator Site.

Step 2 – Get a New Phone

After you get a new SSN number. Then you will need a brand new phone number so that nothing can tie you back to your old credit report. They recommend using Google Voice to get a new phone number.

Step 3 – Get a New Email

As you set up your new identity, they recommend you get a completely new email so that nothing can tie back to the old you. They recommend Gmail, Yahoo or other free email services.

Step 4 – Choose a New Address

The service then recommends that I choose an address that I have never been associated with in any way in the past. They advise if an address is found to link back to me, it will be very likely that my new credit file will get linked back to my old credit profile.

Step 5 – Apply for Credit to Establish My New Credit File

They recommend that I apply for credit with an online auto lender or Fingerhut since those are the best for creating brand new credit identities. It’s ok if you are declined they say. The declined information will work to establish a new bureau in your name.

Step 6 – Apply for More Credit and Use Fictitious Information

The sixth step is applying for credit using bogus employment, income and job information. You should always use the following parameters on all of your applications
- Annual Income must range from $50,000-$80,000
- Your Time at Current Address is 5 Years 5 Months
- Your Type of job is = Self Employed
- Your Time on the Job Is 5 Years 5 Months
Step 7 – Buy Tradelines to Boost Your Score

The seventh step is to buy tradelines from $300 to $1000 by piggybacking off of other consumers good credit. While this particular tutorial didn’t sell them there are lots of tradeline brokers out there happy to help you commit your fraud scheme

A Whole System of Hiding Your Identity For Financial Gain

Synthetic Identity creation to give yourself a new lease on life is fraud. It just simply is. It is a misrepresentation. It is using a social security number that does not belong to you to apply for and receive credit. It is illegal and it can get you into a lot of trouble. It is a federal offense and it can land you in prison if convicted.

Check out this video of a pastor that promises to help people improve their credit but in the end aids them in creating these synthetic identities.

CPN’s Victimize Children

Many of the sites that claim to get you a legal CPN are doing no such thing. They are playing a guessing game and trying to find social security numbers of minors that have no credit bureau.

When they find a social security number that belongs to a child, they will give it you and advise that is your own legal CPN number. It is not. You are victimizing a child and potentially creating identity theft problems for them for many years.

If landing in prison is not enough of a deterrent, think about the poor kid that you are potentially defrauding. You might be wrecking their ability to get student loans when they try to get into college.

Synthetic Identity Cost the Industry Over $6 Billion Annually

The problem of Synthetic Identity is growing and it is a large problem. The Auriemma Consulting Group completed analysis which suggests that losses due to synthetic identity fraud topped $6 billion dollars last year.

The study found that Synthetic identity theft, a form of application fraud in which criminals use fake personas to abuse credit, is responsible for 5% of charged-off accounts and up to 20% of credit losses – or $6 billion last year alone – according to the firm’s analysis. The total is higher when store credit cards are considered, along with other products such as auto loans.

ID Analytics estimates that the problem of Synthetic Identity Fraud has doubled since 2011 when the Social Security Administration randomized their issuance of SSN’s making it easier for identity thieves to pinpoint numbers that have not been issued – similar to the tutorial that taught me how to find them.

Is Credit Repair Fueling Those Rises in Synthetic Identity

Legitimate credit repair agencies have been around for years and they do provide a valuable service. But more questionable companies appear to be masquerading as “credit repair” when they are nothing more than synthetic identity farms.

They entice consumers with false claims and lull them into creating synthetic identities that harm themselves, potentially exploits children and harms the lending industry. As those agencies get more successful, synthetic identity becomes a bigger problem that is more damaging each and every year.

In the end, everyone loses and good consumers end up paying higher fees and interest to cover the fraud.

I think a lot of good honest people out there are being convinced to create these synthetic identities because they think it is legal. They are being conned by clever fraud artist who are out to make a quick buck and are preying on their situation. They are not bad people. They are good people that are being conned into a crime.

I hope the industry will adopt new technologies, new processes and new regulations to put a stop to this shady practice.

Thanks for reading!
July 14, 2022
Don’t Ever Let Them Take Your Fraud Fighting Spirit

You were born to do this. You live for it. You’re a fraud fighter and you always have been. Whether you’re an investigator, fraud analyst, fraud manager, or fraud technology creator you love your job.

You bounce up out of bed in the morning ready to make a difference; ready to stop some bad guys and change the world.

You believe everything is possible. You know constant change and energy is essential to stopping fraud so you bring that energy to work every single day.

So you come up with new ideas and ways to stop fraud. You make recommendations for improvements. You identify new risk and trends and raise red flags if you see fraud trends brewing on the horizon. You educate your company, your industry and literally anyone that will listen on how to stop fraud.

And it is that energy and that spirit that drives change around you.

Many Will Fight You. Many Might Not Listen.

You are going to run across a lot of people that want to take your fraud fighting spirit. They are going to try to take away energy, and that enthusiasm away from you.

They won’t believe what you say. They will doubt your recommendations. They will say the risk is just not there. They will say, you’re imagining it. They will say you are wrong.

Whatever. Just know deep inside that you are not.

It might be people in the company you work for. It might even be your boss. Or maybe it’s your bosses boss.

Whatever. Don’t let them stop you.

It might even be the industry you work in. They just don’t want to adopt the changes. They want to stay with the status quo.

Whatever. Don’t let them stop you.

Don’t let the naysayers, the pessimist, the nonbelievers take away your spirit.

It might take months for the truth to be revealed. It might take years, but someday they will realize you are right. You will be proven right in the end. So don’t give up.

You Will Spend 80% Of Your Day Convincing Others To Do The Right Thing

Stopping fraudsters is the easy part of your job. The hardest part of your job is convincing people to let you do it.

In fact, if you’re like most fraud manager you will spend 80% of your day in meetings and conference calls trying to communicate to others in your company to let you do your job.

People will complain that you are blocking too many transactions. People will ask you to turn off fraud strategies. People will tell you why they don’t need fraud controls on a new product. People will tell you there is no budget for a new fraud technology or more staff.

Your job is to convince them all that they are wrong. And that’s why you need to bring your A game to work every day. Not only do you have to be a great fraud manager, but you have to be a great communicator, motivator, and leader too.

Why History Will Prove You Right

History proves fraud fighters and whistleblowers right in the end. And that is what should keep you going.

Every fraud fighter has a story of how they raised the red flag but were ignored.

Here are 4 fraud fighters that I greatly admire. Each had inspiring stories of how they raised the red flag and never wavered even when no one else would listen to them.

What is your story? Can you relate to these fraud fighters and their struggle?

Remember Your 3 SuperPowers

There are 3 superpowers that every fraud manager needs if they are going to be successful. Tenacity. Conviction. Optimism.

If you are a fraud manager you need to have thick skin and you need to wake up every day and remember that these 3 qualities will carry you through the day.

#1 Tenacity

Great fraud managers are tenacious. People tell them no hundreds of times. But they don’t care. It’s because most people hate change. They know that if they are going to change their company, the industry, or the world that they need to be tenacious.

#2 Conviction

Great fraud managers believe in themselves. They believe that fraud prevention is about the greater good – to protect consumers, to protect victims, to protect people around them. They have conviction in that belief and it drives them each and every day.

#3 Optimism

People don’t follow pessimist. The follow optimist. Great fraud managers know that they need perpetual optimism to get people to listen and to follow them. They are not complainers. They are doers. They are agents of positive change.

So when people try to take your fraud spirit away from you. Just remember these 3 traits and embody them. They will carry you through.

Always Remember Who You Are Fighting For

When times get rough. When you start to despair, just remember why you do this job in the first place – for the people you help.

Remember the victims – every time you stop a fraud case you are helping protect someone from the headache of fraud.

Remember the elderly – they are so often the victims of fraud and oftentimes you are the only one that might have their back.

Remember your family and friends – 40% of Americans will be victims of fraud in the next 2-5 years, that means almost everyone will be impacted – including your family and friends.

Remember consumers – when you stop a fraud your helping keep the cost down for everyone, protecting our economy and ensuring a viable financial system for all. That is something to be proud of.

Remember your company – they hired you to do this. So whether they like what you have to say or not, just remember it’s not only your passion, its what you get paid to do!

Thank you for all you do. And remember, don’t let anyone ever take away your fraud fighting spirit!

Thanks for reading!

May 3, 2022
10 Ways to Enlist an Army To Help You Fight Fraud

Cheats, scammers, and liars. Fraudsters are all of those things. And they are defrauding consumers at record levels. 2021 is going to be a record year for fraud – particularly against consumers.

Thanks to epically horrible data breaches, heightened fraud perpetrated by scammers during the pandemic and high rates of identity theft – no one is safe. All of our information has been exposed and we are all more vulnerable than ever.

It’s an all-out war

It’s an all-out fraud war. And fraudsters are winning. They’re winning because they are organized, faster and more nimble than banks.

But there is a way we can change that. We need to ENLIST AN ARMY to help us. We need millions of people to help us.

And that army is consumers – the people we do business with. Rather than preventing fraud by hiring a few fraud analyst to look at high high-risk accounts, why not enlist all of your customers to join us and stop the fraudsters. Let’s empower the consumer!

Who agrees with me? I think we can do this if we work together.

10 Ways to Raise An Army of Fraud Fighters

The empowered consumer is your best chance in the fight against fraud. You can hire 100 more fraud analyst or buy a multi-million dollar fraud-fighting technology but nothing is more powerful than getting your millions of customers to work with you.

Here are 10 ways that you can empower consumers to work with you, to be your Army of Fraud Fighters.

#1 – Give Consumers Control Of Their Debit Cards

Why not let customers turn their cards on and off? Wells Fargo did it. It protects me and makes me feel safe. If I am going out of the country and don’t plan on using my debit card, I can turn it off until I return.

If I can’t find my card and I don’t think it is stolen, I can turn off my card until I am sure. It’s brilliant!

#2 – Get Consumers to Install A Call Blocker

Robocalls, spammers, and fraudsters are contacting customers directly and scamming them out of billions of dollars. Once they reach a customer, they con them into sending large wire transfers or Itunes gift cards and the customers have no recourse.

There is a simple answer. Get consumers to protect themselves by putting a call blocker on their phone. I use ATT Call Protect, and I stop hundreds of IRS fraud attempts on myself a year from even getting through to me. It works!

#3 – Train Consumers to Use 2 – Factor Authentication Any Chance They Get

Everyone knows 2 Factor Authentication is a big pain in the butt. But do you know what is even more of a pain in the butt? – FRAUD. And losing all your money. Yeah, that is a real big pain the butt.

I use 2 Factor Authentication on everything I can. It has become a habit. It makes me feel safe because I am safer. I know it is not 100% foolproof but I know for a fact it makes me a harder target than someone that doesn’t have it.

Make your customers the victim of last resort. Everyone wins.

#4 – Get Consumers to Sign Up For Text Alerts And Spend Control Apps

Put more control in your consumer’s hands by letting them dictate what kind of information they receive about activity on their accounts.

There are some fantastic solutions out there that do just that very simply. It’s called CardValet from Fiserv and it puts total control in the consumer’s hands. They control the alerts, the way their card is used and how much information they receive.

# 5 – Educate Your Consumers Of The Most Common Scams

Education is power. And education is the key to stopping consumers from being scammed. Most consumers don’t even have knowledge of the most basic scams like Fake IRS Agents, or Romance Scams. And they lose billions to the same scam over and over.

Banks don’t take losses for scams. Customers do. But I believe banks of the future will look past this and help consumers anyway. Create an initiative. Educate your consumers with compelling and interesting materials on your website, in emails, and at the ATM machines. Tell them how to spot fraud so they don’t become a victim.

You can use this as a start.

#6 – Have Consumers Freeze Their Bureaus If They Are Worried

Brian Krebs recommends freezing your credit bureau. And Brian Krebs is the leading authority on cybersecurity. If he says it. I listen.

Consumers can freeze their bureaus. It puts them in control and with a PIN number, they can unlock it anytime they want credit.

If they don’t want to do that, I highly recommend a service such as LifeLock which can put the power into consumers hands. Is LifeLock Worth It? I think so – read here.

# 7 – Provide Extra Assistance To Former Victims and Elderly People

History shows, that your highest risk populations of being defrauded are people that have been defrauded before and elderly people.

So these are the most important people you need to enlist in your army. Check this out. According to ID Analytics people over 69 are 5 to 10 times more likely to be victims of fraud.

Set up a program to help people that have been defrauded before or who are at risk. Monitor their accounts more carefully. If they are not using their accounts, perhaps it is better for them to close the account completely or lock it to further activity.

#8 – Setup A Dedicated “Is This A Scam?” Hotline

In surveys, 50% of consumers that have been scammed advise that they felt like they were being scammed before they sent money to a fraudster.

They do it because they simply don’t have anyone to turn to ask a very basic question, “Is this a Scam or Not?” A dedicated scam line is like an emergency lifeline for customers. They can ask a professional whether or not something is suspicious.

A Scam Hotline could reduce fraud considerably by stopping scams before money is sent.

#9 – Educate Consumers on Password Protection

50% of consumers use the same password on their Facebook accounts, that they do on their Linkedin accounts and other services such as Uber, Amazon, and Netflix.

This is a really bad idea. A horrible idea actually, which puts consumers at heightened risk of identity theft, banking fraud, and online fraud. How bad of an idea is it? I would suggest you read this excellent article by Naked Security that analyzes the risk that consumers take on when they engage in this practice.

Setup an education program and monitor your own accounts to make sure consumers are not using dumb and common passwords across their accounts.

Here is a list of the 25 most common passwords based on billions of breached accounts. Make sure your customers are not using any of these.

# 10 – Help Consumers on Zero Balance Fraud Reports

Consumers get frustrated. They call the bank after they have been a victim of fraud but banks will tell them, there is nothing they can do if there is not a fraud loss.

Consumers feel helpless because they want to explain the fraud to someone and they want help figuring out who did it.

Setup a policy to listen to your customers, to explain how fraud cases work. Put them in touch with local law enforcement, postal inspectors or federal agencies. Make consumers feel like you appreciate their painful experience in fraud. It’s a perfect chance to educate them at a time when they are most in need.

Help Consumers, They Just Might Help You

Help consumers help themselves, and in the process, they might just end up helping you in return.

Raise an army of fraud fighters by equipping them with tools to protect against fraud attempts. Raise an army by educating them on the most basic scams. Raise an army helping them in their hour of most need.

Thank you for reading the blog. Good luck to you all!

September 18, 2021
Fraud Data Scientist – 7 Ways To Turbo Boost Your Models
Machine Learning is driving huge gains in efficiency and innovation in fraud detection. Behind those gains are Fraud Data Scientists – women and men that train machines to find fraud faster and more accurately by using vast databases of historic transactions to spot patterns of fraud.

I have always admired Fraud Data Scientist because they are smarter and more capable than I.

They also “Make the Magic Happen” – discovering those hidden fraud patterns in mountains of data that no one else can see. Behind almost every text alert, phone call, or notification you receive from a bank about potential fraud on your account is driven by models and scores built by these data scientists.

I Don’t Have Any Good Modeling Techniques For You

To be clear, I have no wise advice on how to use modeling techniques to improve your models. I don’t have a set of code or processes that can boost your model’s fraud detection beyond what you can achieve yourself. I don’t have a magic formula for you.

I am just a business expert. I have never built a model in my life. I do not have a Ph.D. I cannot code. And I am admittedly horrible at math.

So why would you ever listen to me? Because I think I can offer you something different. I use fraud models on a daily basis. I depend on them for my success. I am not a modeler but I am the biggest believer of machine learning out there.

I believe in them so much, I have even helped start up 2 Fraud Analytics Companies. I have seen models fail. And I have seen models exceed expectations wildly. And all the while, I learned new things.

You see, I can’t write a line of code but I do have a secret. The success of your model does not depend on your modeling skills alone. It can depend on other things that you may not have ever considered.

Let me tell you how I think you can boost your model performance now. Here are 7 Ways to Turbo Boost Your Model Performance.

#1 – Be A Fraud Expert First, A Data Scientist Second.

You cannot build a great fraud model if you don’t understand fraud. If you don’t understand how fraud works first, you will struggle when you start to analyze the data.

Don’t get me wrong. You might be able to build a good model that gets a reasonable lift. But I don’t think you can build a GREAT model.

Building a fraud model without understanding the fraud business is what we like to call a “kitchen sink model”. Throw every piece of data into the kitchen sink and just see what the model says. That just doesn’t work.

Become a fraud business expert first before you ever start working on your model. Sit down with fraud investigators and have them walk you through cases. Sit down with fraud analyst and review what they are finding. Interview fraud managers and discover their pain points in fraud. Spend 1-week diving into the intricacies of fraud before you ever open up the database.

Trust me – you will probably build the best fraud model of your life. You will avoid potential target leakers better. You will get ideas on how to better segment your model(s). You will understand how to design your model inputs and outputs so that the model can solve the pain points of the fraud team.

#2 – Put Hidden Fraud Examples Into Your Target Definitions

Any fraud model that exclusively uses fraud tags on detected fraud only is going to be flawed. If you want your models to perform you have to include undetected fraud into your models as well.

If you don’t do this, your models will fall into a self-fulfilling prophecy loop. What that means is that your model will really only predict what fraud analysts have thought was fraud in the past and not what it really was.

What I recommend to avoid this is to bake in alternative fraud tags such as “First Pay Default” or “Early Pay Default” so that you can find fraud that continues to make its way through the system undetected. Experts believe about 70% of early payment defaults or excessively over limit accounts are fraud.

#3 – Build Killer Modeling Presentations.

If you want your model to be a success you have to learn how to communicate the benefit of your model to fraud business experts.

That means PowerPoint or KeyNote should be in your modeling toolkit right along with R, Python and all of the other tools and platforms you use.

Most Data Scientists build their careers on becoming experts on communicating with machines. But they may overlook the fact that their ability to communicate with people is just as important.

If you want to boost your model success, learn how to build killer presentations that describe your model – how you built it, how it works, why it works, what the lift of the model is, what reduction in false positive the business will see and what ROI the model delivers to the business.

Tell people why they should care. Evangelize your Model!
- What data insights did you find that might surprise the fraud analyst?
- What are some of the features in your model that are most important?
- How much data did you use in your model?
- What does your lift chart show in terms of detection? How much better is that than what the analyst do today?
- What is the ROI of using your model?
- What recommendations do you have for use of the model in production?
If you do these things, the odds your model will be a success will increase substantially.

#4 – Build Actionable Output Into Your Fraud Models.

Most models fail because they do not translate to practical actions a business can take based on the model score.

Creating a score that has a correlation to fraud is not enough to make it work. You need to guide the business about what to do with the score.

If you give a Fraud Analyst a fraud score without any context it is just a number. It is meaningless.

There are two ways to make scores mean something.

A. Provide Reason Codes or Alerts – Provide alerts or reason codes that explain the features that had the most weight in the score. What made the score high?

B. Provide Recommended Actions – Based on the reason codes, what should the analyst do with that transaction? What are the steps they should take to mitigate the fraud?

Your model can be a black box, but make sure your output is transparent and clear. Make sure you design actionable output into your model.

#5 – Put Some Cheese on The Broccoli.

When you want a kid to eat broccoli, sometimes you have to put some cheese on it. Broccoli is good for you. Cheese is not. But it’s tasty!

Like broccoli is for kids. We all know that models and scores are good for a Fraud Operation – they can increase efficiency, reduce false positives and help banks and lenders scale their business without needing to hire armies of fraud investigators.

As a Fraud Data Scientist, don’t be afraid to put a little “cheese” your model. You can do that by overlaying some rules that the business experts really want in the score. Maybe those rules will not help the performance. But it will help you get your model accepted. So go ahead, put a little cheese on it.

#6 – Guide Your Model Into Operations.

Don’t throw your model over the fence to operations when you are done and hope that it works. There are so many things that can go wrong when you deploy a model:
- The input data could be corrupt or have missing fields that impact the scores.
- The operations group could reject the scores because they don’t understand them.
- The score could require tuning based on production data that you didn’t account for during the model build.
That is why it is important to guide your model into operations. Pilot the score. Turn the score on. Set the highest threshold and work high-risk transactions with the operations. Train them on what the score means so they can make the right interpretations.

When you are convinced that things are running smoothly, then you can move on to your next model.

#7 – Improve Your Models Continuously.

The best fraud model was never achieved on the first iteration. In fact, it can take many iterations and retries to get the best performing models.

The best approach I have found is to build several different iterations of the model until you get one you like. Have the scores reviewed by a fraud expert and get their feed back.

Then take that feedback and see if you can improve the results of the model. Never stop improving your models. You can get incrementally better models with time and persistence.

It’s an Art and A Science

Fraud Models are a little bit of art and a lot of science. You have to correctly blend the experience of fraud experts with the logic and statistical background of highly trained fraud data scientist.

It’s the collaboration between business experts and fraud data scientist that really make the models work. If you can achieve that tight collaboration you just might achieve surprising results.

Thank you for reading and let me know if you agree or disagree!
August 28, 2021
Digging Into The Patterns of Unemployment Fraud In Data
It’s hard to piece together exactly what is happening with the rash of unemployment fraud claims. It’s all over the news.

And just this week Washington State reported that their new unemployment filings dropped 68% when they implemented fraud controls.

It’s hard to believe that fraud controls could have such an immediate and substantial impact on their overall filings.

It raised an interesting question in my mind. Could fraud really be driving up the already massive increase in unemployment nationwide? Could the unemployment numbers be a bigger problem than just people losing their jobs?

Weekend Sleuthing for Fraud Nerds With Nothing Better To Do

One thing I can say about the lockdown – it gives us fraud nerds more time to devote to fraud sleuthing on the weekends since we can’t leave our homes.

I decided to dig into the numbers with an Accounting Fraud Expert and fellow fraud nerd – John Barkley – to see if we could get to the bottom of what’s going on with Unemployment fraud.

If we were going to find out, we were going to have to crunch some serious numbers so I needed a specialist to see if there was a pattern here.

So we got to work, and here are some interesting patterns John Barkley was able to find by analyzing publically available data about unemployment fraud and filing information from each state.

#1 – There Are No Centralized Unemployment Fraud Reporting Numbers So You Have to Dig

The first thing we found is that there is little reporting on unemployment fraud.

There are no national-level fraud reports that tell us the exact extent of the problem. It is completely up to each state to voluntarily report its numbers to the public.

We can only assume though it’s large. So large that the Secret Service and the FBI declaring it a sweeping problem that impacts states across the nation.

Firms like Agari, were able to sift through their own cybersecurity data signals and find patterns that linked unemployment claims to known Nigerian fraud rings.

Could we find fraud signals and information from other data sources to shine a light on the problem?

We found that we actually could. We were able to dig a bit deeper by looking at several sources
1. Articles that have appeared online – like this one.
2. Bureau of Labor statistics data – like the ones you can find here.
#2 – At Least 16 States Reported Rising Unemployment Fraud In The Last 14 Days

At least 16 states have admitted they have a problem. Some more than others. Most states are reporting that it’s organized crime rings from Nigeria perpetrating the scheme.

But fraud investigators and banks think it’s much broader than just Nigerian scammers. Telegram chat boards like Fraud World , AIO Crime, and Hustlers Forum have plenty of subscribers selling methods and engaging in unemployment fraud schemes.

Here are all the states that have reported being targeted by fraudsters:
- Washington
- Pennsylvania
- Rhode Island
- Massachusettes
- Oklahoma
- Arizona
- North Carolina
- Texas
- Michigan
- New Mexico
- Montana
- Florida
- Wyoming
- Nebraska
- Ohio
- Hawaii
#3 – There Are Over 224,000 Suspicious Claims in 9 States Alone

Of those states have reported being victimized by fraud, some have spoken to the press and given actual numbers of suspicious or even confirmed Red Flag claims.

It’s hard to know for sure, what the total number of confirmed fraud cases are but there were 224,842 suspicious or confirmed cases that we were able to estimate from articles in the press.

# 4 – Oklahoma Had An Unusual Filing Pattern in Late April – Does it Point To Fraud?

Fraud is always an outlier. So John Barkley started by analyzing each state to understand the timing of their peak unemployment claims. And he found something very interesting.

Unemployment claims across the US followed a consistent pattern. And that is that most states experienced their peak in unemployment claims the same week as the stay at home orders that were issued in their state.

That is most states except Oklahoma and Connecticut. Oklahoma, in particular, showed an unusual spike in Unemployment claims in late April, weeks after the stay at home orders were issued there.

Could this spike have been caused by Nigerian fraudsters submitting false claims to the state of Oklahoma? What would cause this abnormal submission of unemployment claims that peaked so long after the stay at home orders?

Could there be fraud at play?

The contrast between Oklahoma and the rest of the US becomes more evident when you compare how claims were filed in other states.

#5 – Florida and West Virginia Also Showed Late Spikes in Unemployment

Florida issued stay at home orders later than other states, but their unemployment claims did not spike until 2 weeks after the stay at home orders.

They are another case of a state not following the typical pattern.

West Virginia also showed a late spike that would make you take notice.

#6 – Did Washington Become Targets of Fraud in Mid April?

Barkley analyzed unemployment claims for Washington State against the US and noticed that unemployment filings in the state were trending downward until Mid April, and then began to rise again.

Did fraudsters begin to target Washington in Mid April? It’s hard to tell but this chart shows the reversal in the downward trend.

#7 – Do Big Differences in Jobs Lost vs Unemployment Claims By States Point to Fraud?

Each month, the Bureau of Labor statistics surveys 145,000 businesses to understand how many jobs have been lost across the US. This is information that comes directly from employers.

Unemployment claims, however, come directly from people that have been laid off.

In theory, the # of jobs lost in each state should track to the # of Unemployment claims. When they don’t, there has to be other things at play – fraud could be one of them.

Here are the top 10 states with the biggest gaps. Puerto Rico, Georgia, and Louisiana have the largest gaps.

Some of these states have reported being targeted by fraud rings (Oklahoma, Rhode Island, Pennsylvania).

#8 – Do Changes in State Rankings Show A Fraud Pattern?

Comparing how states ranked between 2019 to 2020 could also help identify states that had significantly higher unemployment rates than expected based on history.

The states that fared the worst were Hawaii, Vermont, and New Hampshire and all had dramatically higher unemployment rates than they experienced last year.

Interestingly, both Rhode Island and Oklahoma also made the Top 10 list of states that had the most significant worsening in unemployment rates. These two states have had multiple red flags for potential unemployment fraud in the data we analyzed.

You can view state unemployment rankings between 2019 to 2020 here Download

# 9 – Are More Generous States with Higher PayOuts At Greater Risk of Fraud?

One of the factors that would make a state more prone to targeting by fraudsters is the amount that they pay out on average.

Massachusetts and Hawaii would rank as very attractive to fraudsters with average payouts of over $540 each week.

Washington State which was one of the first states targeted by Nigerian fraudsters ranked #3 with an average weekly payout of $488.

Our Conclusion – Yes there are Patterns in the Data

So what did we learn? Well, it does appear that there are patterns in the data that point outliers in certain states. Those outliers may not always mean fraud. There could be completely legitimate reasons why a state’s numbers are out of whack.

It could be these states have more severe stay at home orders or have higher levels of workers in impacted industries – travel, hospitality, and service industries.

Nevertheless, here are some states that we should watch closely.

These are top states (other than Washington State) that might be experiencing higher levels of fraud than anticipated.

Interestingly enough, some states such as Oklahoma and Rhode Island have appeared as outliers in multiple areas. Perhaps they are states that have actively been targeted by more fraud rings than other states.
1. Oklahoma – an unusual late spike in claims and an unusual gap between jobs lost and unemployment claims and significant fall in unemployment ranking.
2. Puerto Rico – an unusual gap between jobs lost and unemployment claims
3. Georgia – an unusual gap between jobs lost and unemployment claims
4. Rhode Island – an unusual gap between jobs lost and unemployment claims and a significant fall in unemployment rankings.
5. Pennsylvania – an unusual gap between jobs lost and unemployment claims
6. Florida– an unusual late spike in claims
7. West Virginia -an unusual late spike in claims
Thank you for reading and thank you for John Barkley for providing this interesting analysis to Frankonfraud.com
June 1, 2020
Card Fraud Losses in UK Jump 19% – Highest Recorded

Fraud scoring company, FICO, released its annual interactive European Fraud Map, which shows that the UK’s card fraud losses hit a record £671 million in 2018. That’s a big jump, particularly since the UK had managed to reduce losses in 2017 by close to 8% the year before.

Fraud losses in the UK accounted for close to half of all of the losses tracked among 19 separate countries in Europe.

From FICO’s European Fraud Monitor

Despite the high losses, the UK’s rate of fraud is only tracking about 5 basis points which is significantly below the levels recorded between 2001-2005 before Chip cards were fully introduced in the country.

At that time, losses in the UK were higher basis points, but really only account for a little over £600 million

Fraud rate was higher in 2006 but volumes were lower

“The threat of fraud in the UK has been persistent and growing extensively over the past seven years,” said Matt Cox, vice president for fraud management solutions in Europe at FICO. “The sheer volume of attempted fraud has meant that, although more fraud is being prevented now than ever before, and that it’s being caught earlier in the attack cycle, the total value lost is still on the rise.”

Increased Cyber Attacks and Data Breaches in the Region

FICO was quick to point out that data breaches and cyber attacks might be to blame for the increased level of losses.

“Personal information lost in high-profile data breaches means it’s easier than ever for criminals to impersonate individuals and businesses, so we all need to be more vigilant – personally, and as an industry,” said Cox. “We’re seeing the continued growth and diversification of social engineering fraud, which uses techniques like vishing, phishing and whaling”

FICO provides Falcon Fraud Manager and Card Compromise Manager to help banks manage the growing risk of fraud.

FICO^® Card Compromise Manager offers real-time visibility into emerging and confirmed threats, identifies organized use of stolen data, and suggests the best course of action to mitigate losses. Card Compromise Manager uses the data held in the Falcon Intelligence Network – a consortium of over 9,000 financial institutions committed to global threat intelligence sharing and collaboration.

December 10, 2019
Every Fraud Vendor On One Handy Graphic Right Here

Confused about what fraud vendor to choose? How about taking a look at this slide to make it an even more daunting task!

IDC published a great slide that shows every single fraud vendor that you could work with. Well, they forgot to include PointPredictive on this list – so just about everyone.

Keep this for your future reference when someone ask you which vendor you should work with

July 7, 2019
Fraud Will Rise Again (And 10 Other Predictions for 2019)
2019 has arrived and you know what that means – it’s prediction time again. January is always a good time to look at what might be in store for the coming year so you can plan your strategies.

Most of Our Predictions Last Year Were on Target

Last year, Global Fraud Fighter Maryann Miller and I collaborated to create a Top 10 Fraud Trends for 2018. We got a lot of predictions right.
- We predicted P2P fraud rise – It did with high profile fraud cases on both Zelle and Venmo platforms making the news.
- We predicted shocking data breaches – They happened. Twitter, Facebook, Marriott and the Aadhaar breach in India put billions of breached records in fraudsters’ hands.
- We predicted Digital Identity would be significant – It was. Lexis acquired ThreatMetrix, and TransUnion acquired Iovation proving big companies would invest billions in that trend.
- We predicted big Bitcoin fraud – It happened. There were scores of high profile ICO fraud and exit scams, as well as coin thefts from both wallets and exchanges.
2018 was a great year to be a fraud practitioner. As fraud grows, the demand for good fraud investigators, fraud analysts, data scientists and fraud managers increases.

What’s in Store for 2019? I Called Global Fraud Fighter Maryann Miller

To answer that question, I reached out again to Maryann Miller and asked her if she wanted to come up with another list for the new year. She agreed and here is what we came up with.

Prediction #1 – Digital Document Verification for Fraud Will Eliminate The Dumb Fax Machine

Digital document verification is on fire. The space is so hot that McKinsey sized the potential market at between $10 and $20 billion annually. Digital document verification refers to technologies that enable consumers to snap photos of their identification with their cell phones rather than send in faxed copies.

Banks are abandoning their fax machines and darkened copies of drivers licenses, passports, and social security cards and opting in for digital document verification.

Companies including Mitek, ID Analytics, IDology, and Jumio, are leading the efforts to transform the industry in this space. In 2019, digital document verification will become a key component in the new account opening process for banks and lenders.

Prediction #2 – Self Sufficient AI and Machine Learning Will Be Strategic Initiatives for Banks

Machine Learning and Artificial Intelligence were the fraud buzzwords of 2018 and for good reason – the techniques have proven to be highly successful in combating fraud with the growing amount of data banks are collecting.

Leading-edge banks are looking to become more collaborative in the fraud scoring and modeling process. This is primarily due to the large increase in the number of data scientists and the fact that banks have finally begun to capture and retain huge data stores of their own fraud data.

Companies like Feedzai and Simility have responded by giving these banks tools to rapidly deploy their own models. In 2019, we expect more banks will add self-service AI to their strategic roadmaps and make investments in this type of technology.

Prediction #3 – Consumer Consent-Based Verifications Will Increase in Popularity

There is a powerful ally in the fight against fraud and it is the consumer. In 2019, banks and lenders will capitalize on this and shift their focus to enlisting consumers in the process of verification and validation.

Bank Statement Consent – Companies like Yodlee, FormFree, DecisionLogic and TurboPass enable consumers to give consent for their bank statements to be downloaded by lenders and banks to verify their employment, income and bank accounts.

Utility Bill Consent – New companies like Urjanet are enabling consumers to give access to their utility bills for verification of identity and proof of residence.

Banks and lenders will transform their verification processes to use these tools to streamline their underwriting and new account processes.

Prediction #4 – Mortgage Fraud Will Increase to Highest Level Since The Meltdown of 2009

Mortgage fraud is on the rise and it has been for a few years now. According to CoreLogic, the data and analytics company that produces the National Fraud Index, mortgage risk reached its highest level in 2017 since the meltdown in 2009. Their projections are based on millions of submitted applications annually.

For 2019, that trend shows no signs of slowing down. Mortgage lenders and banks should be prepared for the risk of fraud to be 1% (100 basis points) of all their applications.

Prediction #5 – Application and New Account Fraud Will Increase as First Party Fraud Drives Up Losses

First Party Fraud is driving application and new account fraud to higher levels and this increasing trend will continue into 2019. As homes and automobiles get more expensive, consumers will be more inclined to misrepresent information on their loans to qualify. And as interest rates rise in 2019 (making loans even more expensive), we expect that misrepresentation to increase even more.

Look for increases in application fraud in 2019 – in particular, income fraud which will drive up both auto and mortgage application fraud rates. Analysis by PointPredictive indicates that income-related misrepresentation increased over 24% during 2018 and the trend looks to go higher.

Prediction #6 – Mobile Fraud Losses Will Increase To 75% of All Fraud Transactions

Once the fraudsters found mobile fraud, they stayed in mobile fraud. Fraudsters have abandoned traditional brick and mortar channels and desktop and are now focused, in large part, on mobile. RSA reports that mobile fraud has increased by 600% over the last 3 years accounting for over 65% of fraud transactions.

The rise in mobile fraud is being spurred by apps such as ApplePay, Square, Venmo, Zelle, as well as the increased use of banks’ mobile apps which allow customers to deposit checks right on their phone.

In 2019, mobile fraud will continue its record-breaking growth and could increase to 75% of all fraud transactions.

Prediction #7 – Massive Internal Fraud Cases Will Come to Light

2018 ushered in one of the largest cases of internal fraud in history with the $1.8 Billion Dollar Punjab National Bank case where 3 employees were arrested for facilitating fraudulent loans for Nirav Modi.

And that case is just the tip of the iceberg. A large percentage of banks and lending companies have woefully inadequate internal fraud monitoring capability. As a result, most cases go undetected until loans default or the fraud becomes so large that the general public becomes aware – such as the Wells Fargo Ghost Account Fraud of 2016.

We predict similar large cases of internal fraud will come to light this year as interest rates rise, the economy tightens, and more loans default.

Prediction #8 – Over 4 Billion Data Records Will Be Breached

History is the best indicator of future performance and the number of breached data records is increasing year over year. While Gemalto has yet to publish statistics for the entire 2018 calendar year, there were already more than 3.3 billion records breached as of June.

Look for more massive data breaches in 2019. By all indications, it could be over 4 billion records.

Prediction #9 – Scam Victims Will Push Banks Fraud Losses Up

Consumers are being inundated by scam attempts at a rate never seen before. IRS Scams, Elderly Abuse Scams, Romance Scams, Impostor Scams, BEC and Bad Check scams all target consumers with the intent to drain their bank accounts. The problem has gotten so bad that the FBI repeatedly issued warnings to consumers several times during 2018.

While banks do not always reimburse for scams, they are having the effect of pushing the bank’s fraud departments to the brink. As an example, the rate of check fraud continues to increase even as legitimate check use tumbles to its lowest levels since checks were introduced to the banking system.

Look for scams to continue to impact banks’ fraud departments and losses in 2019.

Prediction #10 – Consolidation in the CNP Fraud Detection Market

According to Juniper Research, merchants will lose over $130 billion due to online fraud in the next 5 years. And they plan to spend big to stop that fraud. Juniper goes on to report that digital payment companies will spend $9.6 billion annually on fraud solutions.

To address the issue, throngs of technology and machine learning companies have entered the market to help solve the problem and Silicon Valley investors have poured hundreds of millions into those companies.

In 2019 or soon thereafter, there is likely to be consolidation in the CNP space through acquisition or merger as bigger companies look to acquire capabilities to address the massive CNP market as it grows. The most likely areas of consolidation would be in Chargeback Guarantee or Fraud Platforms for merchants.

Best of Luck To All You Fraud Fighters in 2019

So there you go. There are our predictions for 2019. Did we miss anything? We’d love to hear from you and what you think.

Special thanks to Maryann Miller for her collaboration on this blog post.
January 14, 2019
Has Auto Loan Fraud Replaced Car Theft In The US?

Thefts of cars have gone on a decades-long decline here in the United States. In 2003, there were more than 433 car thefts per 100,000 people. Today, the number of thefts has dropped to 215. That is a reduction in car thefts by over 50%!

FBI Crime Reports for Auto Theft

When it comes to car theft, our cars are safer and more protected than ever. Investments made to reduce car thefts are paying off big time. Car manufacturers invested so much in technology to deter auto theft that it worked. Engine immobilizers, LoJack, Keyless Entry, and a host of other advancements have virtually wiped out car theft across the US.

In fact, the only cars being stolen these days are older cars that don’t have the advanced technology. In fact, the most stolen car in the US is the 1997 Honda Accord.

I’ve always said, crooks are clever but they are the laziest people out there. They will always gravitate towards the easiest payoff. Thanks to the 1997 Honda Accords reliability it is one of the older cars that still function that does not have any of the new anti-theft technology.

As Car Thefts Plummet, Theft By Auto Finance Has Increased

So have the crooks given up on cars? Not a chance. They have just found far easier ways to get ahold of cars than breaking windows and jimmying the locks.

It’s called auto finance fraud. Crooks have discovered that they can go to any car dealership and armed with the right data, they can walk out with the keys to a brand new car. And it’s a big problem, increasing to over $6 billion in loans originated with misrepresentation each and every year. But it hasn’t always been this bad.

Auto lending fraud loss estimates have been climbing every year since 2009. As car thefts have declined, crooks have simply found an easier way to get the keys to cars.

What is Driving the Increase in Auto Finance Fraud?

The increase in auto finance fraud illustrates the “snake under the rug” principle of fraud. You can try to push down on the snake under the rug in one place, but it will simply move to another.

As car manufacturers invested heavily in anti-theft technology, crooks simply found an easier way – finance the cars. There has not nearly been the same investment in technology in auto finance as there has been in anti-theft.

And for fraudsters looking for a quick payoff, financing new cars is a no-brainer. Take for example how much fraudsters can get by financing a car here in the US and then shipping the cars over to foreign countries for sale.

New Technologies Emerging

One of the ways of reducing the problem of auto finance fraud is putting bigger hurdles in front of the fraudsters to make it more difficult for them to perpetuate their crimes. As we have seen, fraudsters are lazy and will gravitate towards the weakest link in the chain.

At PointPredictive we are applying AI to solve the problem by analyzing millions of applications and dealer activity to precisely identify which applications contain misrepresentations. So whether it is the identity, the income, the employment or misrepresentations about any of the information supplied – the AI can alert the lender to the fraudulent activity.

New technology can solve this problem and reverse the trend! Thanks for reading.

May 13, 2018
Hero Refunds $20,000 To Fraud Victims Brilliantly

You have to watch this video. This guy is a hero. He is a brilliant coder and managed to turn the table on scammers that were trying to steal his money through a tech support scam.

By utilizing a keylogger program he was able to turn the table on the scammer, get his bank account, log in and then refund all the prior victims money. Brilliant!

March 3, 2018
Counterfeit Card Fraud Drops 66%

Visa reports that counterfeit fraud is dropping like a rock.

According to a recent press release, Visa reports that chip technology is the reason for the drop. One of the leading factors was that chip technology is extremely effective in reducing counterfeit fraud, which was the leading type of fraud in the U.S. at the time. With EMV chip transactions continuing to grow in the U.S., counterfeit fraud volume decreased 66 percent at chip-enabled merchants in June 2017 compared to June 2015. U.S. financial institutions have issued 462 million chip cards to consumers, and 2.5 million, or 55 percent of U.S. storefronts, accept chip cards.

December 19, 2017
Scammed? Get Your Money Back From Western Union!
Wire Fraud is a growing epidemic here in the US. Fraudsters love it because they can con victims and get their money right away.

And Western Union has always been a favorite choice of fraudsters that want to get paid right away. It always seemed like Western Union is a sure thing. Fraudsters counted on Western Union because it seemed like there were no fraud controls to prevent the bad guys from scamming innocent people.

An Investigation Into Western Union Ended in A Settlement for Victims

Last year a joint investigation by the FTC, the Department of Justice (DOJ), and the U. S. Postal Inspection Service revealed that Western Union was not only negligent but that they were guilty of enabling Money Laundering.

The charges were brought by the Justice Department, the Federal Trade Commission, and the Treasury Department’s Financial Crimes Enforcement Network (FinCEN).

They span activity at Western Union from 2004 through 2012 and occurred globally in US, Mexico, Peru, UK, China and other countries.

Authorities slammed Western Union for money laundering, failing to do due diligence on foreign agents, failure to terminate high-risk locations and failure to implement appropriate fraud policies.

To give you an idea, Western Union filed 2,000 suspicious activity reports from a single location in China without shutting the location down.

Because of that investigation, Western Union agreed to pay $586 million and admitted to aiding and abetting wire fraud. DOJ is now using that money to provide refunds to people who were tricked into using Western Union to pay scammers.

Hallelujah for the little guy!

How Do You Do It?

To get your money back from Western Union, you need to file a claim by February 12, 2018. There are 2 ways to get your money back – 1) file a claim based on a pre-filled form you got in the mail from the attorney, or 2) file a claim at ftc.gov/wu. File your claim here if you did not receive a form.

The process is outlined very simply below by the FTC.

What Types of Scams Are Eligible?

If you were scammed and sent a wire transfer via Western Union between January 1, 2004 and January 19, 2017 you are eligible. Even if you did not file a fraud report to Western Union or you lost your paperwork, you can still get your money back.

And a wide variety of scams are covered under the settlement with Western Union including:
- Online or internet scams – you did not receive the items you tried to buy online
- Lottery or prize promotion scams – you were told you won a lottery or sweepstakes, but never got the prize
- Emergency or grandparent scams – you sent money to someone pretending to be a relative or friend in urgent need of money
- Advance-fee loan scams – you paid upfront fees, but did not get the promised loans
- Online dating or romance scams – you sent money to someone who created a fake profile on a dating or social networking website.
Be Patient, It Might Take a Year To Get Your Money Back

Many millions of people may file claims, so the FTC is going to take a long time to investigate them and get people back their money. It’s unlikely that people will get all their money back but they should get a little at least. I hope for the sake of those poor victims that they get most of their money back!
November 20, 2017
FBI Reports Home Closing Wire Fraud Is Spiking

There is explosive growth in wire fraud and it is coming from the most unlikely places – home closings.

The FBI is reporting an explosive increase in wire related fraud where hackers infiltrate real estate agents email accounts, send fake emails and convince homebuyers to wire hundreds of thousands of dollars to their accounts with the guise that it is closing funds.

The scam is so bad that the FBI is raising the warning bell and putting out an all points bulletin to make sure that homeowners aren’t scammed by the elaborate con.

In 2016, the FBI reported only $19 million in this type of wire fraud, but that has skyrocketed to over $1 Billion in reported losses through the first 9 months of 2017.

How the Scam Works

Imagine getting ready to close on your first home. It’s a beauty. It’s in the right neighborhood. It’s close to restaurants and you can even walk to get coffee in the morning. It was expensive, but you saved for years to buy it. If all goes well you will close in 2 days and move into your dream home.

The day before closing you get an email from your real estate agent. They send you wiring instructions and request that you send in $200,000 from your bank account to the bank and include the routing number.

The email might have appeared legitimate but it was all part of a sophisticated hacking scam that targets real estate agents.

Hackers will find real estate agent emails on the internet or their websites. They will then send carefully disguised emails that contain harmful links in them. If the real estate agent opens the link accidentally, it will install malware on their computer which gives the hackers full access to their computer.

The hackers will then monitor the agent’s emails and look for homes that are about to close. Right before the home closes, the hacker sends an email (from the real estate agents email) to the buyer instructing them to send a wire transfer to a fraudulent account.

Thanks for reading and watch out for those fraudsters!

November 7, 2017
1.4 Million New Phishing Sites A Month Fuel Fraud Epidemic

There are plenty of Phish in the Sea. According to Webroot, there are about 1.4 million new phishing sites created by fraudsters each and every month. And each of those sites is designed to cleverly steal valuable personal and banking information from you.

And the emergence of Phishing sites does not appear to be slowing down anytime soon. This year in May, over 2.3 million new phishing sites were created. That was the highest in recorded history according to Webroot.

91% of CyberAttacks Start With Phishing

The creation of a historically high number of phishing websites spells bad news for consumers and businesses alike. According to Darknet, 91% of all cyber attacks begin with an employee of a company clicking on a phishing email. Most employees are easily duped by these phishing emails. In simulations, about 1 in 5 employees would mistakingly click on phishing emails, putting their employers in grave danger.

Phishing is the driver of cyber attacks. The creation of more and more phishing URL’s means that fraudsters are increasing their attacks on both consumers and businesses.

Rise in Fraud, Tied to Phishing

There has been a pretty dramatic rise in fraud over the last 5 years which has been fueled in part by data breaches and phishing.

The FBI has reported that Business Email Compromise is the fastest type of reported fraud in the US with over $5 Billion in reported losses over the last several years.

These Business Email Compromises start with a phishing email and end with the fraudsters posing as executives requesting multi-million dollar wire transfers often destined to overseas accounts controlled by mules and cyberlords.

Shorter Than A Goldfish’s Memory

Goldfish can remember something for 3 seconds. Or about the amount of time it took for you to read these 2 sentences.

Phishing sites come and go almost as quickly. The average lifespan for a phishing site is 4-8 hours. Fraudsters spin up sites, then remove them just as quickly to avoid being placed on “blocklist” which are used by the industry to block sites that can harm consumers.

Short-lived sites are designed to evade detection by traditional anti-phishing strategies such as block lists. When only active for minutes or hours, they stay far ahead of lists of IP addresses and URLs suspected of malicious activities. Even if the lists are updated hourly, they are generally 3-5 days out of date. The answer to the question “Is this a phishing site” needs to come in milliseconds, not days. Webroot

Top 10 Most Phished Companies

The most impersonated companies on the web read like a list of who’s who of large companies.

#1 – Google (35%), #2 – Chase (15%), #3 – Dropbox (13%), #4 – PayPal (10%), #5 – Facebook , 7%), #6 – Apple (6%), #7 – Yahoo (4%), #8 – Wells Fargo (4%), #9 – Citi (3%), #10 – Adobe (3%).

Chase is the most phished bank in the country by 4 time the next closes bank Wells Fargo

Companies Must Turn to RealTime Machine Learning

Webroot spells out their recommendations for businesses to adapt to these changing patterns of fraudsters and it heavily relies on real-time machine learning.

Webroot believes automation based on sophisticated machine learning models is the only effective way to minimize the time between the first sign of a threat, and full protection. By checking each requested page, each time it is requested, the model can make an instant assessment of the probability that it is related to phishing.

Rather than assuming that a previously-benign site is still benign, the model correlates characteristics of the site with contextual information such as recent IP reputation scores, returning a verdict that the organization can use to take automated action.

Short-lived sites designed to evade detection are no match for sophisticated machine learning solutions at scale that can prevent phishing—the number one cause of breaches.

September 24, 2017
This Fraudster Opened 8,000 Accounts, Made Millions!

Forty-six year old Kenneth Gilbert Gibson of Reno Nevada opened 8,000 fraudulent accounts in a scam for the ages.

His accounts included fraudulently opened PayPal credit accounts, bank accounts, and prepaid credit and debit card accounts he created with stolen identities.

After opening the 8,000 accounts, he used the accounts to transfer, $3.5 million to himself via checks electronic transactions to about 500 bank accounts and pre-paid debit cards owned and under his control.

In court yesterday, he pleaded innocent of all the charges. But he could be in trouble if he is convicted.

He now faces over 60 years in prison for his alleged crimes. He was arrested after a massive investigation by over 4 different law enforcement agencies; the Reno Police Department, the FBI, the Secret Service, the IRS and the Postal Inspection Service.

If convicted, the defendant faces a statutory maximum penalty of 20 years in prison and a $250,000 fine for the wire fraud and mail fraud counts; a statutory maximum penalty of 30 years in prison and a $1,000,000 fine for the bank fraud counts; a statutory maximum penalty of 10 years in prison and a $250,000 fine for the access device fraud counts; and a statutory maximum penalty of two years in prison for the aggravated identity theft counts.

There are not many details available publically yet but I am fascinated to learn how a guy can open 8,000 fraudulent accounts and not get discovered earlier!

September 16, 2017