It is an undeniable fact that when it comes to detecting, preventing and investigating fraud and other security incidents, data and evidence are vitally important if accuracy is to be ensured. Something that cannot be denied is that a thorough investigation is required when fraud is suspected.
This seems an obvious statement, doesn’t it? But when you consider just how little South African (and international) companies are doing to spruce up their security measures or put systems in place to prevent and reduce fraud, it would seem that they don’t appear to be considering these vitally important aspects.
identifying and detecting fraud every step of the way
By looking at how a user signs up for an account on an e-commerce site or with a bank, we can show how fraud can be identified and detected step by step by taking data and evidence into consideration.
step 1: the creation of an account
This is the first step that a user takes and sadly, it is often overlooked during fraud detection processes. It’s undeniably challenging for e-commerce businesses and financial services to immediately determine what a legitimate and fraudulent account creation looks like. By looking at the user data, behavioural data, and environmental data of a user across various online applications over time, fraud analysts can understand the intent of a new sign-up and potentially stop it in its tracks.
step 2: user logins
How a user logs in, what time of day they log in, how often they log in and what devices they use to log in can provide a lot of meta-data. By analysing these parameters, it is easier to tell if someone is a legitimate user or a fraudulent user. For instance, an account that has several “wrong password” attempted logins before eventually getting the correct one should raise a red flag.
step 3: how data is requested
When a user signs up for an account, their typical behaviour can be closely monitored. If it isn’t, fraud analysts could miss out on important detection opportunities. For instance, a user is likely to behave in a similar manner every time they use their account. If they start requesting data that they don’t usually, or a change in their account behaviour is noticed, it should be further investigated.
step 4: sudden addition of a new account
A big red flag is the addition of a new account for money transferals which should be investigated more closely. Fraudsters often add a new account to transfer funds out of the main account that they have hacked or hijacked. Watching for this is an important part of the step by step process to identifying and detecting fraud.
step 5: the environment used for logging on
The environment where a user accesses his or her account from is something that should be monitored. When it comes to fraud, if a user accesses his/her account from many different environments, it could be a sign of foul play. Also, if more than one user is accessing a certain service from the same environment, it could be a further sign that something isn’t quite right. Fraud analysts can gain a lot of insight by monitoring this.
be alert & aware of potential fraud this year
With 2021 already a couple of weeks old, and corruption and fraud top of mind, many companies are spending time improving on their security systems. If you are thinking about upgrading your data security, take some time to consider how you can identify, detect and thwart fraud before it happens, by taking a closer look at the above-mentioned parameters within your business environment.
A secure online backup service for offsite protection of your data is a good place to start!