Gilit Saporta,
Shoshana Maraney
Practical Fraud Prevention
Fraud and AML Analytics for Fintech and eCommerce, using SQL and Python
Paperback Engels 2022 1e druk 9781492093329Verwachte levertijd ongeveer 16 werkdagen
Samenvatting
Over the past two decades, the booming ecommerce and fintech industries have become a breeding ground for fraud. Organizations that conduct business online are constantly engaged in a cat-and-mouse game with these invaders. In this practical book, Gilit Saporta and Shoshana Maraney draw on their fraud-fighting experience to provide best practices, methodologies, and tools to help you detect and prevent fraud and other malicious activities.
Data scientists, data analysts, and fraud analysts will learn how to identify and quickly respond to attacks. You'll get a comprehensive view of typical incursions as well as recommended detection methods. Online fraud is constantly evolving. This book helps experienced researchers safely guide and protect their organizations in this ever-changing fraud landscape.
With this book, you will:
- Examine current fraud attacks and learn how to mitigate them
- Find the right balance between preventing fraud and providing a smooth customer experience
- Share insights across multiple business areas, including ecommerce, banking, cryptocurrency, anti-money laundering, and ad tech
- Evaluate potential risks for a new vertical, market, or product
-Train and mentor teams by boosting collaboration and kickstarting brainstorming sessions
- Get a framework of fraud methods, fraud-fighting analytics, and data science methodologies
- Show and hide more
Specificaties
ISBN13:9781492093329
Trefwoorden:fraude, Programmeren, SQL (Standard Query Language), Python, AML Analytics
Taal:Engels
Bindwijze:paperback
Aantal pagina's:350
Uitgever:O'Reilly
Druk:1
Verschijningsdatum:31-3-2022
Hoofdrubriek:IT-management / ICT
Lezersrecensies
Wees de eerste die een lezersrecensie schrijft!
Inhoudsopgave
Foreword
Preface
Introduction to Practical Fraud Prevention
How to Read This Book
Who Should Read This Book?
Conventions Used in This Book
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Part I. Introduction to Fraud Analytics
1. Fraudster Traits
Impersonation Techniques
Deception Techniques
Social Engineering
The Dark Web
Fraud Rings/Linking
Volatility
Card and Account Testing
Abuse Versus Fraud
Money Laundering and Compliance Violations
Summary
2. Fraudster Archetypes
Amateur Fraudster
Cookie-Cutter Fraudster
Gig Economy Fraudster
Psychological Fraudster
Product-Savvy Fraudster
Tech-Savvy Fraudster
Bot Generator
Hacker
Organized Crime Fraudster
Distinction Between Organized Crime and Cookie-Cutter Fraudsters
Small But Organized Crime
Friendly Fraudster
Pop Quiz
Summary
3. Fraud Analysis Fundamentals
Thinking Like a Fraudster
A Professional Approach to Fraud
Treat Categories with Caution
Account Versus Transaction
The Delicate Balance Between Blocking Fraud and Avoiding Friction
Profit Margins
Maintaining Dynamic Tension
The Psychological Cost
Tiers of Trust
Anomaly Detection
Practical Anomaly Detection: Density Case Study
Crises: Planning and Response
Economic Stress Affects Consumers’ Situations—and Decisions
Prepare for Shifts in User Behaviors
Interdepartmental Communication and Collaboration
Friendly Fraud
Summary
4. Fraud Prevention Evaluation and Investment
Types of Fraud Prevention Solutions
Rules Engines
Machine Learning
Hybrid Systems
Data Enrichment Tools
Consortium Model
Building a Research Analytics Team
Collaborating with Customer Support
Measuring Loss and Impact
Justifying the Cost of Fraud Prevention Investment
Interdepartmental Relations
Data Analysis Strategy
Fraud Tech Strategy
Data Privacy Considerations
Identifying and Combating New Threats Without Undue Friction
Keeping Up with New Fraud-Fighting Tools
Summary
5. Machine Learning and Fraud Modeling
Advantages of Machine Learning
The Challenges of Machine Learning in Fraud Prevention
Relative Paucity of Data
Delayed Feedback and Overfitting
The Labeled Data Difficulty
Intelligent Adversary
Explainability, Ethics, and Bias
Dynamic Policies and the Merits of Story-Based Models
Data Scientists and Domain Experts: Best Practices for a Fruitful Collaboration
Working Well Together
Popular Machine Learning Approaches
Accuracy Versus Explainability and Predictability
Classification Versus Clustering
Summary
Part II. Ecommerce Fraud Analytics
6. Stolen Credit Card Fraud
Defining Stolen Credit Card Fraud
Modus Operandi
Identification
Mismatched IP
Repeat Offender IP
Nonunique IPs
Masked IP
Warning: The Reliability of IP Analysis May Vary Depending on Locale
Mitigation
Example 1: Using IP Geolocation to Identify Legitimate Hotel IPs
Example 2: Using IP Traffic Trends to Identify Fake-Hotel IPs
Example 3: Using Hierarchy in Variable Design
Using Hierarchy in IP Typology Variable Design
Summary
7. Address Manipulation and Mules
So Many Different Ways to Steal
Physical Interception of Package: Porch Piracy
Physical Interception of Package: Convince the Courier
Send Package to a Convenient Location: Open House for Fraud
Send Package to a Convenient Location: Reshippers
Remote Interception of Package: Convince Customer Support
Remote Interception of Package: AVS Manipulation
Mule Interception of Package
More Advanced: Adding an Address to the Card
More Advanced: Adding an Address to Data Enrichment Services
More Advanced: Dropshipping Direct/Triangulation
Identification and Mitigation
Open House
Mules
Reshippers
Summary
8. BORIS and BOPIS Fraud
Identification and Mitigation
Pickup and Return: Educating Employees Outside Your Department
Policy Decisions: Part of Fraud Prevention
Online Identification and Mitigation
Summary
9. Digital Goods and Cryptocurrency Fraud
Definition and Fraudster MO
Ticketing Fraud
Gift Card Fraud
Social Engineering
Identification and Mitigation
Summary
10. First-Party Fraud (aka Friendly Fraud) and Refund Fraud
Types of Friendly Fraud
Genuine Mistake
Family Fraud
Buyer’s Remorse, Customer Resentment, and Mens Rea
Fraud Versus Abuse
The Tendency to Tolerate Abuse
Reseller Abuse
Refund Fraud
Identification and Mitigation
Identification
Mitigation
Summary
Part III. Consumer Banking Fraud Analytics
11. Banking Fraud Prevention: Wider Context
Differences Between Banking and Ecommerce
The Context of Cybercrime
Social Engineering in Banking
A Note on Perspective
Deepfakes: A Word of Warning
Summary
12. Online Account Opening Fraud
False Accounts: Context
Identification and Mitigation
Asking Questions, Mapping the Story
Document Verification
Customer Personas
Data Retention
Summary
13. Account Takeover
ATO: Fueled by Stolen Data
The Attack Stages of ATO
The Advantages of ATO
Overlay Attacks
Identification and Mitigation
Biometrics
Multifactor Authentication
Device Fingerprinting
Network Context
Customer Knowledge
Dynamic Friction
Example: Identifying a Trusted Session
Summary
14. Common Malware Attacks
Types of Malware Attacks
As Part of Phishing Attacks
Malware with Social Engineering
Identification and Mitigation
Collaboration Is Key
Anomaly Detection
Summary
15. Identity Theft and Synthetic Identities
How Identity Fraud Works
Identification and Mitigation
Linking
Collaboration
Summary
16. Credit and Lending Fraud
Nonprofessional Fraudsters Engaging in Credit and Lending Fraud
Professional Fraudsters and Credit and Lending Fraud
Buy Now Pay Later Fraud
Identification and Mitigation
Summary
Part IV. Marketplace Fraud
17. Marketplace Attacks: Collusion and Exit
Types of Collusion Attacks
Money Laundering
Feedback Padding and Scams
Incentives and Refund Abuse
Selling Illegal Goods
The Gig Economy of Fraud
Identification and Mitigation
Why Proximity Is Different in Marketplaces
Thinking Beyond Immediate Fraud Prevention
Summary
18. Marketplace Attacks: Seller Fraud
Types of Seller Fraud
Seller Slipup Segues into Fraud
Scams
Dubious Goods
Identification and Mitigation
Seller Slipup Segues into Fraud
Scams
Dubious Goods
Summary
Part V. AML and Compliance Analytics
19. Anti–Money Laundering and Compliance: Wider Context
AML Challenges and Advantages
Summary
20. Shell Payments: Criminal and Terrorist Screening
How Shell Payments Work
Identification and Mitigation
Criminal and Terrorist Screening
Summary
21. Prohibited Items
Identification and Mitigation
Summary
22. Cryptocurrency Money Laundering
Cryptocurrency: More Regulated Than You Think, and Likely to Become More So
The Challenge of Cryptocurrency Money Laundering
Identification and Mitigation
KYC: Combating Money Laundering from the Start
Beyond KYC
Summary
23. Adtech Fraud
The Ultimate Money Maker
Beyond Bot Detection: Looking into Invisible Ads
Bot Identification in Adtech and Beyond
Summary
24. Fraud, Fraud Prevention, and the Future
Collaboration in the Era of “The New Normal”
Index
About the Authors
Preface
Introduction to Practical Fraud Prevention
How to Read This Book
Who Should Read This Book?
Conventions Used in This Book
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Part I. Introduction to Fraud Analytics
1. Fraudster Traits
Impersonation Techniques
Deception Techniques
Social Engineering
The Dark Web
Fraud Rings/Linking
Volatility
Card and Account Testing
Abuse Versus Fraud
Money Laundering and Compliance Violations
Summary
2. Fraudster Archetypes
Amateur Fraudster
Cookie-Cutter Fraudster
Gig Economy Fraudster
Psychological Fraudster
Product-Savvy Fraudster
Tech-Savvy Fraudster
Bot Generator
Hacker
Organized Crime Fraudster
Distinction Between Organized Crime and Cookie-Cutter Fraudsters
Small But Organized Crime
Friendly Fraudster
Pop Quiz
Summary
3. Fraud Analysis Fundamentals
Thinking Like a Fraudster
A Professional Approach to Fraud
Treat Categories with Caution
Account Versus Transaction
The Delicate Balance Between Blocking Fraud and Avoiding Friction
Profit Margins
Maintaining Dynamic Tension
The Psychological Cost
Tiers of Trust
Anomaly Detection
Practical Anomaly Detection: Density Case Study
Crises: Planning and Response
Economic Stress Affects Consumers’ Situations—and Decisions
Prepare for Shifts in User Behaviors
Interdepartmental Communication and Collaboration
Friendly Fraud
Summary
4. Fraud Prevention Evaluation and Investment
Types of Fraud Prevention Solutions
Rules Engines
Machine Learning
Hybrid Systems
Data Enrichment Tools
Consortium Model
Building a Research Analytics Team
Collaborating with Customer Support
Measuring Loss and Impact
Justifying the Cost of Fraud Prevention Investment
Interdepartmental Relations
Data Analysis Strategy
Fraud Tech Strategy
Data Privacy Considerations
Identifying and Combating New Threats Without Undue Friction
Keeping Up with New Fraud-Fighting Tools
Summary
5. Machine Learning and Fraud Modeling
Advantages of Machine Learning
The Challenges of Machine Learning in Fraud Prevention
Relative Paucity of Data
Delayed Feedback and Overfitting
The Labeled Data Difficulty
Intelligent Adversary
Explainability, Ethics, and Bias
Dynamic Policies and the Merits of Story-Based Models
Data Scientists and Domain Experts: Best Practices for a Fruitful Collaboration
Working Well Together
Popular Machine Learning Approaches
Accuracy Versus Explainability and Predictability
Classification Versus Clustering
Summary
Part II. Ecommerce Fraud Analytics
6. Stolen Credit Card Fraud
Defining Stolen Credit Card Fraud
Modus Operandi
Identification
Mismatched IP
Repeat Offender IP
Nonunique IPs
Masked IP
Warning: The Reliability of IP Analysis May Vary Depending on Locale
Mitigation
Example 1: Using IP Geolocation to Identify Legitimate Hotel IPs
Example 2: Using IP Traffic Trends to Identify Fake-Hotel IPs
Example 3: Using Hierarchy in Variable Design
Using Hierarchy in IP Typology Variable Design
Summary
7. Address Manipulation and Mules
So Many Different Ways to Steal
Physical Interception of Package: Porch Piracy
Physical Interception of Package: Convince the Courier
Send Package to a Convenient Location: Open House for Fraud
Send Package to a Convenient Location: Reshippers
Remote Interception of Package: Convince Customer Support
Remote Interception of Package: AVS Manipulation
Mule Interception of Package
More Advanced: Adding an Address to the Card
More Advanced: Adding an Address to Data Enrichment Services
More Advanced: Dropshipping Direct/Triangulation
Identification and Mitigation
Open House
Mules
Reshippers
Summary
8. BORIS and BOPIS Fraud
Identification and Mitigation
Pickup and Return: Educating Employees Outside Your Department
Policy Decisions: Part of Fraud Prevention
Online Identification and Mitigation
Summary
9. Digital Goods and Cryptocurrency Fraud
Definition and Fraudster MO
Ticketing Fraud
Gift Card Fraud
Social Engineering
Identification and Mitigation
Summary
10. First-Party Fraud (aka Friendly Fraud) and Refund Fraud
Types of Friendly Fraud
Genuine Mistake
Family Fraud
Buyer’s Remorse, Customer Resentment, and Mens Rea
Fraud Versus Abuse
The Tendency to Tolerate Abuse
Reseller Abuse
Refund Fraud
Identification and Mitigation
Identification
Mitigation
Summary
Part III. Consumer Banking Fraud Analytics
11. Banking Fraud Prevention: Wider Context
Differences Between Banking and Ecommerce
The Context of Cybercrime
Social Engineering in Banking
A Note on Perspective
Deepfakes: A Word of Warning
Summary
12. Online Account Opening Fraud
False Accounts: Context
Identification and Mitigation
Asking Questions, Mapping the Story
Document Verification
Customer Personas
Data Retention
Summary
13. Account Takeover
ATO: Fueled by Stolen Data
The Attack Stages of ATO
The Advantages of ATO
Overlay Attacks
Identification and Mitigation
Biometrics
Multifactor Authentication
Device Fingerprinting
Network Context
Customer Knowledge
Dynamic Friction
Example: Identifying a Trusted Session
Summary
14. Common Malware Attacks
Types of Malware Attacks
As Part of Phishing Attacks
Malware with Social Engineering
Identification and Mitigation
Collaboration Is Key
Anomaly Detection
Summary
15. Identity Theft and Synthetic Identities
How Identity Fraud Works
Identification and Mitigation
Linking
Collaboration
Summary
16. Credit and Lending Fraud
Nonprofessional Fraudsters Engaging in Credit and Lending Fraud
Professional Fraudsters and Credit and Lending Fraud
Buy Now Pay Later Fraud
Identification and Mitigation
Summary
Part IV. Marketplace Fraud
17. Marketplace Attacks: Collusion and Exit
Types of Collusion Attacks
Money Laundering
Feedback Padding and Scams
Incentives and Refund Abuse
Selling Illegal Goods
The Gig Economy of Fraud
Identification and Mitigation
Why Proximity Is Different in Marketplaces
Thinking Beyond Immediate Fraud Prevention
Summary
18. Marketplace Attacks: Seller Fraud
Types of Seller Fraud
Seller Slipup Segues into Fraud
Scams
Dubious Goods
Identification and Mitigation
Seller Slipup Segues into Fraud
Scams
Dubious Goods
Summary
Part V. AML and Compliance Analytics
19. Anti–Money Laundering and Compliance: Wider Context
AML Challenges and Advantages
Summary
20. Shell Payments: Criminal and Terrorist Screening
How Shell Payments Work
Identification and Mitigation
Criminal and Terrorist Screening
Summary
21. Prohibited Items
Identification and Mitigation
Summary
22. Cryptocurrency Money Laundering
Cryptocurrency: More Regulated Than You Think, and Likely to Become More So
The Challenge of Cryptocurrency Money Laundering
Identification and Mitigation
KYC: Combating Money Laundering from the Start
Beyond KYC
Summary
23. Adtech Fraud
The Ultimate Money Maker
Beyond Bot Detection: Looking into Invisible Ads
Bot Identification in Adtech and Beyond
Summary
24. Fraud, Fraud Prevention, and the Future
Collaboration in the Era of “The New Normal”
Index
About the Authors
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan
