The End of Massive Fraud Attacks
In little more than two hours on the morning of May 15, 2016, criminals in Japan stole 1.4 Billion yen ($13 million in U.S. dollars). They accomplished this feat by targeting ATMs in 7-Eleven convenience stores and making an estimated 14,000 withdrawals. The fraudsters used card information taken from a South African bank.
A Bustling Criminal Industry
Data breaches like the one that enabled this attack were on the rise through the early months of 2016, according to the Identity Theft Resource Center. In fact, data breaches leading to financial loss seem to have become an underworld industry on its own.
One side of this industry is comprised of criminal hackers who first gain access to data by locating a vulnerability in a system or creating one with malware. They then expose information such credit card numbers, passwords, social security numbers and confidential records. Their methods have now become extremely sophisticated; they can take advantage of zero-day vulnerabilities in systems, target employees in spear phishing campaigns and operate through more than one channel to achieve their goals. For instance, a Florida debit card processor suffered $13 million in losses in 2011 when hackers accessed its database, increased the withdrawal limits on cards and then produced cloned cards.
The industry’s other side is comprised of the users of this stolen data. Hackers routinely sell large volumes of stolen card information and other personal data via Dark Web forums. The higher the credit limit on a card, the more profit the fraudster can reap. As in the aforementioned cases, it can even be possible to forge physical cards with the necessary insider resources. Apart from just card payment fraud, this data can also be used to take over someone else’s existing account or for inventing a synthetic identity to open a new one — types of fraud that can inflict massive damage and go undetected for even longer periods of time.
Building An Attack Defense Shield
As the incidence of data breaches increase, so do the occurrences of ‘massive attacks’ like the one to the ATM network in Japan. Because the nature of the threat is intensely contained within a few hours, even the most popular fraud detection solutions are often caught unaware or realize an attack in progress only after it is too late.
Even while fraud solutions might flag these transactions as suspicious, these are still evaluated by human analysts who work in teams investigating fraud cases, often load-balancing the work without seeing the full picture and thereby unable spot a major problem until it’s too late.
What’s needed is a system that can see everything across a network — all transactions, via all channels, in real-time to spot the patterns that signal a co-ordinated attack. A system that would trigger high severity DEFCON-1 type alerts to warn a financial institution about an ongoing attack and offer a way to stop it in its tracks. Within a sea of business-as-usual alerts, for these to work, they have to be right when they trigger.
This means being right in detecting an extremely improbable event, in one such card network, such attacks occur about once per 600 Million transactions, twice as unlikely as winning the Powerball Jackpot!
And for the past one year, we’ve been working on exactly this technology. Feedzai’s Massive Attack Detector, a new addition to Feedzai’s existing fraud detection capabilities, is a module operating alongside the transactional fraud monitoring solution and catches massive fraud attacks with extreme precision. It uses proprietary algorithms that leverage concepts of link analysis to compute data across millions of transactions per second.
The first time we tested it in the field (at a certain network), the system was able to detect two major attacks just in the first 12 hours of turning the system on! Alerts were escalated up to the CEO of the network and law enforcement authorities were promptly notified.
Without Feedzai both financial and reputational losses would have been far greater and it would have taken much longer to detect the attack — by which time the damage would have been done.
With significant sums of money and brand reputation on the line, it’s vital to act decisively and right in the moment. At Feedzai we are constantly innovating state-of-the-art new technologies for this brave new world of commerce. Contact us to learn more about how we can help you.
Written by Ajit Ghuman, Director of Product Marketing, Feedzai, Inc.
I lead Feedzai’s Product Marketing for enterprise and financial services customers. I’m excited about the massive impact that the next generation of machine learning based platforms are having in the market. I joined Feedzai from another software firm in the Big Data and Machine Learning space where we grew from 115 to 901 employees. At Feedzai, I’m firing up the growth rocket engines again and having fun doing it.