As we begin to close the door on the year, I wanted to share some updates from our Fraud Fighters Forums. To set the stage, folks on various Risk, Spam, Community Integrity, and Trust & Safety teams often tell us that the profession of fraud fighting can feel a bit isolating. Our Forums were created to provide a space for people on the front lines to share best practices and network with others in their shoes.

For example, think about how many people in total are at your company. How many are focused on product growth, engineering, customer support, product marketing, etc. versus risk, fraud, and abuse? The math quickly reveals that the odds are not in your favor. Thus the Fraud Fighters Forum was born to give folks a platform to share stories, insights, and experiences.

This past year, we hosted multiple events in San Francisco, New York City, Chicago, and even grabbed our passports for events in Mexico City and London. It was truly inspiring to see peers from across the industry engaged and sharing best practices with each other.

Here are some key learnings from this year:

Taking on more with less

  • The scope and responsibilities for our teams continue to be ever more demanding. Whether it’s new products, features, or markets, teams are asked to protect an ever expanding empire with the same tools and people. Getting resources to evolve and level up continues to be a tough challenge.
  • In order to improve this, it comes down to things like aligning incentives with your internal groups. It’s not feasible or sustainable to have things built just for your team. You must find allies, ideally on the product team, in order to thrive.

Bots on bots on bots

  • The scale and sophistication of attacks continues to increase. Yes, there are still the basic attacks that hit you one at a time, but fraudsters have become more technical and are using scripts to attack en masse.
  • Relying solely on rules just doesn’t cut it anymore. After years of using a rules based infrastructure, the maintenance, upkeep and effectiveness of these frameworks has become more and more limited. Accounts and orders look so real that more behavior modeling is needed to decipher good versus bad.
  • It’s no longer possible to take down accounts one at a time. Teams must respond with their own automated models, scripts, and tools to take down fraud rings.

Account takeover (ATO) is on the rise but it’s difficult to measure impact

  • Chargebacks are known values. A $100 chargeback basically means the same thing to all merchants, however ATO impact is harder to put a dollar value on. As a result, it’s more difficult to get resources to combat such behavior.
  • Most often it comes down to metrics like lifetime value of a customer or churn to help get more clarity here.

Tools on tools on tools

  • Most merchants use several tools before they make a decision. Analysts spend more time consolidating data from various systems rather than pure investigation and eventually make a decision.
  • Most companies use a medley of tools (internal and external) to make a decision, but almost none of them are optimized for their team.

Finally, I wanted to say thank you to the various hosts of our Fraud Fighters Forums. We typically host our events at the offices of fellow fraud fighters. They open their doors and give us a place to learn, network and share.


Kevin Lee

Kevin is the Trust and Safety Architect at Sift Science. Building high-performing teams and systems to combat malicious behavior are what drive him. Prior to Sift, Kevin worked as a manager at Facebook, Square, and Google in various risk, spam, and trust and safety roles.