Sift Logo Several blue dots forming a sphere to the left of the word Sift in italic font.
  • Products

    Digital Trust & Safety Suite

    Fight fraud without sacrificing growth

    Learn more →

    Passwordless
    Authentication

    Account
    Defense

    Content
    Integrity

    Payment
    Protection

    Dispute
    Management

    Sift
    Connect

    PSD2
    Solution

    New Releases & Enhancements

  • Partners

    Sift Partner
    Program

    Join the leader in Digital Trust & Safety

    Learn more →

    Commerce platform partners


  • Industries

    One solution, many applications

    Learn how Sift can work for your industry

    Learn more →

    Featured industries


    Fintech

    Retail

    Food & Beverage

  • Customers

    See case studies by industry

    Sift works across every use case and region

    Learn more →

    Featured customers


  • Resources

    Explore our resources

    Access trends, guides, and insights from Sift

    Learn more →

    Blog

    Ebooks

    One Pagers

    Demos

    Videos

    Webinars

    Infographics

    Podcasts

    Trust & Safety University

  • Fraud Center
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more →

    Our mission: Help everyone trust the internet


    About

    Careers

    News & Press

Request a demo
Products
  • Digital Trust & Safety Suite
  • Passwordless Authentication
  • Account Defense
  • Content Integrity
  • Payment Protection
  • Dispute Management
  • Sift Connect
  • PSD2 Solution
  • New Releases & Enchancements
Why Sift
  • Salesforce
  • Magento
  • Shopify
Industries
  • Fintech
  • Retail
  • Food & Beverage
Customers
Resources
  • Blog
  • Ebooks
  • One Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Fraud Center
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a DemoSign In
  • Blog Home
  • Digital Trust & Safety
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

How to Combat the Fraud Economy in Fintech

By Kathryn Schneider  / 

6 May 2021

If trust and safety experts have learned anything this past year, it’s that fraudsters will look to exploit any and all vulnerabilities—including global crises. Experts estimate that more than $1 trillion was lost globally to cybercrime in 2020—fintech being one of the many industries hit by skyrocketing fraud rates.

During a recent webinar, Jane Lee, Trust and Safety Architect at Sift, along with Anda Kania, Lead Editor for Payments and Commerce at The Paypers, discussed the growing Fraud Economy, its impact on fintech, and how a Digital Trust & Safety approach can help protect and grow your business. 

What is the Fraud Economy?

Cybercriminals are knowledgeable about the markets they target and skilled at skirting around security measures put in place by fraud teams. They have thus evolved from isolated attacks into a full-blown Fraud Economy—a sophisticated network of active cybercriminals with access to everything they need to exploit online businesses.

“The key takeaways in this definition are sophisticated and network. The Fraud Economy is a very complex ecosystem where we have many, many different players who are all coordinating to swindle not only businesses, but consumers like you and me,” explains Lee. 

The Fraud Economy operates just like traditional economies, with levels of skilled labor as well as the ebbs and flows of supply, demand, and pricing. Fraudsters operating in this economy utilize secondary marketplaces to buy and exchange fraudulent information, oftentimes on the dark web.

Throughout the recent years of digital transformation, online fraud has multiplied into a much larger landscape of abuse. In the below graphic, you can see the complexities of the Fraud Economy and the various methods fraudsters can enact to get away with account takeover, content abuse, and payment fraud.

The fraud economy
Our Q1 Digital Trust & Safety Index covers this topic in detail.

What methods are cybercriminals using to commit fraud?

To better understand the dynamics of the Fraud Economy, Lee dives into the ever-expanding ways in which fraudsters are taking advantage of businesses and consumers through payment fraud, account takeover, and content abuse.

Payment fraud

Fraudsters use a variety of methods to commit payment fraud, including, but not limited to, refund abuse, dark web data purchases, currency conversion, BOPIS, fraudulent purchases, card testing, and money laundering. The most recognizable type of payment fraud is in the form of fraudulent purchases made via card-not-present (CNP) transactions. 

Fraudsters turn to dark web marketplaces to buy and sell stolen credentials and personally identifiable information (PII), using special software configurations to maintain their anonymity. To hide the source of stolen funds, many fraudsters convert them from a bank account or credit card into cryptocurrency, as they are easily transferrable across borders, irreversible, and difficult to track. This fact makes the fintech industry especially vulnerable to money laundering schemes, where fraudsters control both buyer and seller accounts to commit closed-loop fraud. 

Account takeover

There are also many vectors that can lead to account takeover, including password sharing, impersonation, and credential stuffing, to name a few. Data breaches are another huge source of ATOs. Data breaches make news headlines on a regular basis, and each impacted user becomes exposed to ATO threats. Fraudsters leverage bots and automated scripts to test the validity of user credentials (email/password or username/password) on a merchant’s website to resell or use themselves.

Once fraudsters take over an account, they wreak havoc by draining them of any stored value they carry, including saved payment methods and loyalty points, and perpetuate more fraud such as card testing. This type of fraud has increased significantly during the pandemic, with loyalty programs being an attractive target as more customers have been earning points shopping online, while the hospitality industry was an easy target due to stagnant (i.e. less vigilant) victims.

Content abuse

A few of the many types of fraud that can lead to content abuse include romance scams, misinformation, employment scams, fake posts & listings, phishing & spam, review boosting, and marketplace fraud. Marketplaces are particularly susceptible to fraud because they target both buyers and sellers, guests and hosts, drivers and riders, or content creators and consumers. Due to this double whammy, the possibilities for fraud and abuse are astronomical.

Cybercriminals also enact phishing, spam, and romance scams to extract victims’ personal information and build full user profiles in order to access their email, bank, and other accounts to maximize profits. 

How are fraudsters attacking fintech?

Within the fintech industry specifically, Lee reports an uptick in fraudulent transactions, money laundering, illicit activity, stolen or synthetic identity sign-ups, ACH fraud, and unemployment or pandemic stimulus fraud. Digital wallets continue to be an attractive target due to the financial value they carry, combined with the fact that the fintech industry, in general, focuses on removing barriers to entry, cross-border capabilities, and other mobile-first security limitations. 

The Fraud Economy and fintech

In the above graphic, you can see the pain points of account creation, login, and money flowing in and out of various fintech categories, illustrating how attacks can come in from all angles. “If you take anything away from the Fraud Economy and this illustration, it’s that you’re not facing an attack from one dimension—it’s coming from all sides,” explains Lee. 

The complexity of the Fraud Economy makes it all the more important to have a dynamic fraud solution that can take all of these factors into account. The dated rules-based approach no longer works in such an intricate fraud environment. Lee expands upon why rules-based systems are no longer effective:

“[Fraudsters] will continuously stress-test your system to see what they need to do to just barely skirt the line and operate below detection. What ultimately happens with systems that rely on rules is one, the rules get expansive because fraud is evolving. Two, you ultimately end up blocking good users, and of course, that’s not a good experience.”

How can you protect your business?

The alternative to a faulty rules-based system is machine learning, which analyzes thousands of signals and looks for patterns to determine levels of risk. With machine learning, you’re able to digest large amounts of data pertaining to user identities, behaviors, and device information to detect fraudulent actors. The Sift Digital Trust & Safety Suite is powered by patented machine learning models that leverage a global data network that processes over 70 billion events per month from over 34,000 sites and apps. 

“The advantage of the global data network is if someone in the global network identified it and marked it as fraud, you will automatically benefit from that information, hopefully saving you the pain of dealing with it down the road,” says Lee.

Lee explains that Sift is not just evaluating an email domain, but a combination of patterns to assign a Sift Score. You can see in the graphics below the various methods our machine learning can detect potentially risky users through deep signal analysis. 

Deep signal analysis
Across thousands of signals

Based on these tens of thousands of signals, Sift can accurately designate a Sift Score from 0-100 to determine how risky that behavior is and allow customers to decide how to proceed with that transaction.

To get even more insights from Lee on how the Fraud Economy is impacting fintech, watch the webinar.

Related

account takeoverATOcontent abusedark webdigital fraudDigital Trust & Safetyfintechfraud datafraud economyfraud preventionfraud solutionspayment abusepayment fraudpaymentstrust and safety

Kathryn Schneider

Kathryn Schneider is Sift’s Content Marketing Manager, specializing in digital content that sparks lasting impact. She’s an avid hiker, art enthusiast, and dedicated nonprofit volunteer.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.