How SOCRadar Can Help Fraud Teams?

How SOCRadar Can Help Fraud Teams?

November 12, 2021

Fraud refers to transactions made using card information without the knowledge of cardholders in the card payment sector in cybersecurity or purchases made by using fake or stolen credit cards.

Today, with the advantages of the rapid digitalization of the world, stealing non-physical information is getting more leisurely day by day. Problems experienced in shopping transactions, whether customer-related or not, cause an environment of distrust.

By preventing the problems caused by fraud (stolen/fake credit card transactions), you will lose financial loss and your customer’s trust. In this context, companies have started to take precautions by forming fraud teams within their organization.

On Internet/Mobile shopping, your payment system must offer a secure infrastructure due to transactions made without physically using a credit card (CNP).

It is tried to hold companies responsible for phishing domains created on the Internet, malware that infects the user’s computer or phone, and the resulting victimization by obtaining user information. Entering card information manually in mobile shopping, not using your card physically during the transaction; obliges you to take extra security measures against malicious use.

What Measures Can Fraud Teams Take to Prevent Fraud?

Fraud teams, composed of expert personnel in their fields, provide various controls to reduce the risk of companies experiencing fraud. Teams take action in case of an abnormal situation in the rules they make and shopping. In addition, additional measures that can be taken with the necessary/ongoing rules are as follows:

  • The First Purchase After the First Membership Process: It is important to ensure the accuracy of the users in the purchases made by becoming a new member. Because even once the fraudster does the transaction, he will have done enough damage to the company/customer.
  • Shopping Above Average Purchase Amount: Since the attackers use the “maximum loss minimum detection” tactic with the credit card they have seized, examining the purchases above the average order limit of the customer provides early detection of possible fraud.
  • Incorrect Entry of Card Information on a Certain Number: Incorrect data entry over a certain number requires examining the transactions made with the card. This situation also provides a clue as to the possibility of a scam.
  • Different Members Making Shopping with the Same Card: Shopping made by more than one and different people with a piece of single card information, especially in large amounts, is a sign of fraud. In this context, fraud teams should create additional checkpoints for different memberships.
  • IP Control: Shopping with different cards from a single IP and shopping with the same cards from other locations at close intervals also clues fraud. In case of suspicion of fraud, it is necessary to contact the customer/bank/e-commerce site.
  • 3D Secure Service: Care should be taken to use 3D secure service in all kinds of shopping.
  • Firstly, Inquire about the Security Code (CVV/CVC2): Since the security code on the back of the card cannot be copied despite card duplication, inquire about the security code.
  • SSL Certificate: You must have an SSL certificate in your entire system, especially in payment screens. In this way, you present to your users that the personal data and credit card information of the users visiting your site is safe, and you meet one of the security criteria.
  • Provide Internationally Valid Certificate Standards: You can indicate to your customers that you meet the standards that aim to provide maximum security for users’ card information by providing the internationally valid PCI DSS Data Security Standards (Payment Card Industry Data Security Standards).
  • Checking the Validity of IP and Location Information: While checking the accuracy of the card information, you should also check the validity of the IP and location information of the ordered device and the requested ones.
  • Change in Customer Habits: When a behavior other than the shopping habits created for each customer is detected, you should examine this transaction separately, considering that this transaction may be a fraud transaction.
  • You should automate all your fraud processes as much as possible so that you can make fast and accurate decisions within the intense transaction volume.
  • The user of CTI Products: Expert analyst teams should offer you an early warning system, thanks to the AI structure developed with big data, to detect the attackers’ fraud transactions about your company, platforms such as ICQ, IRC, Discord, Telegram, and shares on the dark/deep web at an early stage.

According to a study, companies that receive fraud prevention services reduce their response costs by 42% and solution costs by 17% in the event of a fraud attack, compared to companies that do not have a fraud prevention program. The same study also stated that around 60% of companies conducting investigations after a fraud attack are better than their competitors (more minor losses, improved control environment, fewer fraud losses, increased employee motivation).

In line with those mentioned above, the return on investment of an effective fraud prevention program makes it more than valuable. It requires companies offering shopping transactions to take special precautions against fraud.

What is the Amount of Loss Caused by Fraud Transactions Globally in Recent Years?

Frauds in payments made without physically using a credit card (Card Not Present-CNP) continue to increase year by year in Europe. Within the Single Euro Payment Area (SEPA), CNP fraud increased by 17.7% compared to the previous year, resulting in a loss of €1.43 billion in 2018. In contrast, ATM fraud decreased by 14.7% from 2017 to 2018 with the increase in Chip & Pin enabled cards.

As in Europe, CNP fraud accounts for 76% of fraud losses worldwide. UK Payment losses through fraudulent card payments, remote banking, and checks totaled £824.8m in 2019. While paying with lost, stolen, or counterfeit cards using a card machine is still a significant problem, the vast majority of losses are CNP frauds totaling £470.2m.

Global losses from payments fraud tripled from $9.84 billion in 2011 to $32.39 billion in 2020. Payment fraud is expected to increase and cost $40.62 billion in 2027.

The number of transactions reported as fraud and its total records are presented below.

According to this year’s edition of the “Financial Costs of Fraud report” published annually by the University of Portsmouth and Crowe since 2009, the loss from fraud for 2020 is more than even the global Gross Domestic Product (GDP) ($83.85 trillion). If such losses from individual organizations are reduced by 40%, more than $2.1 trillion in GDP, more critical than all GDP outside the seven major economies, would be avoided.

You can access the details of the report under the heading “The financial cost of fraud 2021” in the Threat Reports area (Cyber Threat Intelligence -> Threat Reports) on the SOCRadar Platform.

How Can Fraud Teams Benefit from SOCRadar?

Unlike traditional CTI products, SOCRadar’s Unified structure and Extended Threat Intelligence (XTI) structure;

The role-based structure it creates in alarms allows you to forward the email structure of the relevant alarms to your fraud teams without connecting to the platform. In addition, you can feed your fraud systems with relevant alarms with the filtering structure it brings in the incident API, and you can process the relevant alarm via the API with the bidirectional API structure (false positive, resolved, etc.).

(You can forward alarms for Fraud Protection from Settings-> Company Settings-> Incident Summary & Options.)

Its structure that provides role distribution to your security teams offers your Fraud Teams the opportunity to monitor and control the relevant alarms and dashboards on the platform. In this way, Fraud Teams can take action regarding alarms instantly and turn off alarms.

(You can learn and manage it from the “Role Details” field in Settings-> Company Settings->Platform Users.)

In the SOCRadar RiskPrime module (Digital Risk Protection Intelligence);

  • It provides you with leaked credit card information from your bank.
  • In Dark & DeepWeb, you can find it in black markets, IRC channels, Telegram, etc. It provides you with fraud activities that take place in places.

In the SOCRadar ThreatFusion module;

  • In the Threatshare section, you can access the analyzes in the Fraud field for banks and the news on the dark & deep web.
  • Combolist service is received by companies that provide payment transactions on credit cards belonging to banks. Combolist sharing is provided, and action is taken before the payment is made.
Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets. Try for free