- Before Covid-19 financial institutions saw a 10:1 ratio of bot-based malicious to legitimate login attempts, according to Aite Group’s Fraud & AML practice. Malicious login attempts are setting new records every month.
- Between 2018 and 2019, there was an 84% increase in the number of breached data reports, reaching 15.1B accounts last year.
- Fraud operations funded by organized crime run much like legitimate businesses, complete with ongoing recruiting campaigns for AI, bot and machine learning expertise and office locations focused on developing breach strategies.
- As of June 2020, login credentials for online banking averaged about $35 on the dark web while payment card details averaged between $12 and $20 apiece, according to analysis again by Help Net Security.
Interested in understanding how AI and machine learning are being used to prevent bot-based fraud attempts, I attended a few recent webinars with Kount’s 3 Key Elements Needed For Successful Bot Detection being one of the most insightful. Trace Fooshee, Senior Analyst at Aite Group and Sven Hindman, Product Manager at Kount, have decades of expertise in this area. The webinar provided an opportunity to see what’s new in using AI and machine learning to prevent fraud. The following key insights from the webinar reflect how advanced bot-based fraud is and the three steps needed to detect better and thwart fraud-based bot attacks:
- Fraud rings have grown in complexity and scale and resemble enterprises today, complete with their financial crime value chain. Trace Fooshee, Senior Analyst at Aite Group, created a financial crime value chain framework that explains the enterprise-level scale bot-based fraud strategies in use today. Fraud rings rely on bad bots to accomplish the goals of every phase of the value chain, starting with mining raw materials or card, credential, password and personal data. Each phase of the value chain is powered by the data bad bots capture every day.
- The bot landscape is changing fast as fraudsters look to capitalize on the confusion, fear and uncertainty surrounding Covid-19 and its immediately accelerating e-commerce. Covid-19 quickly became the catalyst that e-commerce and digital transformation initiatives needed to prove they could scale. It also led to a massive increase in bot attacks. The following graphic explains the ratio of malicious login attempts to legitimate ones using a curve that progresses to the left. Trace Fooshee, Senior Analyst at Aite Group, says the figure below was the baseline before Covid-19; now, it’s exponentially greater….