Uncertainty is not new to business or consumers. What has been radically different starting in early 2020 is the speed and breadth of the uncertainty. Similar to many other turbulent periods for the global economy, fraud networks continue to facilitate attacks. The amount of areas fraudsters and fraud networks have targeted is staggering, e.g., lending organizations, consumer scams, etc. Operating across organizations, industries and country borders, fraudsters have become masters at luring organizations and their customers into their intricately designed webs through sinister and collaborative approaches.

The first thing to keep clearly in mind is that cybercrime organizations are sophisticated and have adopted similar technologies and organizational efficiencies seen in many modern enterprises. They are also joining forces in extensive global networks that buy, trade and augment stolen identity credentials to perpetrate an increasing number of cyberattacks—some of them sponsored by rogue nation-states. In order to fight back effectively, it is crucial for organizations to understand the modus operandi of complex and hyperconnected fraud rings. That way, businesses can effectively build strategies to mitigate networked fraud risk.

Let’s examine the four ways that fraudsters are increasingly working together to target businesses to maximize the value of stolen credentials. First, there is cross-organizational fraud, where fraudsters work across organizations to maximize their monetary exploitation and success. According to the LexisNexis® Risk Solutions Cybercrime Report July to December 2020, the North American fraud network showed a strong pattern of device-based cross-organizational fraud that spans lending, stock brokerage, insurance, digital wallet, bank, identity verification, remittance, payroll and more.1

The July-December 2020 Cybercrime report also revealed that the LexisNexis® Digital Identity Network recorded 24.6 billion in transactions processed and a 29% growth in global transaction volume year-over-year for the second half of 2020.2 Mass automated bots used to test identity credentials remain widespread and the full 2020-year analysis found that the number of bot attacks grew by 100 million year-over-year with an attack volume of 2.1B.3

Second, cross-industry fraud is also accelerating. Criminals spider-web from one organization to many, across industries and country borders. Oftentimes, individual companies are not even aware of the fraud occurring at other organizations. This type of fraud is only getting worse. According to the LexisNexis® Risk Solutions 2020 True Cost of Fraud™ Study: Financial Services and Lending Edition, lenders saw an average of $3.90 for every dollar lost to fraud, up from $3.44, a 13.4% increase.4 Financial services firms incurred an average of $3.64 cost per dollar of fraud loss, up from $3.25.5

Third, complex data plays a role, too. Fraud networks are multi-faceted and expose myriad pieces of user-related digital identity data as well as device types and online behavior. By employing techniques that range from dark web data mining to social engineering, spoofing and bot-driven credential testing, they are finding success with account takeovers. Once they are in, by simply leveraging the “Forgot Password” capabilities associated with the consumer’s other accounts, there are virtually no limits to the damage they can extract in a very short span of time.

And lastly, solution vulnerabilities are becoming more glaring. Fraudsters have become increasingly adept at using sophisticated techniques to bypass basic device fingerprinting, conceal their true location and spoof other identities. It is now a high-stakes situation.

The size and scope of networked cybercrime exists locally, regionally and globally.

Just like a spiderweb, these fraud networks are intricate, strong, and rapidly built. Examples abound but let’s examine one that bore all the hallmarks of a fraud network.

Along Came a Fraudster

The particularly egregious fraud network viewed above encompassed several UK banks and lenders, financial services institutions in the U.S., Canada and France, as well as retailers and media companies spanning these regions. This huge mule network was linked with thousands of devices and transactions, all engineered to maximize reach across unsuspecting consumers and organizations. And this is but one illustration.

The price of such networks can be staggering. This one, centered around UK banks, had $12.5M exposed to fraud in a single month. And that doesn’t even take into account brand and reputational losses.

So how do organizations fight these ever-evolving cybercrime networks? Single-point and siloed solutions are not enough. Instead, businesses should have the tools and capabilities to adapt to the cybercrime landscape, embracing and deploying the next generation of networked fraud detection capabilities.

To battle cross-organizational fraud, one solution is data/risk signal sharing with consistent capabilities across customer channels. Businesses need a common view of risk for better tracking and swift response. When data is shared and analyzed via a dedicated decision platform, organizations are better equipped with the access and transaction behavior of their customers to help confidently differentiate legitimate customers from fraudulent and high-risk behavior in real-time. For example, through sharing, organizations are increasingly able to identify patterns that suggest transaction fraud, leading to fewer false positives and better customer experience.

Harnessing digital identity intelligence (e.g., device data, shipping addresses, email addresses, etc.) enables organizations to receive a holistic perspective of consumers, weeding out the bad actors and better differentiating between trust and risk.

The key here lies in combining physical data and unique digital identity footprints consumers leave in their wakes as they traverse the digital world to create a personalized, risk-appropriate multi-layered workflow. Analytics and additional risk signals can further help capture anomalies and high-risk behavior before transactions are processed. Through powerful identity intelligence, holistic linking capability, network effect expertise and near-real time insights, it becomes possible to uncover critical insights based on past digital interaction.

Fraud detection—the ability to share intelligence related to confirmed fraud with trust and context across consortia groups—is another imperative. It provides a near real-time solution to networked fraud. Another benefit: sharing feedback and intelligence on fraud typologies can also help businesses to adapt their fraud strategies to mitigate evolving fraud trends.

A holistic multi-layered defense is the best way to mitigate fraud

But one of the best weapons in the arsenal in the battle against fraud is a multi-layered defense that is harder for fraudsters to circumvent due to an organization’s ability to quickly detect and pivot against new fraud threats. The first layer is to utilize both digital and physical data as well as risk signals. Risk signals associated with the device, identity and other attributes for analysis—including digital fingerprinting and behavioral analysis. Once these signals are collected, organizations can apply analytics and industry best practices to decide on how to proceed (accept, reject, challenge or in some cases pend/case review). If the decision is to challenge – we apply a robust set of authentication modalities that are appropriate for the transaction risk and customer journey experience.

Further, introducing more advanced risk capabilities such as behavioral biometrics capabilities help to expose inherent user behavior—analyzed by keyboard behavior, mouse behavior, phone behavior and touchscreen behavior—without compromising privacy or introducing unnecessary friction.

Uncovering critical insights begins with powerful identity intelligence, capable of facilitating accurate device and digital identity recognition along with detailed intelligence that can personalize the experience based on risk. Holistic linking capability assesses the digital identity, going far beyond the risk associated with a single device.

These insights are combined with platform-based technology that powers the strategy. Organizations need to be able to create custom policy rules that combine multiple risk signals and nimbly orchestrate and automate desired personalized risk-appropriate workflows using multiple layers of defense. The addition of advanced analytical techniques will greatly enable organizations to help identify and even prevent fraud such as on-boarding fraud, synthetic/manipulated identities, account take over and social engineering scams.

Since the fraudsters’ battle strategies are constantly shifting and it is easy to get caught in their web, businesses must fight smarter. Analyzing individual fraud attacks, implementing multi-layered strategies, utilizing next-generation risk intelligence signals and sharing information across organizational and industry lines with market-leading innovations is the best way to stay ahead of evolving fraud networks.

1. LexisNexis® Risk Solutions Cybercrime Report July-December 2020
2. LexisNexis® Risk Solutions Cybercrime Report July-December 2020
3. LexisNexis® Risk Solutions Cybercrime Report July-December 2020
4. LexisNexis® Risk Solutions 2020 True Cost of Fraud™ Study: Financial Services and Lending Edition
5. LexisNexis® Risk Solutions 2020 True Cost of Fraud™ Study: Financial Services and Lending Edition