Episode 225
Are Fraudsters REALLY Exploiting Online Fraud Tools? -Setting a Few Things Straight
Fraudology is presented by Sardine.
In this solo episode of Fraudology, host Karisse Hendrick responds to a recent article written on LinkedIn about the interview episode with Nate Kharrl, CEO of Spec titled "Breaking News: Fraudsters Exploiting 3rd Party Fraud Tools". Karisse always welcomes healthy discussion and new opportunities to learn. -Especially if they're presented in good faith, and accurate.
While responding to the article, Karisse starts the episode with a bit of a refresher course on several aspects of the original topic. Including: some of the methods used by fraudsters to exploit some 3rd party fraud tools, the symptoms of these kinds of attacks, the gaps these are caused by on the client & vendor side, and ways to decrease your exposure to exploits.
It's true that fraudsters testing thresholds to see what they can get away with is nothing new. But, what IS new (and scary for those impacted!) are the high tech ways this is now occurring AT scale; often without visibility to track their activity.
Karisse also delves into some of the vulnerabilities of network consortiums, the importance of reliable data sources, and the risks & limitations of relying solely on device information and/or behavioral data (via Java Script + API) for risk evaluation. She also explains two of the methods most commonly used by bad actors to quickly identify which 3rd party fraud/risk providers that each website relies on.
Karisse wraps up the episode with a few suggested questions to ask your 3rd party fraud and/or bot detection provider if you've recently seen declines in their accuracy; along with a few strategies, process changes, and alternative or supplemental technology options for those companies that don't have the luxury to simply replace their current core fraud solution.
Bottom line: Fraud & bot detection technology MUST continually innovate since cybercriminals are continually searching for work arounds. Solution providers need to make innovation a part of their on-going business plan as inevitably, some of the methods & technology frequently used to detect bot attempts, risky transactions and/or accounts, won't work as well as they once did.
Note: For those solution providers that have been receiving calls or emails from your clients, asking some of the questions that are suggested, it's important to not respond in a defensive way or to place blame elsewhere. And to instead, focus on ways that
Special thanks to Frank McKenna for taking the time to thoroughly research this topic, and for writing a thoughtful & informative article on the topic. This article should be read by everyone. -Either as a stand alone article, or as a companion piece to the original episode which aired on August 26, 2023, you are sure to learn more on this topic.
https://frankonfraud.com/fraud-trends/uh-oh-fraudsters-found-ways-to-exploit-your-fraud-scores/
Fraudology is hosted by Karisse Hendrick, a fraud fighter with decades of experience advising hundreds of the biggest ecommerce companies in the world on fraud, chargebacks, and other forms of abuse impacting a company's bottom line.
Connect with her on LinkedIn
She brings her experience, expertise, and extensive network of experts to this podcast semi weekly, on Tuesdays and Thursdays.
Mentioned in this episode:
2023-q4-postroll sardine 1