#Fraudlifecycle; turning the tables on cyber criminals

by Guest Contributor 2 min read September 29, 2014

Fraud is not a point-in-time problem and data breaches should not be considered isolated attacks, which break through network defenses to abscond with credentials. In fact, data breaches are just the first stage of a rather complex lifecycle that begins with a vulnerability, advances through several stages of validation and surveillance, and culminates with a fraudulent transaction or monetary theft.

Cyber criminals are sophisticated and have a growing arsenal of weapons at their disposal to infect individual and corporate systems and capture account information: phishing, SMSishing and Vishing attacks, malware, and the like are all attempts to thwart security and access-protected information. Criminal tactics have even evolved to include physical-world approaches like infiltrating physical call centers via social engineering attacks aimed at unsuspecting representatives. This, and similar efforts, are all part of the constant quest to identify and exploit weaknesses in order to stage and commit financial crimes.

There are some companies that claim malware detection is the silver bullet to preventing fraud. This is simply not the case. The issue is that malware is only one method by which fraudsters may obtain credentials. The seemingly endless supply of pristine identity and account data in the criminal underground means that detecting a user’s system has been compromised is akin to closing the barn door after the hose has bolted. That is, malware can be an indicator that an account has been compromised, but it does not help identify the subsequent usage of the stolen credentials by the criminals, regardless of how the credentials were compromised.

Compromised data is first validated by the seller as one of their “value adds” to the criminal underground and typically again by the buyer. Validation usually involves logging into an account to ensure that the credentials work as expected, and allows for a much higher “validated” price point. Once the credentials and/or account have been validated, cyber criminals can turn their attention to surveillance.

Remember, by the time one realizes that credential information has been exposed, cyber criminal rings have captured the information they need – such as usernames, passwords, challenge responses and even token or session IDs – and have aded it to their underground data repositories. with traditional online authentication controls, it is nearly impossible to detect the initial fraudulent login that uses ill-gotten credentials. That is why it is critical to operate from the assumption that all account credentials have been compromised when designing an online authentication control scheme.

Related Posts

How Union Credit Expands Access to Credit Unions with Experian

Discover how Union Credit and Experian help credit unions reach younger consumers through personalized digital lending experiences.

Published: July 1, 2026 by Scarlet.Nickel@experian.com

Explore how Experian Verify™ and Mezzo’s Centro orchestration engine are helping mortgage lenders modernize income and employment verification, reduce workflow complexity, and make faster, more confident lending decisions at scale.

Published: July 1, 2026 by Lizel Ferrer
Used EV Growth Signals a New Phase of Consumer Purchasing Behavior

The electric vehicle (EV) revolution isn’t slowing down, it’s changing lanes. While recent conversations have seemingly focused on softening demand for new EVs, the used segment has been gaining momentum. According to Experian Automotive’s 2025 EV Year in Review Report, new retail individual EV registrations fell 35.9% year-over-year. Meanwhile, the used retail individual EV registrations grew 25.4% from a year ago. As affordability and growing model availability reshapes consumer behavior, buyers are increasingly turning to pre-owned EVs, which has shown an interesting market divergence that is redefining how consumers are adopting this segment and what it can mean for automakers, dealers, and the overall industry. Key players behind rising used EV demand Notably, Tesla accounted for over half (60.5%) of used retail individual EV registrations in 2025, followed by Chevrolet at 6.4% and Nissan (5.5%). Diving a bit deeper, Tesla made up the top three models of the used individual registrations last year, with the Model 3 coming in at 27.2%, Model Y at 21.7%, and Model S (6.6%). The Chevrolet Bolt EV followed at 4.8% and the Nissan Leaf was at 4%. Tesla’s position as the leading make in the used EV market is a natural extension of its long-standing dominance in new EV sales. The brand’s leadership over the years created a large fleet of vehicles that are now entering the pre-owned market. What the used EV boom means for automotive professionals The growing demand for used EVs can present more opportunities for automotive professionals. Dealers that provide a healthy supply of pre-owned EVs can increase accessibility and play a role in adoption for consumers who are actively looking to purchase, while marketers can emphasize value and ownership benefits. As the market continues to evolve, automotive professionals who understand and respond to these changing dynamics will be best positioned to capitalize on the expanding pool of used EV shoppers. To learn more about EV insights, visit Experian Automotive’s EV Resource Center.

Published: June 30, 2026 by Kirsten Von Busch