Tag: fraud event

In the first six months of 2021, there was $590 million in ransomware-related activity, which exceeds the value of $416 million reported for the entirety of 2020 according to the S. Treasury's Financial Crimes Enforcement Network. Constant economic pressure coupled with the ever-increasing volume of data online have created an environment that’s ripe for attacks, leaving businesses and consumers vulnerable to attacks and theft. What are ransomware attacks? Ransomware is a subset of malicious software, AKA malware, that either threatens to publish or block access to data or a computer system. It often takes the form of a cyberattack where criminals take over an organization’s computer network. Once they’ve assumed control, the hackers demand a ransom to restore access to the illicitly encrypted data. Additionally, ransomware attacks and data breaches are now becoming more closely linked, with sensitive data including employees’ personal information, HR records, and more being filtered out and distributed during or after the attack. In fact, Experian has found that 7 of 10 data breaches involve ransomware. The negative impact of ransomware attacks According to the Identity Theft Resource Center, the average ransom demand in 2021 was $5.3 million, a 518% increase from the 2020 average. Experian’s latest Data Breach Response Guide found that businesses were hit with ransomware attacks every 11 seconds in 2021. These attacks also take up to 20% longer to begin breach notifications, leaving businesses even more vulnerable. In addition to the monetary loss and the time spent responding to and recovering from the attack, businesses also stand to suffer reputational damage, because consumer sentiment is that companies are responsible for protecting data. Having a plan in place makes a sizeable impact though, with 90% of consumers being more forgiving of companies that had a response plan in place prior to a breach. How to protect against ransomware attacks Experian’s 2022 Future of Fraud Forecast predicts that ransomware will be a significant fraud threat for companies as fraudsters will look for a sizeable ransom to cede control and potentially steal data from the hacked company. Preparing for the possibility of an attack includes training your staff to spot the signs of a phishing attempt, having a response plan in place, and leveraging partner solutions. To learn more about how Experian helps businesses protect against the fallout of a ransomware attack, visit us, and be sure to read about our other Future of Fraud predictions about cryptocurrency and Buy Now, Pay Later fraud. Request a call Future of Fraud Forecast

Every few months we hear in the news about a fraud ring that has been busted here in the U.S. or in another part of the world. In May, I read about a fraud ring based in Georgia and Louisiana that bought 13,000 stolen identities of children who were on the Louisiana Medicaid program and billed the government for services not rendered. This group defrauded the Medicaid program of more than $500,000.   This is just one of many stories that we hear about fraud rings, and given the rapidly changing economic environment, now is the time for businesses to think about how to protect against fraud rings. There are a number of challenges that organizations may have when it comes to sharing trends and collaborations, understanding the ways to tie fraud rings together, creating treatments for identifying fraud rings and ways to store and catalogue fraud ring experiences so they can be easily recognized.   The trouble with identifying fraud rings   It’s important to understand the challenges that organizations have because they see the fraud rings through their own internal lens. Here are a few of the top things businesses should work on:   Think like a fraudster. This will help businesses become more creative in their approach to fraud prevention. Facilitate internal collaboration. Share with in-organization partners. Sometimes this can be difficult due to organizational structure. Promote external collaboration. Intel-sharing groups are a great way for businesses to network within their industries and learn about the fraud that others are seeing. An organization that I’ve worked with in the past is the National Cyber Forensic and Training Alliance (NCFTA).   Putting the pieces together   How do businesses identify a fraud ring? There are three steps to get started. The first is reviewing and understanding the data. Fraudsters are lazy and want to replicate the process over and over again, and because of this there is always some piece of information that is repeated. It could be a name, an email address, device fingerprint, or similar.   The second step is tying the fraud ring together. This is done by creating rules to help identify the trends. Having rules in place to identify fraud rings allows businesses to easily pull stats together for their leadership.   Lastly, applying an acronym or name to the particular fraud ring and adding comments to the cases associated with a particular ring will help with post-investigation analysis.   Learning from the past   Before I became a consultant, I remember identifying a fraud ring that was submitting events with the same language pack and where the device fingerprint was staying consistent. Those events were being referred out for review and marked with the same note. At a post-mortem review, I was able to talk to the fraud ring we had seen, and it was easy to pull all events associated with this fraud ring because my team had marked the events with the same comments.   Another fraud ring example happened a few years ago. A client called me and said that they were under a fraud attack and this fraud ring was rotating the email handle. I reviewed the data and came up with a rule to catch this activity. Fraud rings will use email handle rotation to help them keep track of accounts that are opened or what emails they used in the past. By coupling the email handle rotation with an email verification service like Emailage, this insight could be very telling. I would assume that when fraud rings use email handle rotation these emails are new and have just been created.   These are just a few of the many fraud rings that I’ve encountered over the course of my career and I’m sure there will be a lot more in the years to come. The best advice I can give to anyone that reads this post is to understand the data that you are reviewing, look for anomalies within the data, ask questions and test your theories by running queries on the data that you’re reviewing. I would love to hear about the different fraud rings that you’ve encountered over your career.   Stay safe.   Contact us