Can machine learning save you from scammers?

Source: Vsoftsystems, 18/11/2018

Scammers may be tricking vast numbers of unsuspecting customers into
giving up their personal details so that fraudulent transactions can
take place â€` but these crafty thieves may have met their match in
machine learning.
Vishers, phishers and smishers belong to a category of criminals
called social engineering fraudsters, meaning they trick their victim
into either disclosing confidential financial details or transferring
money to a criminal.
In South Africa, data released by the SA Banking Risk Information
Centre (Sabric) earlier this year revealed that more than half (55%)
of the gross losses due to crime reported were from incidents that had
occurred online.
Phishers, smishers, vishers â€` what next?
Phishers typically try to get personal details via email, smishers try
their luck by sms, and vishers are best known for their telephonic
skills.
Dr Scott Zoldi, chief analytics officer at analytic software firm
FICO, says vishing is an especially great risk around tax season.
`Phone call social engineering fraud â€` known as vishing â€` has gained
in popularity of late, and relies on the fraudster’s powers of
persuasion in conversation with their victim,` he says.
`This type of SEF spikes around tax season when fraudsters claim to be
the South African Revenues (SARS), and use spoofing to make the calls
appear as if they originate from official phone numbers.`
Victims may be told they will go to jail if they don`t make a payment,
or that a refund is due â€` but their bank details are needed in order
to get it.
And, says Zoldi, as security settings advance and real-time payment
schemes such as online banking transfers or banking transfers become
easier, scammers are favouring tricking their victims into depositing
the money themselves (authorised push payment scams) rather than
stealing the money through compromised account authentication
(unauthorised push payment transactions).
This means the key to beating tricksters is not through tighter
security â€` but through targeting behaviour.
No match for machines
But Zoldi says these crafty tricksters have met their match â€` and it`s
machine learning.
Sometimes, he says, `computer says no` is the best answer.
Advances in machine learning mean it is becoming easier to stay one
step ahead of social engineering fraudsters, he says.
`The good news is that machine learning models can counteract SEF
techniques,` he says.
These machine learning models are designed to detect the broad
spectrum of fraud types attacking financial institutions, building and
updating behavioural profiles online and in real time.
They monitor payment characteristics such as transaction amounts and
how quickly payments are being made. This means they can â€` by
recognising patterns â€` detect both generic fraud characteristics, and
patterns that only appear in certain types of fraud, such as social
engineering fraud.
`In SEF scenarios, the above-mentioned behaviours will appear out of
line with normal transactional activity and generate higher fraud risk
scores,` says Zoldi.
The machine learning model can also keep track of the way various
common transactions intersect either for the customer or within the
individual account, for example by tracking a list of beneficiaries
the customer pays regularly, the devices previously used to make
payments, typical amounts, locations, times and so forth.
Digging deeper
`FICO’s research has shown that transactions made out of character are
more than 40 times riskier than those that follow at least one
established behaviour,` says Zoldi.
Machine learning models can also track these risky non-monetary
events, such as a change of email, address or phone number, which can
often precede fraudulent monetary transactions.
Authorised push payments are a bit more difficult, he explains,
because customers can be so panicked by the social engineering
fraudster that when the bank intervenes, the customer distrusts,
ignores, or resists the bank’s efforts to protect their accounts.
But, he says, even then, typical anticipated behaviours can be used,
based on extensive profiling of the true customer’s past actions.
`We are incorporating collaborative profile technology to bring
additional cross-customer understanding of the new behaviours of
similar banking customers. These methods can be used to home in on
individuals that are often targeted for authorised push payments and
trigger the bank’s intervention,` he explains.
`Fraudsters have always targeted the weakest link in the banking
process. As systems become more and more secure, the weakest link,
increasingly, are customers themselves.
`However, by analysing the way each customer normally uses their
account, banks can detect transactions that are out of character and
stop them before any money disappears, which will make social
engineering scams less profitable.`
Customer profiling will also help prevent fraud in real time, he says.