Fraud Wiki | SHIELD

Bot Attacks

Sophisticated bots designed to carry out malicious attacks can cause financial losses and reputational damage. Constantly evolving, bots mimick human behavior to avoid detection.

Scraping
Scraping involves illegally harvesting data from websites or mobile applications. Advanced, human-like bots scan pages for valuable information which can then be used for fraudulent attacks, such as credit application fraud.
Carding
Carding is the process of verifying the validity of stolen card details. Bots are deployed on payment processing pages to test a bulk list of stolen gift and credit cards, and those determined to be legitimate are then used to carry out fraudulent transactions.
Click Fraud
Click fraud occurs when bots falsely inflate the number of mouse clicks on a page. This typically arises when ad publishers want to generate more revenue or when online advertisers try to sabotage their competitors by inflating the cost of their advertising campaigns.
Inventory Hoarding
Inventory hoarding is the use of bots to repeatedly hold products in online shopping carts, causing goods to go out of stock without being purchased. As legitimate customers are denied access to these goods, this can lead to revenue loss.
Skewed Analytics
Skewed analytics are unexpected spikes in traffic caused by bots. Malicious bot traffic accounts for almost 50% of all internet traffic, creating polluted and inaccurate data.
Vulnerability Scanning
Vulnerability scans are automated tests performed by bots to discover a system's security weaknesses. Once discovered, hackers are able to gain control of sensitive data and exploit the system further.
Form Spam
Form spam is the submission of web forms with irrelevant or fake information. When performed by bots, this not only overwhelms businesses and draws attention away from legitimate submissions, but content sent through these forms is often laden with malware, exposing businesses to further attacks.
DDoS
Distributed Denial of Service (DDoS) is an attack which prevents intended users from accessing a website or application by overwhelming it with traffic. DDoS attacks are often distributed via botnets, a network of malware-infected devices hijacked for malicious purposes.
API Abuse
API abuse is the hostile takeover of an API. By using bots to intercept communications between two interacting systems, fraudsters can quickly harvest sensitive data or carry out further attacks, such as DDoS, Injection Attacks, Scraping, Inventory Hoarding, and Man-in-the-Middle attacks.
Defacement
Defacement is the act of changing a website's appearance. Fraudsters typically use bots to find security vulnerabilities, break into the web server, and edit critical content.
Scalping
Scalping attacks is the use of bots to buy popular or on-sale items to deplete inventories. These items are then resold to customers at marked-up prices on third-party platforms.

Account Fraud

Fraudulent accounts create easy gateways into a system. Although CAPTCHAs and multi-factor authentication methods are effective in mitigating these, they can impair user experience.

Account Takeover
Account takeovers involve gaining unauthorized access to an account and carrying out illegitimate transactions. This is often achieved by credential stuffing, phishing, or acquiring credentials via databases and black markets.
Fake Registration
Fake registrations occur when fraudsters create accounts using stolen information or fake identities. These fake accounts can then be used for malicious purposes, such as promo abuse or money laundering.

Transaction & Loyalty Fraud

Online transactions and loyalty programs offer the potential for huge financial gain. As a result, fraudsters aggressively exploit vulnerabilities, causing direct losses, hindered growth, and tarnished brand reputation.

Promo Abuse
Promo abuse involves exploiting promotions offering free or discounted goods and services. As promotional campaigns only offer a limited number of discounts per user, fraudsters will attempt to maximise their illicit gains by systematically exploiting loopholes.
Fraudulent Payment
Fraudulent payments occur when a fraudster uses a stolen credit card or another payment instrument to make unauthorized purchases.
Loyalty Fraud
Loyalty fraud is the exploitation of a loyalty system to illicitly earn rewards. Fraudsters systematically exploit loopholes in the rewards mechanism to earn cash, points, or other incentives. One example is asking for a refund on a huge purchase after having exchanged it for a high-value reward.
Fraudulent Transfer
Fraudulent transfers occur when one user takes over another user's reward point account. The fraudster will either transfer the points over to their own account, sell them for cash, or redeem them for rewards.
Fraudulent Claim
Fraudulent claims involve trying to obtain some benefit or advantage that a user is not entitled to. Fraudsters often target insurance or grant companies by attempting to fake a legitimate event that earns them a payout.
Withdrawal Fraud
Withdrawal fraud is the process of taking over a user's account or topping up a stolen credit card to access the available balance. Once achieved, the fraudster is able to make unauthorized withdrawals or purchases.

Credit Fraud

Identity theft and widespread data breaches are fuelling credit application fraud, resulting in costly write-offs for financial institutions.

Credit Application Fraud
Fraudsters create credit profiles using a fake identity or stolen personal details, which are then used to apply for a credit card, loan, or other types of credit. The fraudster subsequently disappears with the loan, leaving the company without any means to recover the amount.

AML/CFT Violations

Fintech developments have inadvertently created channels for financial crimes, resulting in ever-more stringent regulatory requirements.

Money Laundering
Money laundering is the process of disguising money obtained illegally by passing it through legitimate sources. Criminals employ a variety of methods to complete the three stages of money laundering: placement, layering, and integration - all of which can be conducted on digital platforms.
Terrorist Financing
Terrorist financing is the provision of funds to terrorist groups. These can be disguised in many forms, such as charity donations and multiple small-value transactions.
Regulatory Non-Compliance
Regulatory non-compliance is the failure to comply with specific regulations or laws. Regulatory authorities may require companies to limit the number or nature of activities that can be performed by certain users. However, these can be circumvented through various malicious means and tools.

Malicious Tools

Malicious tools have now become widely available and fraudsters are conducting attacks on a much larger scale than ever before.

Emulators
Emulators are hardware or software applications that simulate mobile devices on desktops to conduct mass scripted attacks.
App Cloning
App cloning involves running multiple instances of the same app to create multiple device identities.
App Tampering
App tampering is a fraud technique that involves modifying app source codes to perform illicit functions.
Device Tampering
Device tampering involves changing device attributes to generate a disposable device identity.
GPS Spoofing
Malicious users will use GPS spoofers to falsify their location data to mask certain behaviors.
VPNs
Virtual Private Networks (VPNs) are IP masking tools that allow the disguising of IP addresses to bypass geo-restrictions.