• United States




Fighting fraud: Tips for getting ahead of the ever-evolving threat

May 16, 20185 mins
CybercrimeData and Information SecurityFraud

Fraud is largely inevitable but fighting it doesn’t have to be fruitless. Chris Camacho shares tips to help businesses combat this threat more effectively.

orange monitors with lock icon network security cyber threat
Credit: Getty Images

Fraud is often perceived as an unavoidable cost of doing business. And in most cases, this perception is accurate. Despite the bevy of new anti-fraud controls continually being implemented and improved among businesses across all sectors, fraud persists. But while fraud is largely inevitable and eradicating it largely impossible, the fight against fraud doesn’t have to be fruitless. Here are a few tips to help businesses combat this threat more effectively:

Think like a fraudster

Fraudsters are nothing if not persistent. Just because a new anti-fraud measure might render one tactic or scheme no longer feasible doesn’t mean the fraudsters behind it will cease their illicit efforts altogether. The challenge is, how do we anticipate what a fraudster’s next move might be?

Consider what motivates fraudsters: profit. In most cases, fraudsters seek out assets that can be monetized within various illicit schemes. As such, it’s crucial to determine which of your business’s assets could appeal to a fraudster. Credit card data, personally identifiable information (PII), user account login credentials, and other types of proprietary data and information are common examples.

Next, think about how a fraudster might try to access your business’s assets given any existing security controls. Most retailers, for instance, require some degree of authentication to verify purchases made with payment cards. But what about gift cards? Unlike bank-issued credit and debit cards, gift cards are generally not held to strict anti-fraud standards, which is largely why they have become a desirable asset among many fraudsters. Illicit vendors selling stolen gift cards have become commonplace on the Deep & Dark Web (DDW) in recent years, leading to an uptick in instances of gift card fraud.

While many retailers have since taken note and adjusted their security controls for gift cards accordingly, this example underscores why it’s crucial to try to think like a fraudster. Proactively identifying any weaknesses in existing anti-fraud programs—such as what fraudsters determined are often present within gift card security controls—can help businesses better anticipate and prepare for fraud.

Seek insight into emerging tactics and schemes

But in many cases, proactively identifying anti-fraud weaknesses requires visibility into the DDW communities where fraudsters congregate and discuss new tactics and schemes. After all, it wasn’t until fraudsters on certain DDW forums shared information with one another regarding many gift cards’ lax anti-fraud controls that underground gift card vendors were established and instances of gift card fraud increased.

The issue of gift card fraud also highlights another reason why businesses should seek visibility into the cybercriminal underground: many fraudsters’ ever-evolving tactics bear little resemblance to the tried-and-true fraud schemes with which most businesses are familiar. Although countless variations of credit card fraud, for example, are generally well-known and well-mitigated in the financial services and retail industries, many businesses continue to incur substantial losses from lesser-known types of fraud. In addition to gift card fraud, refund fraud, health savings account fraud, and rewards point fraud are only a few of many such examples that were initially conceived within the cybercriminal underground before posing a threat to businesses.

Indeed, the DDW can be a rich source of insight into emerging fraud tactics and schemes. But because accessing and engaging within these online communities can be challenging and risky without the proper expertise and protections, businesses are encouraged to work with reputable intelligence vendors to more effectively, easily, and safely gain visibility into the cybercriminal underground.

Keep track of regional ties and variations

Different types of fraud often have deeply rooted ties to different regions. Eastern Europe, for example, has long been considered a hub for cybercrime. Many businesses go to great lengths to gain insight into new schemes and tactics emerging from Eastern Europe, as they should. These types of insights are critical for establishing countermeasures, the most effective of which typically account for the social, cultural, and linguistic nuances known to characterize fraudulent activity originating in certain regions.

But in recent years, new cybercriminal communities and, as a result—new tactics and types of fraud—have quickly emerged in many more regions. Latin America is one such example. While fraudsters in Latin America have long been considered unsophisticated, unorganized, and unlikely to pose any substantial threats to businesses, this community has since evolved substantially. Many businesses that previously had no reason to monitor the Spanish-language cybercriminal underground are now striving to understand and combat threats originating from fraudsters in Latin America. And given that threats and indicators can vary substantially across different regions and communities, keeping track of these variations and new developments is a must for businesses and anti-fraud teams.

Just as fraudsters are extremely resilient, persistent, and resourceful, businesses, too, should seek to emulate these characteristics when fighting fraud. This means approaching fraud from new perspectives, learning about emerging schemes and tactics proactively, and seeking third-party services and expertise when necessary. While businesses have little control over the existence of fraud, they can control the extent to which they prepare for and mitigate this ever-evolving threat.


Chris Camacho partners with Flashpoint's executive team to develop, communicate, and execute strategic initiatives pertaining to Business Risk Intelligence (BRI).

With more than 15 years of cyber security leadership experience, he has spearheaded initiatives across Operational Strategy, Incident Response, Threat Management, and Security Operations to ensure cyber risk postures align with business goals.

Camacho has a B.S. in Decision Sciences & Management of Information Systems from George Mason University.

The opinions expressed in this blog are those of Chris Camacho and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.