Legal View

Fraudsters don't want us to get smarter systems

The unprecedented amount of data at our fingertips today enables the smart application of integrated, collaborative, intelligent fraud hunting systems.

Tallen Harmsen.

Fraud is more common than we think, and increasingly digital, and the numbers will keep going up until we figure out a smarter way to deal with it. Which we have now in the form of proactive fraud hunting.

Fraud is a daily occurrence in South Africa and not just the domain of those alleged to have captured the state. It hits individuals and companies hard.

For example, the media likes to report cases such as a Nelspruit magistrate who convicted a Bulgarian man, an illegal immigrant, who committed more than 600 counts of card-skimming at ATMs in the area, to 28 years in prison. The Hawks have also reportedly so far snagged 65 witness statements in the VBS Mutual Bank investigation into fraud and several other allegations.

But there are other, much more common types of fraud that often go unreported. Job applicants, for example, routinely lie about their skills and other employment details.

Debit order fraud is another common problem. In fact, in South Africa we face a panoply of fraud and fakery types, from people pretending to be all types of doctors, to ubiquitous allegations of tender fraud, forged prescriptions, "tap-and-go" swipes of bank cards that can communicate wirelessly, phishing for personal identities during tax season, SIM swaps and many more.

In fact, in what appears to be a case of tragic irony, go to the South African Fraud Prevention Service (SAFPS) Web site and one of the first things you will come across is a warning, in dire red, that the organisation will never request consumers to pay for Protective Registration and Victim letters. Apparently the fraudsters are trying every trick in the book.

There were 73 277 reported commercial crimes last year that included cases of corruption, fraud, money laundering, embezzlement and forgery, according to SAPS.

The problem with attempting to limit fraud or one day reduce it is that we usually have to wait until someone reports it before we can act on it.

The problem with attempting to limit fraud or one day reduce it is that we usually have to wait until someone reports it before we can act on it. It occurs in the past before we respond. And by then the criminal has usually made off with the loot.

What we need to do is develop our ability to stop fraud before it happens.

SIM swaps, for example, are routinely used to defraud consumers through online banking. Once hackers have obtained online banking details through any of a variety of means from vishing to smishing, phishing and social engineering, they log on to perform a transaction. But they cannot complete it without a one-time password. The SIM swap allows them to get the victim's SMSes without needing their actual phone to complete the transaction.

SIM swaps, like so many other types of fraud, are a common enough occurrence that we can establish a use case for a smart, machine learning-powered fraud hunting system in many ways similar to cyber security hunting.

We employ a collection of computer systems, policies, machine learning, data sources and reporting systems, along with some critical thinking based on organisational and industry knowledge, to establish baseline criteria for the systems to analyse. It develops thereafter based on actual use and real world, in-company application.

We analyse patterns of behaviour. We may see, for example, that SIM swaps occur. We set the system to work looking for patterns. Perhaps they're linked to a geographic store. Or to people routinely involved in approving or activating the SIM swaps across geographies and across departments maybe linked in some way outside the organisation.

We can also determine to greater and lesser extents how they previously duped the system, through false documentation, for example, or coercion. We can ascertain which processes are vulnerable to beef those up.

We can divulge fraudulent contracts, ghost users, whether or not syndicates are involved, all through the smart application of integrated, collaborative, intelligent fraud hunting systems that proactively plug the gaps before they're fully exploited.

We use the same advanced technologies and skills to investigate transaction thresholds, seeking the patterns in transactions that pass just below established alerts. It can disclose collusion, for example.

These systems are as good as the information we feed them and the good news is that we have an unprecedented amount of data at our fingertips today. It's also the most advanced means of improving the detection and eradication of all types of fraud in businesses today and improving the already massive R2.3 billion in savings that SAFPS users reported for 2017.

Tallen Harmsen
Head of cyber security at IndigoCube.

Tallen Harmsen has more than 14 years of experience as a security consultant and 21 years in the IT industry. He has been exposed in depth to the financial services, insurance, healthcare, pharmaceutical, mining, retail and logistics sectors. In his role as head of IndigoCube Cyber Security business, he engages progressive business solutions that challenge the emerging and entrenched threat landscapes.

Have your say
Facebook icon
Youtube play icon