The 29th Annual Global Fraud Conference took place last week in Las Vegas. Hosted by the Association of Certified Fraud Examiners (ACFE), the conference attracted a variety of fraud professionals: investigators, auditors, risk managers, and law enforcement officers.
THE EXPANDING REACH OF THE DARK WEB
Three themes emerged early, with keynotes from Bruce Dorris, President and CEO of ACFE, and from Rob Wainwright, the former Executive Director of Europol. The two presentations shared a focus on the overlapping issues facing both fraud and security teams.
1. Criminals are benefiting from technical advancements as much as organizations are. Technical advancements are allowing for faster payments and expanded user experiences, but these same advancements are giving fraudsters the opportunity to test out new, faster, more lucrative fraud schemes. “Fraudsters have to do their research,” said Iain Cottingham, Vice President of Orange’s group for Fraud and Revenue Assurance, during a panel on fraud risk management, “but they only have to get lucky once.” Once they find a scheme, they can build on it, repeat it, and share it with others in their network.
The cyber crime schemes borne out of technological advancements present a sharp learning curve for fraud teams. In the same panel, Jean Turnbull, a VP in Financial Crimes & Fraud Management Group at TD Bank, admitted that cyber developments represent the biggest change in fraud management; fraud teams must work with information security teams to identify ways to incorporate available intelligence into fraud models.
2. “Data is an increasingly valuable commodity,” stressed Dorris, and fraudsters know that. The value of data, and the growth of illicit economies to trade in that data, is a threat facing both the fraud and security communities. The commoditization of data is an opportunity to drive collaboration across the teams—not continue in redundantly parallel development.
Mauriceo Castanheiro, Director of Fraud at Verafin, emphasized the need for fraud teams to begin to identify and manage fraud schemes at a level of data aggregation, rather than attempting to solve each fraud individually, calling the approach of investigating individual fraud schemes a “losing strategy.” Castanherio’s analogy for a better approach to fraud is an apt one: it’s like the flu shot, he said, in that we shouldn’t each need to get the flu and deal with it in isolation if we can aggregate data, research and identify trends, and work together on solutions that will benefit the entire ecosystem.
3. The dark web is a thriving hub to trade in data and data tools. Fraud investigators are looking to the dark web as a tool for expanded investigations, and fraud prevention and detections systems understand the value of tracking the accounts being leaked and traded.
Cary Moore, CEO of MetaByte Security, emphasized the economy for stolen information, noting the ease and frequency with which data and data harvesting tools are being traded in the criminal underground. “Data,” said Moore, “is the new currency.” Moore went on to call dark web markets “fantastic business models,” in the age of constant data breaches, in their ability to identify a market for data and make that data widely available.
Castanheiro also included the dark web in his discussion of fuller, more mature fraud intelligence, noting that “exploring the dark web is critical for financial institutions” as the dark web provides additional data points for investigators to identify potential fraud risks.
The themes were a preview of the topics front and center of the presentations, conversations, and panels that took place throughout the remainder of the conference. In addition to these themes, attendees and speakers shared insights into how the evergreen fraud schemes continue to manifest in their industries: how check fraud plagues financial institutions, how providers continue to benefit from Medicare and Medicaid frauds, and how the hubris of criminals can generate the most lazy of schemes in search of cold hard cash. One South American investigator shared a local trend of fraudsters bypassing cyber schemes and hardware hacks for compromising ATMs, instead favoring good, old fashioned dynamite.
DESPITE SHARED THREATS, GAPS IN COMMUNICATION PERSIST
The global draw of the conference created the perfect impromptu focus group to survey the level of communication between the fraud and information security teams within an organization.
When asking attendees “Are your teams talking? If so, more than before?”, the answers were uniform, and uniformly optimistic: “Not quite, not yet,