How machine learning finds anomalies to catch financial cybercriminals
In the last few months, millions of dollars have been stolen from unemployment systems during this time of immense pressure due to coronavirus-related claims.
A skilled ring of international fraudsters has been submitting false unemployment claims for individuals that still have steady work. The attackers use previously acquired Personally Identifiable Information (PII) such as social security numbers, addresses, names, phone numbers, and banking account information to trick public officials into accepting the claims.
Payouts to these employed people are then redirected to money laundering accomplices who pass the money around to veil the illicit nature of the cash before depositing it into their own accounts.
The acquisition of the PII that enabled these attacks, and the pattern of money laundering that financial institutions failed to detect highlight the importance of renewed security. But where historical rules-based systems fail, artificial intelligence trained on high-quality data excels.
How attackers acquire your financial information
Suppose you’re in need of gasoline, and you’ve stopped at your usual station. You slip your credit card into the slot and the machine reads, “Remove card quickly,” just like always. Yet you probably haven’t noticed the miniature piece of hardware fitted over the slot, looking identical to the usual slot, that reads your credit card number as it passes by.
Or suppose you receive an email from alerts@weIlsfargo.com that reads “We Have Detected Suspicious Activity On Your Account, Did You Recently Spend $5000 on Amazon?” There’s a button that takes you to the website, and a message in the footer that says “Do not give your account credentials to anyone for any reason. Wells Fargo will never ask for your personal information in an email.” When you go to the website, it looks exactly as you would expect, so you enter your password and the hacker now has access to your account. Did you notice that Wells Fargo was spelled with: one lowercase “L” and one uppercase “i”?
Once the attacker has access, they can spend your money without your permission; as long as the individual transactions aren’t too large, most people rarely notice. Or worse, the attacker can clean your accounts in one motion before you realize what’s happened.
Anomaly detection methods
Companies employ machine learning to monitor emails, login attempts, personal transactions, and business activities every day. Most financial institutions use a kind of AI called anomaly detection, a process through which computers can classify activity on a consumer’s account as either typical or suspicious.
The analysis of time series data can be used for anomaly detection. It works by comparing the consumer’s transactions with their own recent transaction history. It often takes into account parameters like consumer location, transaction location, merchant location, merchant type, monetary quantity, time of the year, and more. If the probability of suspicious activity is above a certain threshold, it alerts human users of the danger. Alternatively, for very high probabilities, it might block transactions automatically.
For example, you may have a history of spending $30 per week at restaurants. If you were suddenly to spend $100 per week at restaurants, an AI may find this change to be normal during the holidays but potentially dangerous other times of the year.
To make these models effective, high-quality training data is essential. Training data is used to teach the model how to classify transactions as anomalies. Subject matter experts help the computer learn by manually identifying suspicious activity. The machine then uses the complex knowledge it learned from the training data to make predictions about novel data.
The trouble is that attackers are constantly innovating with new techniques that throw off the computers. A different kind of anomaly detection called unsupervised outlier detection helps us to root out emerging patterns of abuse. Instead of learning from the expertise of a human with training data, the goal of unsupervised outlier detection is to help the human to see patterns they didn’t see before.
This article originally appeared on thenextweb.com To read the full article and see the images, click here.
Nastel Technologies uses machine learning to detect anomalies, behavior and sentiment, accelerate decisions, satisfy customers, innovate continuously. To answer business-centric questions and provide actionable guidance for decision-makers, Nastel’s AutoPilot® for Analytics fuses:
- zAdvanced predictive anomaly detection, Bayesian Classification and other machine learning algorithms
- Raw information handling and analytics speed
- End-to-end business transaction tracking that spans technologies, tiers, and organizations
- Intuitive, easy-to-use data visualizations and dashboards
Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT and many more.
The Nastel i2M Platform provides:
- Secure self-service configuration management with auditing for governance & compliance
- Message management for Application Development, Test, & Support
- Real-time performance monitoring, alerting, and remediation
- Business transaction tracking and IT message tracing
- AIOps and APM
- Automation for CI/CD DevOps
- Analytics for root cause analysis & Management Information (MI)
- Integration with ITSM/SIEM solutions including ServiceNow, Splunk, & AppDynamics