Over the past two decades, the booming ecommerce and fintech industries have become a breeding ground for fraud. Organizations that conduct business online are constantly engaged in a cat-and-mouse game with these invaders. In this practical book, Gilit Saporta and Shoshana Maraney draw on their fraud-fighting experience to provide best practices, methodologies, and tools to help you detect and prevent fraud and other malicious activities.

Data scientists, data analysts, and fraud analysts will learn how to identify and quickly respond to attacks. You'll get a comprehensive view of typical incursions as well as recommended detection methods. Online fraud is constantly evolving. This book helps experienced researchers safely guide and protect their organizations in this ever-changing fraud landscape.

With this book, you will:

• •  Examine current fraud attacks and learn how to mitigate them
• •  Find the right balance between preventing fraud and providing a smooth customer experience
• •  Share insights across multiple business areas, including ecommerce, banking, cryptocurrency, anti-money laundering, and ad tech
• •  Evaluate potential risks for a new vertical, market, or product
• •  Train and mentor teams by boosting collaboration and kickstarting brainstorming sessions
• •  Get a framework of fraud methods, fraud-fighting analytics, and data science methodologies
  
  From the Preface

“With commerce comes fraud,” wrote Airbnb cofounder Nathan Blecharczyk back in 2010, and it’s safe to say that the maxim has proven itself over and over in the years since then. Global online sales reached nearly 4.29 trillion USD in 2020, with more than 1 out of every 5 dollars spent online. Fraudsters follow the money, making online fraud bigger, smarter, and bolder than ever.
 

Fraud fighters, with their heads down in the data, excel at identifying new suspicious patterns and tracking down perpetrators. The constant pressure of fraud prevention means that often, day-to-day activities prevent fraud fighters from taking a breath, putting their head above the parapet, and looking around to see what’s happening outside their company or their industry. The purpose of this book is to provide a wider and more strategic perspective as well as hands-on tips and advice.
 

During our time in fraud prevention, we have been privileged to have the chance to talk to and see data and trends from a wide range of merchants and organizations. It’s that breadth that we want to share in this book.

Who Should Read This Book?

Primarily, fraud analysts! The main audience we had in mind as we wrote this book was the smart, dedicated, and creative collection of folks we know who fight the good fight against fraud in their organizations, and in some cases lead fraud operations in those organizations. We hope the wider context provided in this book helps you see your own work in the context in which it belongs. We also hope the structure and framework we provide for different types of fraudsters, attack methods, and identification and mitigation efforts help you get things clearer in your own head—something that can be challenging when you’re always focused on making sure chargebacks remain low while approval rates remain high. We hope this book is, as it says on the cover, practical and useful. And we hope it reminds you that, whatever today’s challenges are, you are never alone; you are part of a community of passionate fraud fighters who want to catch fraud, protect their companies, and get things right as much as you do.
 

We also hope this book will be valuable in training new fraud analysts, introducing them to the field, and giving them practical tips and even code to run. Having a wider understanding of online fraud, in a variety of contexts and through a variety of attack methods, will help new analysts immeasurably as they come to grips with their new challenges.
 

The nonfraud folks you work with regularly, such as software engineers or data scientists, who may have some working understanding of fraud prevention but who don’t live and breathe fraud fighting in the way that your own team does, may also find this book interesting and beneficial, giving them valuable additional context for the work you engage in together. We hope it makes your partnership stronger, smoother, and even more successful.
 

As well, we hope you’ll find this book helpful in introducing key concepts of fraud and fraud prevention to others in your organization who have no experience in fraud. As we emphasize repeatedly throughout this book, both collaboration with other departments and representing fraud prevention efforts appropriately to upper management are crucial in achieving true success as a fraud prevention department.
 

The context in which fraud analysts work is, frankly, cool—even if most fraud fighters don’t recognize that or think about it day to day. You’re fighting cybercriminals who use a range of ingenious techniques to try to trick you and steal from the business. Once others in your company understand this and some of the context behind it, they will care a whole lot more about what you do and will want to help you do it.
 

It is important to note that in general, this book reflects and speaks to the perspective of a fraud prevention professional or team, and also an AML professional or team in the sense that AML traces patterns, detects anomalies, and acts to prevent them. The compliance-focused side of AML, the perspective of data scientists or compliance experts or financial analysts, is not reflected here. There are other books that focus on these domains and aim to talk to and help the experts within them.
 

It was important for us to focus firmly on the fraud prevention side of things because in some ways, the fraud prevention industry is underserved in terms of educational opportunities. There are numerous excellent higher education courses and certifications (and even YouTube videos) that individuals can use to further their understanding of data science and become qualified in its use. ACFE runs diverse courses that enable participants to become Certified Fraud Examiners so that they can help businesses fight money laundering, insider fraud, financial fraud, and so forth. But there is no equivalent organization, course, or set of materials to help fraud analysts learn and stay up to date with fraud prevention within ecommerce, online marketplaces, or fintech. (Though the Merchant Risk Council is working on training materials and tests for junior fraud analysts, so watch that space!)
 

There is one advantage fraud fighters have that does balance out this lack to some degree. Fraud prevention, as an industry, has a particular advantage in that its professionals are unusually willing to collaborate, sharing experiences, tips, and even data with one another. This plays out in conferences, forums, and roundtables. Just as fraudsters work together sharing information about sites’ weaknesses and how they can be leveraged, and sometimes work together to form combined attacks, so fraud fighters work together to combat their shared enemy. As Karisse Hendrick, founder and principal consultant at Chargelytics Consulting and host of the popular Fraudology podcast, says, this really is a “superpower,” and fraud fighters who draw on this community spirit and nurture relationships within the industry can have a powerful advantage in fighting fraud.
 

This drive for collaboration is, in a sense, only logical, since it extends the understanding and effectiveness of fraud fighters and helps outweigh the extent to which criminals often work together to defraud companies. It’s also a reflection of the drive for justice that many of the fraud prevention experts we quote in this book feel animates their work and that of their team. Carmen Honacker, head of Customer and Payment Fraud at Booking.com, offers a delightful story about the time her card details were stolen and the bank called to inform her of the suspicious activity. Using her fraud prevention background and skills, she tracked down the thieves and then sent the police to arrest them. The bank managers, when she told them, were astonished and impressed. Fraud fighters can’t manage that for every suspicious case they encounter, but the drive for justice is definitely strong in the industry.
 

Domain expertise is hard-won knowledge for fraud fighters. This is partly because of the lack of courses and certifications, but also because, from a data perspective, there just aren’t that many fraudsters. It’s a tiny minority of users who have an enormous impact. You can’t fight the problem purely with data or machines (though as we will discuss in the book, data and machine learning can be extremely helpful). You simply need to know a lot about how fraudsters work and how your company works. This takes time, research, and ongoing effort; a fraud prevention expert’s perspective must evolve as consumer behavior, fraudster behavior, and company priorities do.
 

We sincerely hope this book will help fill in a little of that information gap in the fraud prevention industry. Whether you’re just starting out in your career and looking for an overview, or you’re an expert with decades of experience wanting to dig into various issues or patterns, build a framework for your accumulated knowledge, or look for new ways to combat challenges, we hope you enjoy this book and find it helpful. And we wish you the best in the ongoing, ever-evolving battle against crime that characterizes the fraud prevention profession.

Editorial Reviews

About the Author

Gilit Saporta is an experienced fraud-fighting leader with well over a decade of experience in the field. Having begun her career at Fraud Sciences, the startup famous for pioneering innovative accuracy in online fraud prevention, during the course of her career she has led and trained fraud analysts at PayPal, Forter, and Simplex. She is currently a lecturer at and a content contributor to the Tel Aviv University MBA Fintech Fraud Course, is on the steering committee of the annual CyberWeek FraudCon Conference, co-hosts Fraud Fighters’ Israeli meetups and leads the Israeli branch of RiskSalon. She is an experienced conference speaker and has contributed to many fraud, risk, and payments publications.

Shoshana Maraney is an experienced writer, with more than a decade of experience in expressing complex concepts, technologies, and techniques in comprehensible and relatable language. She has worked in the fraud prevention industry for more than five years, at first Forter and now Identiq. She is a content committee member of the Tel Aviv University CyberWeek FraudCon Conference, and has created numerous presentations for risk and payments conferences around the world. She has composed many articles for fraud, risk, and payments publications. Her degree is from Cambridge University.