Security News > 2021 > September > Human Fraud: Detecting Them Before They Detect You

Human Fraud: Detecting Them Before They Detect You
2021-09-06 15:29

Tony Lauro, director of security technology and strategy at Akamai, discusses how to disrupt account takeovers in the exploitation phase of an attack.

In these last two stages, attackers put the bots aside, roll up their sleeves and take a manual approach to try and compromise individual accounts.

Or, perhaps the fraud team notices that multiple accounts across the targeted organization suddenly all have the same shipping address.

If the target account is high profile or lucrative enough, the attacker may go the extra mile to circumvent the organization's fraud controls and challenges.

These kinds of signals are more specific to the actual account owners that would be much more difficult for the attacker to try and emulate on their own.

By evaluating these known traits sampled from the real Tony Lauro, it allows more accurate options available if a fraudster is detected such as step-up authentication, one-time password challenges, blocking or simply tag the request with its associated risk score to be passed onto the companies fraud team where they can have further fidelity into what their tools are doing to detect imposters and stop them before they take over customer accounts.


News URL

https://threatpost.com/human-fraud-detecting/169230/