LearnFraud

System and method for detection of fraud in a wireless telephone system

2009-01-29T13:30:00.000-08:00

A system for the detection of fraudulent use of a wireless telephone system includes a signature analyzer to analyze the transmission characteristic of an unauthenticated transmitter. If the system authenticates the transmitter, based on stored records, the system establishes a customer call profile, based on the geographical location of the wireless telephone at the time of the calls, as well as a time period in which the communication occurs. The system uses these records to establish a customer call profile. The system analyzes a subsequent call and the customer call profile to designate the subsequent call as valid or invalid. The system overrides the decision of the signature analyzer that a particular unauthenticated wireless telephone is fraudulent if the values for call parameters of the subsequent call are sufficiently close to the corresponding parameter values in the customer call profile. The system is adaptive in that old call data records are periodically deleted, thus allowing their replacement with newer call data records

1. A system for the detection of wireless telephone fraud, the system comprising:

A signature analyzer to classify an unauthenticated wireless telephone as authorized or fraudulent based on a transmission characteristic of said unauthenticated wireless telephone in a communication with said unauthenticated wireless telephone;

an origin data storage area to store data related to a place of origin of a particular wireless telephone for each of a plurality of different communications with said particular wireless telephone classified by said signature analyzer as said authorized wireless telephone;

a timer to determine a time period associated with each of said plurality of different communications with said authorized wireless telephone;

a time storage area to store said time period in association with each of said plurality of different communications; and

a decision engine to analyze a communication with an unauthenticated wireless telephone classified by said signature analyzer as said fraudulent wireless telephone at a time subsequent to said plurality of different communications with said authorized wireless telephone, said decision engine designating said subsequent communication as valid regardless of whether said signature analyzer identified said unauthenticated wireless telephone as said fraudulent wireless telephone if a place of origin of said subsequent communication matches one of said places of origin in said origin data storage area and if a time period of said subsequent communication matches one of said time periods in said time storage area.

Fractals

2008-12-08T03:10:00.000-08:00

Fractals is a class leading integrated, intelligent fraud detection and prevention framework for issuers and acquirers of debit, credit and other types of payment cards which can operate in real time, near-real time and batch detection modes and which has been certified as Visa PABP PCI/DSS compliant.
Fractals enables empirical knowledge and experience of fraud analysts to be combined with strategies automatically inferred using Alaric's proprietary inference techniques which are based on Bayesian methods to deliver class leading fraud detection performance.
Fractals can be readily integrated with any authorization or card management system using Alaric's payments integration middleware, Authentic Gateway, enabling real time fraud detection and refer or decline of transactions in flight, at authorization time.
Fractals' Rules Engine enables fraud analysts to rapidly create powerful fraud detection rules, for both issuers and acquirers, via point and click, Windows-based configuration without requiring any programming or SQL/database knowledge.
Fractals' ACE (Adaptive Classification Engine) provides intelligent fraud detection, generating fraud alerts by executing mathematical models against incoming transactions to compute a fraud score. Uniquely, the ACE intelligent detection model is able dynamically self optimize and so detect emerging fraud patterns between model retrains, enabling a much higher detection rate to be maintained than is possible with, say, neural network methods, the detection performance of which tends to drop off shortly after a new model is deployed.
Fractals features highly configurable alert queue management, enabling dynamic allocation of fraud alerts to analysts according to a range of criteria.
Fractals rule configuration and fraud alert interfaces are browser-based and therefore suited to distributed operation.
Fractals is a multi-banking, multi-product system making it ideal for use by processors as well as end user institutions.
Written in Java and running on Oracle, Fractals is platform independent and runs on Windows, UNIX and LINUX operating systems.

How to Report a Fraud or Scam

2008-12-03T16:10:00.000-08:00

If you have observed a scam or been the victim of a scam, spam or fraud and want to report it for enforcement, here is a list of where to report different types of scams in the US, UK, Canada and many other countries. In some cases there is more than one agency to contact. Some scams fit into more than one category, also.
Of course, in all cases, you can start by reporting it to us, using this form. We will use the information to warn other consumers and help you to direct it to law enforcement agencies.
A catch-all for bringing internet scams to the attention of the FBI and FTC is the U.S. government's Internet Crime Complaint Center (IC3) at Internet Fraud Complaints Center If you are looking for your local FBI Office Listings to report a crime or scam, click here.
Do you want to report a fraud, scam or crime to the FBI (the Federal Bureau of Investigation), but can't find the phone number for your nearest local FBI office? See this page to find the closest office!
But to protect your finances, identity and in some cases, identity, you will generally also want to report the scam directly to another specific agency - see further down this page for specific directions.
Be sure to contact your bank or credit card company if you have given out credit card numbers, bank account information, etc.
And we will track and post more examples, so once again, please forward a copy to us - see the email address at the top of this page or cut and paste the email into our feedback form!

Solutions

2008-12-02T21:01:00.000-08:00

Proving click fraud can be very difficult, since it is hard to know who is behind a computer and what their intentions are. Often the best an advertising network can do is to identify which clicks are most likely fraudulent and not charge the account of the advertiser. Even more sophisticated means of detection are used, but none is foolproof.
The Tuzhilin Report produced as part of a click fraud lawsuit settlement, has a detailed and comprehensive discussion of these issues. In particular, it defines "the Fundamental Problem of invalid (fraudulent) clicks":
• "There is no conceptual definition of invalid clicks that can be operationalized [except for certain obviously clear cases]."
• "An operational definition cannot be fully disclosed to the general public because of the concerns that unethical users will take advantage of it, which may lead to a massive click fraud. However, if it is not disclosed, advertisers cannot verify or even dispute why they have been charged for certain clicks."
The pay-per-click industry is lobbying for tighter laws on the issue. Many hope to have laws that will cover those not bound by contracts.
A number of companies are developing viable solutions for click fraud identification and are developing intermediary relationships with advertising networks. Such solutions fall into two categories:
Forensic analysis of advertisers' web server log files.This analysis of the advertiser's web server data requires an in-depth look at the source and behavior of the traffic. As industry standard log files are used for the analysis, the data is verifiable by advertising networks. The problem with this approach is that it relies on the honesty of the middlemen in identifying fraud.
Third-party corroboration.Third parties offer web-based solutions that might involve placement of single-pixel images or Javascript on the advertiser's web pages and suitable tagging of the ads. The visitor may be presented with a cookie. Visitor information is then collected in a third-party data store and made available for download. The better offerings make it easy to highlight suspicious clicks, and they show the reasons for such a conclusion. Since an advertiser's log files can be tampered with, their accompaniment with corroborating data from a third party forms a more convincing body of evidence to present to the advertising network. However, the problem with third-party solutions is that such solutions see only part of the traffic of the entire network. Hence, they can be less likely to identify patterns that span several advertisers. In addition, due to the limited amount of traffic they receive when compared to middlemen, they can be overly or less aggressive when judging traffic to be fraud.

Click fraud

2008-11-28T17:11:00.000-08:00

Click fraud is a type of Internet crime that occurs in pay per click online advertising when a person, automated script, or computer program imitates a legitimate user of a web browser clicking on an ad for the purpose of generating a charge per click without having actual interest in the target of the ad's link. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud.
Use of a computer to commit this type of Internet fraud is a felony in many jurisdictions, for example, as covered by Penal code 502 in California, USA, and the Computer Misuse Act 1990 in the United Kingdom. There have been arrests relating to click fraud with regard to malicious clicking in order to deplete a competitor's advertising budget.

Pay per click advertising

2008-11-28T17:08:00.000-08:00

Pay per click advertising or, PPC advertising, is an arrangement in which webmasters (operators of Web sites), acting as publishers, display clickable links from advertisers in exchange for a charge per click. As this industry evolved, a number of advertising networks developed, which acted as middlemen between these two groups (publishers and advertisers). Each time a (believed to be) valid Web user clicks on an ad, the advertiser pays the advertising network, who in turn pays the publisher a share of this money. This revenue-sharing system is seen as an incentive for click fraud.
The largest of the advertising networks, Google's AdWords/AdSense and Yahoo! Search Marketing, act in a dual role, since they are also publishers themselves (on their search engines). According to critics, this complex relationship may create a conflict of interest. For instance, Google loses money to undetected click fraud when it pays out to the publisher, but it makes more money when it collects fees from the advertiser. Because of the spread between what Google collects and what Google pays out, click fraud directly and invisibly profits Google