Catching Cybercriminals by Mining Data

Like Tom and Jerry, security experts and computer forensics play a cat and mouse game between them and cybercriminals and fraudsters – in fact, like Jerry, bad guys always have the upper hand. Bad guys are winning because of their tools, skills, tenacity and time, while the good guys are trying their best just to identify the fraudulent transaction, preventing web fraud and also halting not so good customers in transacting business.

In fact, fraud analysts are diligent and are looking for ways to put them one step ahead against the baddies. One way for fraud analysts to have an edge against fraudsters is data and it is measurable and also mineable. It can help fraud analysts in preventing fraud, but it depends on the data’s nature and also its context. It is like identifying the potential hotspots for fraud and predicting each fraudster on how they will respond in increase of security and how each type occurs. Since most criminals are hunter-gatherer types, securities and analysts must be able to pounce on these fraudsters before they can even subdue a victim.

But this can only happen when fraud analysts, cyber security experts and digital computer forensics will analyze the data before them, discern the patterns of fraudsters and also identify these cybercrime hotspots. By doing so, experts can adjust their particular strategies according to the patterns of crooks. With this insight, they will increase their effectiveness when detecting fraud and it will help them go on the offensive when trying to prevent fraud. There are simple ways on how to understand each pattern and here is one example of it.

With the ThreatMetrix Fraud Network, experts can see which countries have the highest percentage of online business transactions that are conducted; transactions that use hidden proxies that are found in the US. By viewing the set of traffic in the web transactions, it will provide a window of opportunity to see that behaviors that can be useful in looking and identifying the patterns that would tell which are the cybercrime hotspots, even if it is still in a starting stage. With this, fraud analysts and security experts can use the data to deter and thwart scammers before they could even begin with their scamming.

However, not all persons who are using hidden proxies inside the United States and to make them appear like they are located in US even if the fact is they are from a different country, isn’t a clear indication of fraud. Sometimes, there are some reasons why a particular internet user from a certain country will look for ways to become anonymous and one reason is political reasons. But when this data is combined with other tell tale signs for fraud then it would be a strong reason to believe that person could be a fraudster.

Which country do you think is hiding behind the US proxies more than any other countries when you consider the total number and percentage of business transactions? Nope it isn’t India – it is Iran with 70 percent of all their transactions all coming through a certain hidden proxy in the United States. The next on the list is Burma with only 17 percent and even Tiny Benin, a small country in the West Africa makes the top ten countries and it narrowly beat United States.

According to an expert, a number of those transactions from Iran came from one person only. In fact he believes that this person is aware of his transgressions; this suspect has researched further and scrutinized all the other characteristics of transaction so that he could determine the risks associated with each transaction.

In observing the patterns about fraudulent transaction, to better understand their pattern and how they operate, it is also important to understand the point of origin of that transaction. It is more helpful if there are more data. Fraudulent acts and web crime patterns can easily be detected if experts have excellent analytical skills and fast decisive mind.

Researchers believe that law enforcement agencies must have a better understanding the flow of crime patterns on the Web. This way they can work hand in hand with security experts to dive deep in the minds of criminals to have a better advantage on the battle against fraudsters. It is not necessary for them to undergo special trainings and computer forensic course, what is important is that they can understand the minds of fraudsters and scammers so that they can act before the crime could even happen.

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in computer forensics.

More information about EC-Council is available at http://www.eccouncil.org.