Internet is fraudsters' foe as well as friend

Computer-enabled fraud is a serious and costly problem for both businesses and consumers.

Computer-enabled fraud is a serious and costly problem for both businesses and consumers.

However, sophisticated software programs first used to help marketing departments improve sales figures are proving adept at cornering fraudsters too.

Forensic data mining, which combines large computer databases with the ability to analyse links between apparently random bits of information, helps expose the webs of deceit that cost US companies $400 billion (€470 billion) a year, according to the US Association of Certified Fraud Examiners.

The problem is so serious that many businesses feel the expensive forensic programs, a form of customer relationship management (CRM) software, are well worth the investment.

READ MORE

Consider the figures: in Britain, the Telecoms UK Fraud Forum believes $1.575 billion is lost annually to telecoms fraud, while the British Bankers Association says £200 million sterling (€332 million) is lost in credit card scams.

Consumers are victims too. The FBI just nabbed 90 online fraudsters who had fleeced 56,000 Internet users of more than $117 million.

Some 2,000 computer users a week complain of identity theft (where someone steals another's personal information and credit card details to make purchases) to the US Federal Trade Commission.

Generally, Internet fraud is increasing at more than 20 per cent annually.

Amazon.com loses between 1 and 3 per cent of its annual revenues to fraud, according to Amazon's director of fraud detection, Ms Jaya Kolhatkar.

She spoke last week on a fraud panel at CRM software company SAS's annual European conference in Florence. Yet, despite such figures many companies are doing little about fraud.

Some 72 per cent of companies in one British study by SAS said they had no measures in place to detect or prevent fraud.

"They are saying: `Even though we believe there's a big problem with fraud, we're not doing anything about it and we're going to sell to you online anyway'," said Mr Peter Dorrington, UK business solutions marketing manager for SAS. He also noted that fraud is believed to be under-reported, because companies feared they would be seen as vulnerable and their share price would fall.

In addition, fraudsters often received suspended sentences or could not pay fines, so companies did not bother to try to report incidents or prosecute, Mr Dorrington said.

One solution, forensic data mining, looks at transaction and billing data, and seeks for patterns that shouldn't be there.

For example, if multiple transactions come in within 30 minutes from one credit card but from various cities, the program will flag the transactions as odd "velocity transactions", a form of credit card fraud where a user is making up multiple billing addresses.

Or, if a credit card is swiped twice at the same retail location, which often means an employee is creating a personal purchase on someone else's card, the software will send an alert.

Ms Jolie Reichel, research manager for Australian healthcare insurer Medical Benefits Fund, said its program can spot suspicious activity - such as healthcare providers that are billing for an infeasible amount of work - and has saved them $700,000 Australian dollars (€420,000) in six months. Ms Reichel cited one example where an acupuncturist made so many claims that he seemed to be working 40-hour days.

A check-up visit to the man revealed an empty office with no patients.

He eventually admitted he was building an extension to his house, funded by the imaginary clients.

The forensic program also looks for unusually high linkages between two practitioners, where many patients have visited the same dentist and optometrist. It often reveals that the practitioners are referring patients to each other and charging the insurer for more expensive procedures than they actually perform.

Ms Reichel said the program also spots patients that have reached the limits of their own policy benefits and so charge services to a less-used family member's account.

Amazon's Ms Kolhatkar said the company has been the victim of identity theft as well as `dumpster divers' - those who retrieve others' credit card receipts from the trash.

"At Amazon, we have many types of transactions happening every day so it's very difficult to track the small number of fraud transactions," she said.

Amazon uses its forensic CRM program to build profiles of suspected fraudsters and types of fraud. She added that the company has cut fraud by 50 per cent.

The Internet may present opportunities to fraudsters but, in the end, it also helps hunt them down because fraudsters leave data trails that only the most expert can cover effectively.

"That means on the Internet, it's probably easier to catch criminals than when fraud is in a written form," said Ms Kolhatkar.

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology