Encyclopedia of Security and Emergency Management

Living Edition
| Editors: Lauren R. Shapiro, Marie-Helen Maras

Fraud Risk Management: Using Fraud Analytics to Combat External and Insider Threats

Living reference work entry
DOI: https://doi.org/10.1007/978-3-319-69891-5_296-1

Definition

Fraud is the loss of financial assets, information, or property where a victim unknowingly believes false information provided by a malicious individual or organization that stands to benefit from the false representation.

Introduction

Organizations of all sizes recognize that fraud, whether committed by malicious insiders or external threat actors, can have a significant impact on an organization’s reputation and profitability as well as on customer experience. Firozabadi et al. (1998) claim fraud usually occurs when: “(a) an individual or an organization intentionally makes an untrue representation about an important fact or event; (b) the untrue representation is believed by the victim (the person or organization to whom the representation has been made; (c) the victim relies upon and acts upon the untrue representation; (d) the victim suffers loss of money and/or property as a result of relying upon and acting upon the untrue representation” (Firozabadi et al. 1998, p....

Keywords

Analytics Artificial intelligence Authentication Cloud computing Cybercrime Fraud Insider threat Machine learning Payments 
This is a preview of subscription content, log in to check access.

References

  1. Abdullahi, R., & Mansor, N. (2015). Fraud triangle theory and fraud diamond theory. Understanding the convergent and divergent for future research. Retrieved from https://pdfs.semanticscholar.org/d86f/5988fccc216c92c891191323a2c7f639b834.pdf
  2. Abu-Shanab, E., & Matalqa, S. (2015). Security and fraud issues of E-banking. International Journal of Computer Networks and Applications, 2(4), 179–187. Retrieved from https://www.ijcna.org/Manuscripts/Volume-2/Issue-4/Vol-2-issue-4-M-04.pdf
  3. Anderson, R., & Murdoch, J. S. (2014). EMV: Why payment systems fail. Retrieved from https://cacm.acm.org/magazines/2014/6/175170-emv/abstract
  4. Binns, C. A. (2019). Investigations: Fraud. In L. Shapiro & M.-H. Maras (Eds.), Encyclopedia of security and emergency management. Cham: Springer.Google Scholar
  5. Butavicius, A. M., Parson, K., Pattinson, R. M., & McCormac, A. (2016). Breaching the human firewall: Social engineering in phishing and spear-phishing emails. Retrieved from https://www.semanticscholar.org/paper/Breaching-the-Human-Firewall%3A-Social-engineering-in-Butavicius-Parsons/b58de02e690f07853e88cc93e93e5b71fdf9b493
  6. Campbell, M. (1999). Knowledge discovery in Deep Blue. Retrieved from https://dl.acm.org/citation.cfm?id=319396CrossRefGoogle Scholar
  7. Catrantzos, N. (2012). Managing the insider threat: No dark corner. Retrieved from https://www.amazon.com/Managing-Insider-Threat-Dark-Corners/dp/1439872929CrossRefGoogle Scholar
  8. Chandra, R., & Prihastomo, Y. (2012). Artificial intelligence definition: A review. Retrieved from https://www.semanticscholar.org/paper/Artificial-Intelligence-Definition-%3A-A-Review-Chandra-Prihastomo/d959ad041acca7570a7229e51c18a297bb7ca0b2
  9. Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: Causes, challenges, prevention, and future directions. WIREs: Data Mining & Knowledge Discovery, 7(5).  https://doi.org/10.1002/widm.1211.Google Scholar
  10. Choubey, J., & Choubey, B. (2013). Secure user authentication in internet banking: A qualitative survey. Retrieved from https://www.researchgate.net/publication/290465488_Secure_User_Authentication_in_Internet_Banking_A_Qualitative_Survey
  11. Dupont, B., Côté, M. A., Boutin, I. J., & Fernandez, J. (2017). Darkode: Recruitment patterns and transactional features of “the most dangerous cybercrime forum in the world”. American Behavioral Scientist, 61(11), 1219–1243.  https://doi.org/10.1177/0002764217734263.CrossRefGoogle Scholar
  12. Durtschi, C., & Pacini, C. (2004). The effective use of Benford’s Law to assist in detecting fraud in accounting data. Retrieved from https://www.researchgate.net/profile/Cindy_Durtschi/publication/241401706_The_Effective_Use_of_Benford's_Law_to_Assist_in_Detecting_Fraud_in_Accounting_Data/links/54982f4a0cf2c5a7e342a59e.pdf
  13. Federal Bureau of Investigation. (2018). International business e-mail compromise takedown: Multiple countries involved in coordinated law enforcement effort. Retrieved from https://www.fbi.gov/news/stories/international-bec-takedown-061118
  14. Firozabadi, S. B., Tan, H. Y., & Lee, M. R. (1998). Formal definitions of fraud. Retrieved from https://pdfs.semanticscholar.org/f10b/ff42c86d957ce6aa0c3fd69f23f77eacfb5e.pdf
  15. Fleishman, G. (2018). Equifax data breach, one year later: Obvious errors and no real changes, new report says. Retrieved from http://fortune.com/2018/09/07/equifax-data-breach-one-year-anniversary/
  16. Gandhi, D., Pinto, L., & Gupta, A. (2017). Learning to fly by crashing. Retrieved from https://arxiv.org/pdf/1704.05588.pdf
  17. Gayathri, S., & Mangai, T. (2018). A critical analysis of the Punjab National Bank scam and its implications. International Journal of Pure and Applied Mathematics, 119(12), 14853–14866. Retrieved from https://ssrn.com/abstract=3274568
  18. Gordon, W. R. (2018). Information sharing and collaboration. In A. K. Sood (Ed.), Canadian cybersecurity 2018; An anthology of CIO/CISO enterprise-level perspectives (pp. 107–128). Retrieved from https://issuu.com/clxforum/docs/canadian-cybersecurity_2018
  19. Hunker, J., & Probst, C. W. (2011). Insiders and insider threats an overview of definitions and mitigation techniques. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.465.7490&rep=rep1&type=pdf
  20. Jain, K. A., Ross, A., & Prabhakar, S. (2004). An introduction to biometric recognition. Retrieved from https://people.eecs.berkeley.edu/~johnw/cs294-97/papers/intro-biometric.pdf
  21. Karim, S. S. (2016). Cyber-crime scenario in banking sector of Bangladesh: An overview. Retrieved from http://www.icmab.org.bd/images/stories/journal/2016/Mar-Apr/3.Cyber-crime.pdf
  22. Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. Retrieved from https://hub.packtpub.com/understanding-the-cost-of-a-cybersecurity-attack-the-losses-organizations-face/
  23. McMillan, R., & Knutson, R. (2017). Yahoo triples estimate of breached accounts to 3 billion. Retrieved from https://www.wsj.com/articles/yahoo-triples-estimate-of-breached-accounts-to-3-billion-1507062804
  24. Menzies, T. (2003). Guest editor’s introduction; 21st-century AI: Proud, not smug. Retrieved from https://www.computer.org/csdl/magazine/ex/2003/03/x3018/13rRUxC0SLSCrossRefGoogle Scholar
  25. Musaev, E., & Yousoof, M. (2015). A review on internet banking security and privacy issues in Oman. Retrieved from http://icit.zuj.edu.jo/ICIT15/DOI/E-Technology/0070.pdf
  26. Ozkaya, E., & Aslaner, M. (2019). Hands-on cybersecurity for finance: Identify vulnerabilities and secure your financial services from security breaches. Retrieved from https://www.amazon.com/Hands-Cyber-Security-Finance-vulnerabilities-ebook/dp/B07F2JH2YF/ref=sr_1_1?keywords=cybersecurity+for+finance&qid=1554684802&s=books&sr=1-1
  27. Pomerleau, P. L. (2019). Public-private partnerships: Port security. In L. Shapiro & M.-H. Maras (Eds.), Encyclopedia of security and emergency management. Cham: Springer.Google Scholar
  28. Ryman-Tubb, F. N., Krause, P., & Garn, W. (2018). How artificial intelligence and machine learning research impacts payment card fraud detection: A survey and industry benchmark. Engineering Applications of Artificial Intelligence, 76, 130–157.  https://doi.org/10.1016/j.engappai.2018.07.008.CrossRefGoogle Scholar
  29. Schmidhuber, J. (2007). 2006: Celebrating 75 years of AI – History and outlook: The next 25 years. Retrieved from https://arxiv.org/abs/0708.4311
  30. Shapiro, L. R., Maras, M.-H., Velotti, L., Pickman, S., Wei, H.-L., & Till, R. (2018). Trojan horse risks in the maritime transportation systems sector. Journal of Transportation Security, 11(3/4), 65.  https://doi.org/10.1007/s12198-018-0191-3.CrossRefGoogle Scholar
  31. Smith, S. (2018). Investigations: Bank fraud. In L. Shapiro & M.-H. Maras (Eds.), Encyclopedia of security and emergency management. Cham: Springer.Google Scholar
  32. Sokolova, M., & Lapalme, G. (2009). A systematic analysis of performance measures for classification tasks. Information Processing & Management, 45(4), 427–437. Retrieved from http://atour.iro.umontreal.ca/rali/sites/default/files/publis/SokolovaLapalme-JIPM09.pdf
  33. Tulio, R. M., Singh, S., & Guestrin, C. (2016). Why should I trust you? Explaining the predictions of any classifier. Retrieved from https://www.kdd.org/kdd2016/papers/files/rfp0573-ribeiroA.pdf
  34. Vaquero, L., Rodero-Merino, L., Caceres, J., & Lindner, M. (2009). A break in the clouds: Towards a cloud definition. Computer Communication Review, 39(1), 50–55. Retrieved from http://ccr.sigcomm.org/online/files/p50-v39n1l-vaqueroA.pdf
  35. Walters, R. (2016). Cyber attacks on U.S. companies in 2016. Retrieved from http://thf-reports.s3.amazonaws.com/2016/IB4636.pdf
  36. Zaslavsky, A., Perera, C., & Georgakopoulos, D. (2013) Sensing as a service and big data. Retrieved from https://arxiv.org/abs/1301.0159

Further Reading

  1. Isson, J. P. (2018). Unstructured data analytics: How to improve customer acquisition, customer retention, and fraud detection and prevention. Retrieved from https://www.amazon.ca/Unstructured-Data-Analytics-Acquisition-Prevention/dp/1119129753/ref=tmm_hrd_swatch_0?_encoding=UTF8&qid=&sr=.
  2. Ozkaya, E., & Aslaner, M. (2019). Hands-on cybersecurity for finance: Identify vulnerabilities and secure your financial services from security breaches. Retrieved from https://www.amazon.com/Hands-Cyber-Security-Finance-vulnerabilities-ebook/dp/B07F2JH2YF/ref=sr_1_1?keywords=cybersecurity+for+finance&qid=1554684802&s=books&sr=1-1

Authors and Affiliations

  1. 1.Business Administration – Homeland Security and Leadership PolicyNorthcentral UniversitySan DiegoUSA
  2. 2.CybersecurityGeorgia Institute of TechnologyAtlantaUSA