Many companies use measures to combat fraud that are now outdated and do not work properly. This includes, for example, the search for malware or users who are redirected from known phishing sites. The process may seem plausible, but it doesn't really reduce fraud losses. This is due to the following reasons, among others.
- The hydra effect. The targeting of malicious code and phishing is like the Herculean fight against the many-headed Hydra. As soon as one head is done, two new ones grow back. Detecting malware is necessary, but hardly reduces the risk.
- Signature-based recognition is unreliable. With this method, a large part of the malicious code remains undetected. And detected malware is often associated with a large number of false-positive results. This means that signature-based approaches do not particularly reduce the risk.
- Compromised log-in data is not synonymous with fraud. Even if a company detects infections and phishing sites, that does not in itself help in detecting attempted fraud. After all, what can a company do with a list of compromised user accounts? After all, a company is not going to lock out its own customers.
In order to reliably and efficiently separate fraudulent from legitimate transactions, companies should switch their measures from signature-based to behavior-based. Instead of focusing on infected and phished user accounts, they have to watch out for unusual, anomalous behavior and transactions that are not to be expected and are probably not legitimate. This has numerous advantages, such as:
- Less addiction. Fighting, detecting and preventing fraud no longer depends on knowing which credentials have been compromised.
- Less false positives. A lower false positive rate means less wasted time following wrong tracks.
- More correct messages. A higher rate of correctly detected fraud attempts results in fewer fraud losses and better overall business results.
- More security of action. The more precisely a transaction can be assessed as legitimate, suspicious or fraudulent, the more targeted companies can take appropriate measures, for example approve, deny, demand or check.
Simply reacting on the basis of malware infections, phishing sites and compromised login data cannot reduce losses due to fraud. Instead, businesses should focus on distinguishing fraudulent from legitimate transactions. This can only be achieved through behavior-based systems. In this way, attempts at fraud can be reliably identified and prevented.
More on this at F5.com
Via F5 Networks F5 (NASDAQ: FFIV) gives the world's largest companies, service providers, government agencies and consumer brands the freedom to deliver any app securely, anywhere, with confidence. F5 offers cloud and security solutions that enable companies to use the infrastructure they choose without compromising speed and control. Please visit f5.com for more information. You can also visit us on LinkedIn and Facebook for more information about F5, its partners and technologies.