March 07, 2022

Fraud is like art forgery – the better the copy, the better magnifying glass you need

Fraudsters have always been taking advantage of businesses’ vulnerabilities. And with the increased reliance on technology caused, cybercriminals are getting creative at targeting enterprises.

Many organizations are not fully aware of the detrimental consequences a single successful fraud can cause. Threat actors can steal millions of dollars and ruin brand reputation. That’s why various protection solutions exist. Whether it’s using an antivirus with the most up-to-date operating system or investing in fraud prevention tools – companies should always try to prevent such incidents before they take place.

To find out more about fraud prevention solutions, we talked to Jérôme Bovay, the Team Leader Data Scientist at NetGuardians – a company that helps enterprises fight cybercriminals with fraud detection services.

Tell us more about the story of NetGuardians. What would you consider to be your greatest achievements throughout the years?

NetGuardians was born in Switzerland back in 2007, when the company’s CEO and Co-Founder Joël Winteregg, an ethical hacker back then, found gaps and weaknesses in organizations. He founded NetGuardians to offer better protection from fraudsters. Since then, we are on a mission to protect organizations, particularly financial institutions, and their customers from challenging fraud threats through our AI-based fraud prevention software platform.

Our biggest achievements include:

  • We protect over 7 trillion assets under management worldwide
  • 40% of all Swiss state-owned commercial banks use NetGuardians
  • 3 of 5 largest banks use our solution in Southeast Asia (e.g. UOB Singapore)
  • 3 of the top 10 banks in Euromoney’s private banking ranking are our clients (e.g. Pictet and Lombard Odier)

Can you explain to us what you do? Which industries do you mainly work with?

We are a Swiss FinTech company protecting financial institutions and their customers from fraudsters across the globe through our AI-based software platform. We are the only company to stop fraud from day one. This is thanks to our ready-to-go solutions, which include:

  • Payment fraud – stops fraudulent transactions due to social engineering, invoice scams, CEO fraud, and more in real-time
  • Internal fraud – prevents internal banking fraud due to collusion, control bypass, and more in real-time

Banks using NetGuardians’ software have achieved reductions of up to 85 percent in false positives, decreased operational losses by +75%, and have detected new fraud cases.

NetGuardians is the fraud-prevention partner of major banking software companies, including Finastra, Avaloq, Mambu, and Finacle.

The company was listed as a representative vendor in Gartner’s 2020 Market Guide for Online Fraud Detection and a Global Leader in Aite’s 2021 Fraud and AML Machine Learning Platforms Report. Headquartered in Switzerland, we have offices in Singapore, Kenya, and Poland.

What types of technology do you use to detect fraudulent payments?

NetGuardians relies on Artificial Intelligence to detect banking frauds. In opposition to traditional vendors that use rule-based techniques, raising a tremendous number of false positives or leading to unmaintainable rule lists, NetGuardians has a unique approach to tackle problems. This technology is 3D AI. Three strong pillars are combined to provide the most efficient fraud coverage possible:

  • Anomaly detection, which detects fraud patterns starting from day one. A smart combination of feature engineering and unsupervised algorithms brings efficiency without requiring any prior information about fraud.
  • Fraud recognition, a.k.a supervised learning. Powerful algorithms are trained on various fraud types to further reduce the number of false positives. Our complete analytical approach uses a smart combination of supervised and unsupervised algorithms to offer the best fraud coverage while minimizing the number of false positives.
  • Adaptive feedback, which continuously feeds our algorithms with reviews from the banks' analysts, as well as recently detected frauds. This feedback is essential to maintain the performance of our various algorithms at their best level.

Finally, as a data scientist, I cannot resist speaking about the actual algorithms we use and the kind of analytics we provide. Behind the scenes, we use statistics and machine learning models, such as Random Forest or Neural Networks. Based on internal research and collaboration with universities, we also use proprietary technology, such as Peer Groups. The latter is a unique approach to dynamically group bank customers sharing the same behavior, 100% data-driven.

Did you notice threat actors using any new techniques during the pandemic?

At the very beginning of the pandemic, when the demand for protective masks, hydroalcoholic gel, etc., was extremely high, we observed an increase in what we call "supply scams." Fraudsters pretended to sell some sort of goods, received the money, but never shipped the material. For instance, in 2020, a fraud of 6.6 million euros was committed in Singapore. A company purchased alcohol gels, FFP2, and FFP3 masks, but the goods were never sent.

You describe frauds carried out by bank employees as one of the greatest cyber risks. Can you tell us more about these incidents?

Internal fraud, by definition, is hard to detect. Bank employees know how the system works and its weaknesses very well. We sometimes read in the newspaper about internal fraud cases discovered years after it was committed. For banks that are not properly equipped with an efficient fraud detection solution, such cases will probably never be discovered. One example of internal fraud is the Bank Insider one.

Insiders can be bank employees or staff members employed by IT vendors working with the bank. Because these people have detailed knowledge of the bank’s internal systems, this kind of fraud can be difficult to detect and can continue for long periods unless a robust fraud-monitoring system is set in place. Insiders exploit user privileges to access victims’ accounts directly or to transfer funds from the bank’s internal payment accounts into accounts belonging to customers. The funds are then transferred to external bank accounts controlled by the fraudster or to prepaid cards. These types of cards are popular amongst fraudsters because they are issued with few “Know Your Customer” (KYC) checks and can be used to make multiple currency cash withdrawals. They can also be used for “Card Not Present” transactions which normally have a higher transaction limit.

What are some of the most common fraud methods employed nowadays? How can average individuals tell if something is amiss?

Business Email Compromised frauds are becoming more and more frequent. Fraudsters usually target companies by impersonating a senior executive. An email is sent to an employee, either from the victim’s own email account (which has been hacked beforehand) or from a spoofed email address. The email is often followed by a call apparently from the CEO, a senior executive, or from a bogus law firm or consulting firm. It tells the employee who received the email to respond immediately. Deep fakes are increasingly used for video or voice calls. The email usually requests a large payment to a fake account in connection with an urgent or sensitive issue such as an acquisition.

When NetGuardians' fraud detection system blocks such fraudulent payments, it provides a suspicion score and a full set of visualizations to help the bank analyst. The latter has a complete and powerful tool allowing him or her to take an enlightened decision and discriminate between real frauds and suspicious, yet genuine, transactions.

In your opinion, what kind of cyber threats should we expect to see more of in the near future?

Fraudsters are enhancing and fine-tuning their attacks day after day. The more the fraudster mimics the behavior of its victim, the harder it is for the algorithms to detect it. If you think about it, it is like art forgery. The better the copy, the better magnifying glass you need to detect anomalies. For fraud detection, it is the same. We continuously enhance our algorithms and the features to discriminate between frauds and genuine transactions.

We recently observed a massive increase in fake invoices. They are very hard to detect, especially when the fraudster knows its victim very well and has access to past legit invoices. The fraudster sends a fake invoice just in time with a similar beneficiary address, similar amount, etc. We use Natural Language Processing: a combination of Machine Learning techniques applied to text processing. These techniques are just like the above-mentioned magnifying glass that we use at NetGuardians to spot fake invoices.

In your opinion, which cybersecurity measures should everyone have installed to minimize the risk of fraud?

Most of the time, the weak point is the human in the loop. You can have the most sophisticated fraud detection system, but if in the end you have a human confirmation to execute a fraudulent payment which has been blocked by the solution, you can't avoid losing the money. At NetGuardians, we strongly encourage people to be fraud-aware. People must be aware that fraud exists and informed about how it can occur to be able to better recognize it. Each year, NetGuardians participates in Fraud Awareness week and shares hints with its network about how to be more fraud aware.

Share with us, what’s next for NetGuardians?

NetGuardians continuously invests in Research and Development to stay at the cutting edge of technology and analytics to detect fraud. We are an AI company, and we strongly believe in the power of data to provide the best product to our customers.

We are currently launching an initiative based on collective AI, which creates a network of multiple financial entities and broadens the perspectives on fraud coverage. One of the advantages of collective AI is the direct reduction of False Positives. The major feature of AI models is the capacity to detect if the beneficiary of the transaction is suspicious.

For instance, let's consider two banks in Europe – one in Switzerland, the other in Denmark. If a customer in Switzerland makes a payment to a legitimate but unknown company in Denmark, the payment will look suspicious and has a high chance of being blocked.

Let's now imagine that both the Swiss and the Danish banks are in the same consortium benefiting from collective AI and exchanging information about usual beneficiaries. The Danish company to which the money was initially sent is known by the Danish bank. This beneficiary won't appear suspicious anymore for the Swiss bank, hence a False Positive is spared.


This article first appeared on the website of Cybernews here.

You may also be interested in our white paper on AI & Banking Fraud Prevention:

Get the white paper
Picture of Jérôme Bovay
Jérôme Bovay

Chief Data Scientist at NetGuardians

Subscribe to our blog not to miss any article