August 29, 2023

Know your fraud: distinguishing scams from account takeovers (Part I)

When financial institutions are able to distinguish between different types of fraud, they can speed up investigations, better protect their customers, cut costs and safeguard their reputations, writes Jérôme Bovay.

Lonely, distracted, stressed? We all are at some point, leaving us vulnerable to making poor decisions. It could be a handsome man who gains your attention on a dating app. After a few weeks of chat, he asks for money to join you so you can give the relationship a go in real life. He overcomes your doubts and you agree to transfer some cash. Within hours he’s disappeared and you realize it’s a love scam. You’ll never see him or your money again. 

But it’s not just lonely hearts who fall for scammers. Others can be the victim of bad timing. 

Your boss is on a business trip and you receive an email asking you to urgently transfer $20,000 to unlock an unexpected business opportunity. He claims he is unreachable and that it’s urgent. With him away, you’re really busy, distracted and you don’t want to stand in the way of expansion. You send the cash despite your doubts. Bad luck: you’ve been scammed. 

These authorized push payment (APP) frauds are more common than you think. Last year, they made up 94 percent of frauds detected among financial institutions protected by NetGuardians software. 

Although our software can spot that such transactions are risky, too often the institutions’ customers believe the scammers and ask for the alert to be over-ridden, and the payment made. But what if institutions were armed with contextual information and fraud type classification (APP frauds vs. account take over frauds) that helps convince their customers that they are being scammed? More fraudsters would be stopped, customers would be better protected and banks’ costs would go down. 

Faster investigations, lower costs

An effective fraud-detection solution identifies suspicious transactions and prevents fraudulent payments being executed. Detection performance is a key factor and relies on a range of classification algorithms built to spot anomalies. But there is a trade-off – the bank must decide how many suspicious transactions it can afford to block and investigate, while ensuring the solution remains effective. 

“A few fewer moments spent on each case can result in huge savings over months”

Every alert must be investigated, and the longer it takes, the more it costs. When the analyst in the fraud investigation department has the best possible information about the transaction to pass on to the customer, better decisions are made, and they are made more quickly. Given the huge number of transactions processed by each institution, just a few fewer moments spent on each case can result in significant savings over months. 

NetGuardians’ fraud-detection software has always offered valuable details about blocked transactions. Not only can it deliver raw attributes such as the transaction amount or the beneficiary country, statistics and risk scores, but it also has a range of explanatory widgets in its dashboards. These help the analyst better understand the user’s history and normal behavior parameters. Using the information from Figure 1, the analyst can grasp in a few seconds that the amount is unusual. The analyst calls the customer, explaining why the transaction has been blocked. So far so good.


Figure 1: Hit overview

Know your enemy

Based on this data alone, the call might go something like this: 


So ends the call. The analyst releases the payment, but a few days later the customer realizes – too late – that he was the victim of a CEO fraud. Protocol and due process (asking twice if the payment is genuine) were followed, but ultimately the scammer won. The customer and the bank lose out – the former losing money while the latter’s relationship with the customer is undermined and its reputation harmed.

“Protocol and process were followed, but ultimately the scammer won“

However, the scenario need not play out like this. NetGuardians has developed an innovative and highly reliable way to distinguish between fraud types – specifically between scams and account takeovers, grouping them accordingly. It involves artificial intelligence, manifold learning and hierarchical clustering within unsupervised and supervised regimes. 


Artificial Intelligence is your friend

This time, the analyst calls the customer knowing the transaction has a high risk of being a scam and can ask probing questions that are harder to ignore. The conversation goes like this: 


This knowledge will undoubtedly stop more scams more quickly, protecting reputation and account balances. 

As the software can distinguish between scams and account takeovers, banks can use this insight to launch targeted fraud-prevention campaigns aimed at specific types of customer that could be at risk. 

It can also alert banks to poor security and weaknesses in their e-banking application ecosystems, so they can take remedial action. 

Most importantly, it gives analysts in fraud-detection teams more relevant and accurate information, making the investigation process more effective and helping to protect reputations and prevent losses.

Check out how NetGuardians is leveraging 3D AI to detect fraud types in this series of articles. Stay tuned for more!

If you would like to learn more, please contact us at

You may also be interested in our white paper on AI & Banking Fraud Prevention:

Get the white paper
Picture of Jérôme Bovay
Jérôme Bovay

Chief Data Scientist at NetGuardians

Subscribe to our blog not to miss any article