understanding e commerce fraud from autonomous chat with
play

Understanding E-commerce Fraud from Autonomous Chat with - PowerPoint PPT Presentation

Nov 02, 2023 •325 likes •773 views

Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals Peng Wang , Xiaojing Liao, Yue Qin, XiaoFeng Wang Indiana University Bloomington February 26, 2020 E-commerce fraud online fraudsters February 26,

  1. Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals Peng Wang , Xiaojing Liao, Yue Qin, XiaoFeng Wang Indiana University Bloomington

  2. February 26, 2020 E-commerce fraud online fraudsters

  3. February 26, 2020 Crowdsourcing in e-commerce fraud Crowdsourcing

  4. February 26, 2020 Crowdsourcing via IM Crowdsourcing via Instant Messaging (IM)

  5. February 26, 2020 Bonus hunting $$ $$ + $$ Small-time Bonus workers hunters + E-commerce platforms

  6. February 26, 2020 Fraud account trading Account trading storefronts $$ Type1-----$0.5 Account Type2-----$0.8 merchants Type3-----$1.5 Type4-----$4.5 $$ $$ E-commerce platforms Small-time workers

  7. February 26, 2020 SIM farming SIM Sources: - VoIP cards - … $$ $$ $$ Carriers SIM farmers Account SIM farms merchants (websites or software)

  8. February 26, 2020 E-commerce fraud ecosystem SIM farmers Small-time $$ workers + Fake transaction operators Account + $$ $$ fraudsters E-commerce platforms

  9. February 26, 2020 E-commerce fraud groups Fake review groups Fraud account groups on Telegram on QQ

  10. February 26, 2020 E-commerce fraud group chat Group chat

  11. February 26, 2020 Threat intelligence gathering: collecting evidence - based threat information about an existing or emerging threat Fraud account merchants: SIM farmers: Fraud account operators: 1) Account types 1) SIM card source 1) Fraud order tasks 2) Store link 2) Gateway link/tool 2) Shipping address 3) Payment method 3) Account merchants 3) Report link 4) SIM card source 4) Hack tools 4) Hack tools 5) Hack tools 5) Account merchants 6) Fraud order tasks

  12. February 26, 2020 Group chat V.S. individual chat account type account store link SIM card source hack tool name Group chat V.S. Individual chat

  13. February 26, 2020 Intelligence gathering challenges • Active intelligence gathering • useful intelligence is only shared through one-on-one conversation • the number of new fraudsters keep growing

  14. February 26, 2020 Intelligence gathering challenges • Active intelligence gathering • useful intelligence is only shared through one-on-one conversation • the number of new fraudsters keep growing • Automated conversation with fraudsters • existing chatbots can not collect e-commerce threat intelligence • how to strategically lead the fraudsters to discuss the target threat intelligence is complicated

  15. February 26, 2020 Aubrey Autonomous chatbot for intelligence discovery • first autonomous conversation system for active threat intel. gathering from e-commerce miscreants • effectively extract great number of valuable fraud- related artifacts • new insights into the e-commerce fraud ecosystem

  16. February 26, 2020 Information exchange SIM farmers Small-time $$ workers + Fake transaction operators Account + $$ $$ fraudsters E-commerce platforms

  17. February 26, 2020 Observation E-commerce fraudster Small-time worker

  18. February 26, 2020 Observation Question Question Answer Question Question Answer Answer Answer E-commerce fraudster Small-time worker

  19. February 26, 2020 Architecture

  20. February 26, 2020 Target Finder 150 fraud IM groups keyword features behavioral features intent indicators

  21. February 26, 2020 Strategy Generator seed conversations IM group chats E-comm forum posts

  22. February 26, 2020 FSM definition 5-tuple: 𝑇, 𝑆, 𝜀, 𝑡 & , 𝐹 𝑇 : set of states, question Aubrey can send to the target roles 𝑆 : set of responses from the target roles 𝜀 : 𝑇 × 𝑆 → 𝑇 , state transition function, decide the next state 𝑡 & : start state 𝐹 : end state

  23. February 26, 2020 Seed conversation

  24. February 26, 2020 Segmentation dialog blocks + text clustering Seed conversation

  25. February 26, 2020 Topic detection dialog blocks SimSource account types Cross-role storelink + text clustering topic identification + Seed conversation

  26. February 26, 2020 Dialog Manager

  27. February 26, 2020 Retrieval model • FSM for retrieval model Current state ✕ Response is interrogative → Retrieval model state sentence Q&A pairs most similarity relevant answer Answers for fraudsters

  28. February 26, 2020 Evaluation 470 miscreants 7,250 communication messages

  29. February 26, 2020 Threat intelligence analysis E-commerce miscreants and corresponding threat intelligence

  30. February 26, 2020 Intelligence from SIM farmers 90% were used for account registration 72% accounts were used to order online

  31. February 26, 2020 Intelligence from Account merchants Abused private APIs and hack tools never been known before

  32. February 26, 2020 Intelligence from Fraud operators

  33. February 26, 2020 Hidden criminal infrastructures Complicity of roles

  34. February 26, 2020 Conclusion Lesson learnt • Chatbot is effective to study the cybercrime which are highly rely on crowdsourcing • Account trading lies at the center of the fraud ecosystem, more effort should be put to mitigate the fraud account threats Future work • The current implementation of Aubrey is simple while effective; • more complicated conversation (jargon identification), larger open domain corpora, hybrid model with human analyst involvement https://sites.google.com/view/aubreychatbot

  35. February 26, 2020 Thank you !

  36. February 26, 2020 Discussion • Scope • collected threat intel. is related to Chinese e-commerce platforms • Generalization • with target intel. and domain-specific corpora, Aubrey can be re- trained to chat with other roles (drug dealers etc.) and languages • Impact • fraud-related artifacts can be used as ground truth • fix exposed private APIs to raise the bar for automated abuse • stop fraudulent activities at the early stage

  37. February 26, 2020 FSM for fake account trading

  38. February 26, 2020 FSM for SIM farm and fake order operation FSM for fake order operation FSM for SIM farm

  39. February 26, 2020 Knowledge source extension candidate similar as questions Questions seed questions for miscreants IM group chats + extract Answers Forum discussions candidate Q&A pairs to miscreants Q&A pairs

  40. February 26, 2020 Data collection • Datasets Dataset # of raw data # of dialog pairs Seed conversation 800 200 IM group discussion 1 Million 50,000 Forum discussion 135,000 700,000

  41. February 26, 2020 Evaluation • Role identification classifier • Ground truth: 500 upstream, 180 downstream, 3,000 unrelated actors • Unknown set: 20,265 IM group members (from 150 IM groups) • Effectiveness: upstream: 87.0% precision, 91.2% recall downstream: 81.1% precision, 95.6% recall upstream actor: 89.0% precision, 92.8% recall overall: 86.2% F1 score 1,044 SIM farmers, 700 account merchants, 2,648 fraud order ops • Accuracy • 545 chat attempts, 470 responded (185 SIM farmers, 130 account merchants, 155 fraud order operators); • one questioned Aubrey • 97.4% (458) accuracy

  42. February 26, 2020 Effectiveness 52% CDF of interaction round per miscreant CDF of interaction round for intel. gathering

  43. February 26, 2020 Case study Revenue = sales * price = $48K/month Account inventory and price tracking

Recommend

Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud?

Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud?

Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud? How does Fraud happen? How to Detect and Prevent Fraud Summarize Ob je c tive s Gain better Understanding of Fraud Risk Illustrate

616 views • 46 slides
Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE 1 Key Findings 2 The Red Flags of Fraud Understanding and recognizing the behavioral red flags displayed by fraud perpetrators can help

323 views • 8 slides
Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention Case Studies Our Commitment Spring ISD Source: ACFE & Fraud Overview What Is Fraud? Fraud is any intentional act or

405 views • 18 slides
Fraud Awareness Session - March 2016 Aims and Objectives To assess your understanding of what

Fraud Awareness Session - March 2016 Aims and Objectives To assess your understanding of what

Fraud Awareness Session - March 2016 Aims and Objectives To assess your understanding of what is a fraudulent act To understand what is fraud, how it can arise and why it is important that organisations take action to mitigate the

212 views • 18 slides
Understanding Mass Marketing Fraud November 8 th , 2017 Fraud Analyst Keith Ward CAFC / RCMP

Understanding Mass Marketing Fraud November 8 th , 2017 Fraud Analyst Keith Ward CAFC / RCMP

Understanding Mass Marketing Fraud November 8 th , 2017 Fraud Analyst Keith Ward CAFC / RCMP What is the CAFC? CAFC Overview Call Centre & Intake Unit (CCIU) Senior Support Unit (SSU) Operational Support Unit (OSU)

553 views • 36 slides
Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is fraud? Definition Facts Four factors Fraud risk assessment Four evaluation criteria Common fraud schemes Case studies

707 views • 60 slides
What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

Points to cover Leicester City Council Revenues & Benefits Investigation Team What is Fraud? Fraud Awareness Key issues for the Team Audit and Risk Committee Referrals & Investigation Process Sanctions &

69 views • 4 slides
INTELLIGENT (SMART) E-COMMERCE

INTELLIGENT (SMART) E-COMMERCE

INTELLIGENT (SMART) E-COMMERCE INTRODUCTION TO INTELLIGENT E-COMMERCE An Overview of Intelligent E-Commerce Autonomous driving Intelligent;

508 views • 40 slides
Visual Scene Understanding for Autonomous Driving Raquel Urtasun University of Toronto Oct 3,

Visual Scene Understanding for Autonomous Driving Raquel Urtasun University of Toronto Oct 3,

Visual Scene Understanding for Autonomous Driving Raquel Urtasun University of Toronto Oct 3, 2014 R. Urtasun ( UofT) Autonomous Driving Oct 3, 2014 1 / 34 Autonomous Driving State of the art Localization, path planning, obstacle avoidance

661 views • 45 slides
The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of Presentation General measures of fraud Past measurement of fraud The annual fraud indicator and fraud Theres no fraud here, Ive

684 views • 26 slides
Understanding CASL Presented to the Alberta Chambers of Commerce April 22, 2014 Craig T.

Understanding CASL Presented to the Alberta Chambers of Commerce April 22, 2014 Craig T.

Dentons Canada LLP Understanding CASL Presented to the Alberta Chambers of Commerce April 22, 2014 Craig T. McDougall and Thomas A. Sides Understanding CASL 1) Background and Key Dates 2) Commercial Electronic Messages 3) Exemptions and

325 views • 31 slides
Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud Examiners (ACFE) is an international, professional organization dedicated to fighting fraud and white-collar crime . As fraud becomes increasingly more

373 views • 24 slides
FraudVis : Understanding Unsupervised Fraud Detection Algorithms Jiao Sun 1 , Qixin Zhu 1 , Zhifei

FraudVis : Understanding Unsupervised Fraud Detection Algorithms Jiao Sun 1 , Qixin Zhu 1 , Zhifei

FraudVis : Understanding Unsupervised Fraud Detection Algorithms Jiao Sun 1 , Qixin Zhu 1 , Zhifei Liu 1 , Xin Liu 1 , Jihae Lee 1 , Lei Shi 2 , Zhigang Su 3 , Ling Huang 1 and Wei Xu 1 1 Institute of Interdisciplinary Information Sciences ,

288 views • 16 slides
Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

MMTCTA Fraud Internal Controls Presented By Ron Smith & Greg Chabot, RHR Smith & Co. May 14, 2015 About RHR Smith & Company: RHR does approx 130 of Maines 500 Municipalities In the past year RHR has Investigated 23+

506 views • 39 slides
Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud & Abuse (Fraud) Practice Group and the Accountable Care Organization Task Force (ACO TF) (a joint endeavor of the Antitrust; Fraud and Abuse; Health

408 views • 26 slides
The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager makes $2.25MM disappear! It must be Magic! Fraud Statistics 5% of GWP lost to employee fraud & abuse More than $3.5 Trillion per year

559 views • 44 slides
Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud Procurement Qualifications Sickness / Attendance / Time Recording Ghosts Salary payments Prescriptions Health Tourists

619 views • 9 slides
The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference AUCKLAND 2 JULY 2010 WHAT IS THE SERIOUS FRAUD OFFICE? SFO: An Overview Mandate investigate and prosecute serious or complex fraud Part 1 -

421 views • 13 slides
Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

6/5/2016 Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw Julie Lombardi Member FDIC Agenda: Fraud Statistics Fun With Numbers Check Fraud & ACH Fraud Your Role in Preventing Fraud Fraud

238 views • 13 slides
Track sponsored by Understanding the Omnichannel Shift What Forces are Shaping Todays

Track sponsored by Understanding the Omnichannel Shift What Forces are Shaping Todays

Track sponsored by Understanding the Omnichannel Shift What Forces are Shaping Todays Digitally Integrated Shopping Experience E-commerce is rapidly evolving into New Retail. The boundary between offline and online commerce disappears

503 views • 32 slides
The Dormant Commerce Clause What is Interstate Commerce? Commerce Clause, U.S. Const. art. 1 8,

The Dormant Commerce Clause What is Interstate Commerce? Commerce Clause, U.S. Const. art. 1 8,

The Dormant Commerce Clause What is Interstate Commerce? Commerce Clause, U.S. Const. art. 1 8, cl.3 All commercial intercourse that concerns more than one state. [Congress shall have the power to] regulate Commerce with foreign Nations, and

436 views • 18 slides
Digital Goods E-commerce and the Internet E-Commerce Today E-commerce: use of the Internet

Digital Goods E-commerce and the Internet E-Commerce Today E-commerce: use of the Internet

10/12/2012 E-Commerce: Digital Markets, Digital Goods E-commerce and the Internet E-Commerce Today E-commerce: use of the Internet and Web to transact business; digitally enabled transactions. Began in 1995 and grew exponentially;

715 views • 18 slides
Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due to technology sophistication Internet provides unrestricted access to a larger pool of potential victims Banks should arm themselves with

276 views • 16 slides
Building Blocks for Visual 3D Scene Understanding towards Autonomous Driving Media Analytics,

Building Blocks for Visual 3D Scene Understanding towards Autonomous Driving Media Analytics,

Building Blocks for Visual 3D Scene Understanding towards Autonomous Driving Media Analytics, NEC Labs America Manmohan Xiaoyu Wongun Shiyu Shiliang Yuanqing Chandraker Wang Choi Song Zhang Lin www.nec-labs.com 1 1 An overview of

437 views • 28 slides

More recommend