Insights/Case studies/Newsroom/CareersCareersCareersPartnersConsultantsTechnology innovationCorporateEarly careersSearch Jobs/About us/Contact us Global locations

Search paconsulting.com
  • Phone
  • Contact us
  • Locations
  • Search
  • Menu

Share

  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page
.
 
Close this video

How to repurpose existing analytics to protect against fraudsters

graham lovell | INFormation age | 26 july 2017

This article first appeared in Information Age

Digital technology has transformed people’s lives – creating new opportunities and means to connect with friends, family, business colleagues, customers and suppliers. The downside? It’s created openings for unscrupulous actors looking to financially exploit people. According to Hiscox Insurance, cybercrime cost the global economy $450 billion last year.

And while cybercrime takes many different forms, phishing – the attempt to obtain sensitive information through electronic communication by disguising oneself as a trustworthy entity – is particularly prevalent.

Email is a primary conduit of phishing scams. Over 68% of people in the UK who reported a phishing scam in 2015 said they received it from email. There’s no shortage of advice for how to protect oneself online, but this advice is not translating into a reduction of fraud offences.

Recently, governments and citizens have trained their fire on the technology companies whose email platforms these nefarious actors use. Both groups want to see technology companies doing more to keep users safe.

So, what more could technology companies do? There are some basic steps, using existing analytics, that technology companies with email platforms can take to reduce the likelihood their customers will fall victim to email fraud.

Use existing analytics to detect information in emails

Companies already examine the metadata and content of incoming emails. This is used to send emails to your junk folder, add information from emails that have dates or locations to your calendar or mapping applications, or provide you with suggested responses to emails. In fact, people have become quite accustomed to this functionality as it saves time and is, in general, not perceived to be unnecessary or intrusive.

Deploy tools to detect scamming emails

Scamming emails often contain certain characteristics that some people are able to spot, but others aren’t. These characteristics include a sender with a domain name that’s different from the company it claims to be from, a request for money, a generic greeting (e.g. ‘Dear customer’), or a warning that an account is about to be frozen or shut down. The same analytics used to identify dates, addresses and locations can be used to spot these characteristics.

Homepage MOD Royal Navy client story 300 x 200

Want to find out more about our work in defence and security?

Read more here

 

Display warning information about emails to educate users

Each of the above characteristics can be assigned a weighting with respect to online fraud. When fraud is detected, the weighting can be combined to form an overall risk profile associated with the message.

This profile can then be displayed to the user in an easily comprehensible fashion. It could include a warning that the email they’re reading is likely to be fraudulent and a list of reasons why the company believes it to be so.

Companies can also provide step-by-step instructions on what to do next, including reporting the email to the UK’s national fraud and cybercrime reporting centre.

Using analytics to detect fraud has the potential to prevent some vulnerable people from falling victim to the millions of fraud offences that occur each year. It also stands to raise awareness about what to watch out for in the future.

While there’s no silver bullet, taking concrete steps will not only increase defences but, just as importantly, demonstrate companies are actively working to solve a problem that continues to grow.

Graham Lovell is a defence and security expert at PA Consulting Group 

Find out more about our work in defence and security.

Contact the defence and security team

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.

×