This is the second and last blog specifically for fraud
investigators detecting attacks on needs based payment system. I do not like to
address one specific audience or one specific type of attack in this series of
blogs because I like sleeping attackers. However, “no-seeums” prevalence within
the needs based payment infrastructure requires special attention and I’m a
special kind of guy.
I define the “no-seeums” attack as an attack on a payment
system that investigators do not detect. Good folk recognize typical attacks on
payment systems because other good folk report the attacks. No one ever reports
a “no-seeums” attack because the victim is not party to the transaction. The
only way to detect a “no-seeums” attack is with a behavior filter.
The most common “no-seeums” attack for needs based payment
system is the false retailer. False retailers claim funds by presenting
themselves as part of a large settlement stream to national retailers. In the SNAP
community the behavior detection filter for this attack relies on STARS data
collected by FNS. However, deploying a behavior detection filter for “no-seeums”
without an evasion detection filter will do more harm than good.
No comments:
Post a Comment