Consider these few questions to learn more about everyday signals of fraud online and get thinking about how they factor into your fraud scoring.
I use a VPN when making online purchases.
Yes
No
I get sucked into a browsing black hole when visiting a site.
Yes
No
I visit a site a few times before committing to a purchase.
Yes
No
I share my device with others.
Yes
No
It's pretty normal for me to spend around 75-150USD when I shop online.
Yes
No
I let my device auto-fill all of my details when I check out.
Yes
No
I follow accounts on social media that provide investment advice, including advice on cryptocurrency investments.
Yes
No
I enter contests on social media.
Yes
No
I have sent a DM to buy goods or services that I've seen advertised on social media.
Yes
No
Answer mostly Yes?
You’re doing exactly what platform providers expect of you.
Fraudsters know this, and have even published guides that outline how to look more like you online. If you have safe access to the dark web, just look up a guide to card cashing for more (or contact us for an example). Many fraudsters are less careful, though, and those signals can be worked into your fraud score.
You may be risking making yourself a bit of a victim, especially if you answered Yes to the last few questions. There are many resources available to help protect yourself!
Answer mostly No?
You’re a bit of an enigma. Most people act a bit different than you online.
If you answered No to the last few questions, you’re probably being cautious on social media. Smart!
Using a VPN, though, is not a sign of riskiness or even fraudulent behaviour: fraudsters often favour anonymous proxies, and this is probably reflected in your fraud score.
Same with some of the other earlier questions: those are just normal online signals that fraudsters may try to mimic (or not!).
Everyday fraud signals
Here are some more signals that companies often incorporate into their fraud scores. As SEON says, fraud will look uncanny valley compared to good users or transactions and the differences can often be spotted via everyday, relatively accessible red flags:
Fraudsters try to overfit an identity—for example, by matching a fake email address to a stolen identity. Legitimate users are not often so super fitted (or, put simply, are less predictable). Who'd want to be Jack or Jill number 52 @gmail.com?
Social media checks are valid: most fraud attempts will be linked to a fake identity with less than 2 social media profiles.
Social media profiles that aren’t aged, or have few connections (or too many, indicating bot activity), can also be signals.
Monitor logins and login attempts from different countries and proxies. A common fraudster mistake is to set up an account from a VPN or proxy but later click the account activation without the same protections in place.
Virtual SIMs or throwaway numbers can be a telltale sign. Platforms can be a signal, too: Telegram use is proving popular among scammers and fraudsters, for example.
Aged accounts are considered more valuable for account takeovers than a new account, which will usually undergo more checks.
Fraudsters will “leapfrog” across platforms once successful with one account. A hacked Google account can be used across numerous other platforms, for example.
Cut and paste activity in form fields, in addition to autofill, can be a signal.
The right provider can help you make sure you’re taking advantage of this readily available data. To chat more, reach out to contact@fintrail.com, or our subject matter contributors, SEON, at info@seon.io.