Your gateway to success: 4 EASY steps to committing fraud without getting caught (parody)

So, how do you become a millionaire? And what does a typical authority look for when tracing fraudsters? With this guide, you will find that committing transactions fraud will never come easier! First, let’s go through four basic rules. Ready?

1. Have an untraceable physical presence. Move around. Jump up and down. No, not around your building. Nor your neighbourhood. Change cities. Go international. Take a Tesla to mars and back. Pro tip: Make sure to pack enough clothes. It’s all a small price to pay before the big kill.
2. Have an untraceable online presence. Change your interweb identity. Multiple times. Be random. Be spontaneous and ensure that you log transactions using multiple accounts! Try not to get caught because identity theft would probably warrant separate charges in court.
3. Make micro-transactions. Very NB here. You can’t take everything all at once! Don’t bite off the hand that feeds you. A penny here, a penny there, nobody will notice.
4. The most important rule of defrauding (and, I guess, life in general): Keep going. Finish what you started. Yes, it isn’t easy, but if you’re going to start, you have to close the deal. Maintain your standards. Always stay true to yourself, and be willing to bear the peril.
5. Bonus rule: To be really successful, you’re gonna have to show that you’re living large! Someone once said, ‘learn to reap in the fall without apology, if you do well; and without complaint, if you don’t!’. That is, you may have to sleep with one eye open. Or both eyes open. But come on, this is all still a small price to pay!

Okay, time to get serious…

I will illustrate only why rules 2 and 3 (and 1) are important. Ready?

Let me explain the experiment real quick… I used a support vector classifier to learn customer-amount relationships.

The classifier learns the patterns of customers as well as amounts that constitute a fraudulent transaction. We found that a customer (user) who has been consistently fraudulent in the past is likely to get flagged as fraudulent in his future transactions, more especially if his amounts are larger than the average transaction.

The above graph shows the spending patterns of a very well-behaved fraudster. Almost all of her transactions are fraudulent (green points). This makes her super predictable so don’t want to be like her; doing this will increase your likelihood of getting caught. MOVE AROUND! Hire that submarine and poach from multiple laptops. Stick to rule number 2! And stick to rule number 3! Let me reinforce my statement with another illustration:

In the above image, the blue dots represent the non-fraudulent transactions, while the green ones represent those which are fraudulent. The red line is the line that has been ‘learned’ by the classifier to separate fraudulent from non-fraudulent transactions. That is, any future transactions that violate rule number 3 will be flagged by this simplistic model. Look at all that green and hardly any blue above the line! KEEP A LOW PROFILE! Stay below the red line. Never forget rule number 3. Don’t make that mistake.

To round up our study of the ultimate fraudster, we will confirm our hypotheses. The below graph shows the relative importance of the features that constitute fraudulent transactions (learned by the Gradient Boosting Classifier //scikit-learn.org/stable/modules/generated/sklearn.ensemble.GradientBoostingClassifier.html).

Note that Amount and Source of Transaction (Customer) are the first two most useful attributes to consider when looking to trace a potentially fraudulent transaction.

In closing, there is nothing to be afraid of… Most banks have systems that alert your target via SMS when suspicious transactions are logged. As to what really constitutes ‘suspicious’, I think we have reason to believe that there may be a common thread between their methods or ‘algorithms’ to identify fraudulent behaviour. Or not. Maybe you are smarter than the institution. Or not. I don’t know really… Gee, so many unanswered questions that could render this blog useless. So perhaps I should not have written this blog. But I got so far in. I had to stick to my rules. I had to finish! Be safe…

-admin_01 (My internet name)

Thank you for reading my blog :)

Disclaimer: The data used here is fake (needless to say, so were the experiments), but was simulated with the idea that it represents as realistic as possible the characteristics of typical transactions. The original source is Kaggle, and can be found through the link https://www.kaggle.com/ntnu-testimon/banksim1. The experiments were run in Python and compatible packages. This post is aimed at informing bank users what may happen in typical fraud cases. (The information represents my own opinions, which are not entirely true or exhaustive).

My name Bill, a master’s student of computer science at Wits University, Johannesburg. The results of this presentation were obtained in 2018 as part of a larger project.