The Growing Threat of Fraud Networks in 2024: How to Fight Back

Despite the significant advancements in identity verification each year, online fraudsters are continuing to innovate. This has led to a notable increase in fraud across the board. Losses to payment fraud alone are expected to exceed $343 billion between 2023 and 2027. A key driver of these alarming figures are fraud networks.

According to Sumsub’s recent Identity Fraud Report, approximately one out of every 100 users on digital platforms or services worldwide was a member of a fraud network. These are organized groups consisting of multiple accounts engaged in criminal activity, ranging in number between 3 and 750.

Fraud networks are now a global fraud trend now, just like AI-powered deepfakes. Given their organized nature, the damage they cause is far more extensive than that of individual scammers. Sumsub is here to detail which fraud prevention solutions can help your business fight back.

Let’s dive into the most dangerous types of fraud networks, the preventive measures out there, and how to avoid losses while staying AML compliant.

What are fraud networks?

A fraud network consists of multiple accounts, controlled by one or more fraudsters. These can be accounts purchased from the darkweb or fake identities by the fraudsters themselves. In turn, these accounts, or networks, are used to perpetrate a wide range of digital fraud, including money laundering, bonus abuse, fake reviews, and more.

Types of fraud networks

1. Money muling networks

Money muling involves seemingly innocent individuals, known as money mules, who are recruited to transfer illegally obtained funds and disguise their origin. According to Sumsub’s 2023 Identity Fraud Report, money muling networks are one of the top 5 global fraud trends. Just recently, Europol, Interpol and Eurojust identified 10,759 money mules and 474 recruiters, leading to the arrest of 1,013 individuals worldwide.

Money muling networks utilize the following techniques to launder acquired money through schemes including, but not limited to, investment scams, fake holiday rentals, middleman scams, phishing, messenger app fraud, help desk fraud, crypto fraud, counterfeit bank cards, and more:

• “Bank drops”

Money launderers need to deposit illicit funds without the bank’s knowledge. To do this, they’ll pay someone with a clean banking history — somewhere in the range of $50 to $100 — to open up a bank on their behalf. Typically, online “neobanks” are preferred over traditional banks for this purpose.

• Online payment methods, including gift cards.

These are often furnished to money mules of a younger age demographic, who purchase items and deliver them to the criminals. These items are subsequently sold on popular e-commerce platforms, and a share of the illegal proceeds is provided in cash or goods to the mule.

• Social engineering attacks

Not all money mules are willing. Criminals can use deceptive tactics, including bank impersonation, to compromise people’s banking credentials — often those of more vulnerable populations, particularly seniors — which can then be used to open new accounts for money laundering.

• Fabricated identities

Not all money mules have to be real people. In fact, the perpetrators often fabricate identities — often through the use of AI — which can then be used to open up fraudulent bank accounts. These fake identities can be advanced enough to bypass KYC, underscoring the need for advanced security measures and monitoring beyond the onboarding stage.

Money mules are challenging to detect because their activity often appears as legitimate transactions. Therefore, the right anti-fraud solution must have advanced transaction monitoring, anomaly detection algorithms, behavior analysis to identify patterns indicative of money mule activities.

2. Account takeover networks

An account takeover network involves the acquisition and use of compromised user credentials on various online platforms.

These networks thrive on the trade and exchange of stolen login information, obtained through various means such as phishing, data breaches, or malware attacks. Once in possession of these stolen accounts, fraudsters can engage in a range of illicit activities, including financial fraud, identity theft and money laundering. Common traits in stolen accounts include compromised login credentials, data breaches, or malware.

According to Sumsub’s internal statistics, global account takeover incidents increased by 155% in 2023. This is due to the following:

• Advanced techniques. Criminals now have more sophisticated methods to steal user credentials, like advanced malware or phishing attacks.
• Social engineering. Fraudsters exploit human weaknesses by manipulating trust and using psychological tricks to make individuals give away their account information.
• Weaknesses in digital systems. Criminals are getting better at finding and exploiting weak points in digital systems. If they find a vulnerability in one place, they can use it to gain unauthorized access to other places.

The proliferation of multi-accounting crimes (such as purchased and stolen accounts) is anticipated to persist. Fraudsters will continually devise innovative methods to exploit these tactics, necessitating more robust behavior-based anti-fraud countermeasures, user education, and regulatory responses.

3. Incentivized traffic fraud

Incentivized traffic fraud involves artificial interactions with digital content or services (such as e-commerce sites or social media) to manipulate user engagement figures. Fraudsters utilize various schemes to incentivize online users, such as offering rewards, bonuses, incentives to click on ads, visit websites, or engage with content.

These fraudulent activities aim to boost metrics and create a false impression of genuine user interest, often to deceive advertisers or manipulate rankings. Incentivized traffic fraud undermines the integrity of digital advertising and analytics, leading to inaccurate data and financial losses for businesses. The industries which suffer most from incentivized traffic fraud are digital advertising, social media, e-commerce, and online publishing.

Combatting this type of fraud requires robust monitoring, analytics tools, and preventive measures to identify and mitigate deceptive practices.

4. Deepfake networks

A deepfake network refers to an individual or group that creates a collection of manipulated multimedia content, often using advanced artificial intelligence (AI) techniques. These deceptive media can be used to create convincing yet entirely fabricated videos or audio recordings, as well as fake documents, for various fraudulent purposes, including:

- creating a non-existing character to pass verification

- manipulating public opinion and spreading misinformation.

As AI tools are getting cheaper and easier to use, they become an even greater threat. But, in this case, the solution is to fight fire with fire. Therefore, AI is the solution to this problem, as it can be used to detect certain visual or audio artifacts that are absent in authentic media, which can help successfully detect deepfake networks.

5. Bot networks

Bot networks are automated software programs which mimic human behavior on the internet. These bots are strategically programmed to engage in various activities, including clicking on ads, visiting websites, and even simulating fake purchases.

Usually, the core objective of these networks is to mislead affiliate marketing platforms and advertisers by creating an illusion of genuine human interaction, thereby driving traffic and purportedly generating sales. As a consequence, merchants find themselves paying commissions for engagement that doesn’t translate into actual revenue.

High-risk regions

Fraud can occur globally and may not be restricted to particular geographic locations. However, certain regions may have characteristics that make them more susceptible to certain types of fraud. Fraud networks therefore proliferate in the regions with the following characteristics:

• Economic and political instability
• Corruption
• Lack of regulatory oversight
• Poor cybersecurity infrastructure
• High internet accessibility and digitalization, like in the Asia-Pacific (APAC) region

According to Sumsub’s internal statistics, IDs registered in APAC are largely used to commit fraud in countries including the US, UK, Russia, Germany and France.

Sumsub’s internal research also shows that fraud networks are found not only in growing markets like Bangladesh (10.2% of all users), Thailand (6.6%) or Vietnam (3.7%), but also in developed countries such as Singapore (2.8%), Portugal (1.3%) and Spain (1%). Most ‘leaders’ of fraud rings are based in Oman (7.2%), China (4.6%), Hong Kong (2.9%), Kenya (2.8%), and Indonesia (2.2%).

At the same time, the US and the UK had a much smaller instance of fraud rings, at just 0.2% each.

Countries on the Financial Action Task Force (FATF) blacklist or those subject to United Nations (UN) sanctions may face increased risks associated with fraud networks.

How Sumsub can help

To stop fraudsters and fraud networks, KYC identification is a must, but it’s not enough. According to Sumsub, 70% of fraud happens after the onboarding stage. Companies therefore need to monitor the whole user lifecycle and also analyze digital fingerprints, action time, behavior, and other factors to identify complex fraud cases.

You can uncover interconnected patterns of suspicious activity on your platform using Sumsub’s AI-powered Fraud Network Detection solution. This tool provides you with the ability to identify fraud networks before the onboarding stage through AI, allowing you to apprehend an entire fraudulent network rather than just a single fraudster.

Sumsub’s Fraud Network Detection identifies suspicious activity, grouping users into networks by establishing connections between them based on similarities such as:

• Devices
• Personal information
• Same selfie background during verification
• Action time
• IP addresses
• Documents
• Geolocation and home address
• Proofs of address (or registered location)
• Behavioral patterns (e.g. completion speed)

For example, if several users are identified with the same IP and home address within a 5 minute difference between signups, that will trigger the Fraud Network Detection system, and all of them will be sent for further review.

Use cases

Fraud Network Detection helps companies with significant traffic and high volumes of applicants in the banking, trading, crypto, gambling (also betting and iGaming), e-commerce, and social media industries.

It successfully fights:

• Multi-accounting by unveiling connections between accounts (including mule networks and account takeover)
• Deepfake scams
• Bot farms
• Incentivized traffic

To sum up, with Sumsub’s Fraud Network Detection, you’ll be able to:

1. Predict malicious behavior through Graph neural network (GNN) analysis, which detects behaviors, patterns, and historical data using machine-learning algorithms.
2. Analyze your entire client network for suspicious patterns throughout the entire user journey with one solution
3. Examine historical connections among entities using ML/AI-powered algorithms
4. Prevent multi-accounting through IP address analysis, behavioral biometrics, and device fingerprinting
5. Detect bot farms by analyzing device fingerprints, completion speeds, and other non-human nuances.
6. Monitor traffic to distinguish genuine user engagement from artificially motivated traffic.

Sumsub’s Fraud Network Detection elevates anti-fraud countermeasures by revealing hidden connections, detecting anomalies, and continuously analyzing user behavior at every stage of the user journey, including onboarding, AML-screening, and transactions.