Financial fraud is on the rise. According to the Federal Trade Commission (FTC), consumers lost more than $10 billion to fraud last year, up 14 percent from 2022. Investment and imposter scams topped the list of fraudulent functions, with digital bank transfers and cryptocurrency the primary methods scammers use to steal victims’ hard-earned cash.
Beyond the obvious consumer impacts, however, there are growing concerns for financial organizations navigating the shift to digital processes and on-demand services. Open source intelligence (OSINT) solutions offer a way for firms to reduce fraud risk and enhance proactive response. Below, we look at financial fraud, the advantages of OSINT in practice, and consider the future of fraud-fighting in finance.
The Facts About Financial Fraud
As survey data from identity risk management provider Alloy noted, fraud rates are rising across both business and consumer accounts, with real-time digital payments reported as the most common fraud vector. The result, 60% of survey respondents said that in 2023, they lost more than $500,000 due to direct fraud.
Data breaches are also a growing concern for finance firms. According to IBM’s 2023 Cost of a Data Breach report, finance industry organizations lose an average of $5.9 million per data breach. Moreover, these breaches aren’t just outside-in; while 48 percent of attacks begin with cybercriminals, 33 percent are tied to human error. While the latter leaves out ill intent, the results are the same: Critical information is exposed to criminals.
In some cases, data is exfiltrated and sold on the Dark Web. In others, it’s destroyed outright. Commonly, data is encrypted and ransomed back to businesses at a significant cost, with no guarantees of a successful recovery.
Three Ways OSINT Delivers on Fraud Detection
OSINT leverages publicly available data to analyze patterns, discover trends, and provide users with actionable data. Here are three ways it can help companies improve fraud detection.
Attack Detection
When it comes to financial fraud, attackers tend to use and repeat the same attack patterns because they work.
Despite widespread security knowledge and training, phishing remains a successful approach for attackers as it only takes a single click for malicious actors to gain network or account access.
An OSINT platform like ShadowDragon can monitor social media, forums, dark web marketplaces, and other online platforms to detect early signs of phishing campaigns, such as leaked credentials, mentions of phishing kits, or discussions about upcoming attacks. By gathering this information, organizations can proactively block phishing domains, train employees on emerging threats, and enhance their overall security posture. Additionally, OSINT can help trace the origins of attacks and identify the attackers’ methods and motivations.
Pattern Recognition
OSINT helps identify emerging attack patterns by collecting and analyzing data from publicly available sources to uncover attackers’ methods, tools, and tactics. By monitoring forums, social media, paste sites, and dark web marketplaces, OSINT can detect emerging threats, identify commonly used malware or phishing kits, and trace the origins of previous attacks. This information enables security teams to recognize trends, anticipate future attacks, and strengthen defenses by understanding how attackers operate and what techniques they are likely to use. For example, April 2024 saw the rise of the JSOutProx malware, which used both JavaScript and .NET to load plugins on compromised machines. These plugins could exfiltrate data, control proxy settings, access email accounts, and capture one-time passwords.
Actor Identification
Open source intelligence tools help security teams identify malicious actors collecting information from social media, forums, blogs, paste sites, and dark web platforms, where attackers may discuss their methods, share tools, or leave clues about their identities. OSINT tools correlate these data points, helping to identify patterns, aliases, geographic locations, and associations with known groups or individuals. This intelligence is critical for understanding the actor’s background, motivations, and potential future actions, aiding in threat attribution and response efforts.
With OSINT, teams can investigate whether an attacker’s email address matches any accounts or services. For example, attackers may sign up for popular services such as Duolingo or Spotify and not realize that these are often associated with public-facing accounts, providing a pathway for teams to identify bad actors.
What Comes Next? The Future of Fraud Fighting in Finance
As financial crimes grow more sophisticated, OSINT provides a proactive approach to detecting and preventing fraud by leveraging publicly available data to identify suspicious activities and emerging threats. Advanced OSINT tools can monitor dark web forums, social media, and other online platforms where fraudsters may share tactics or sell stolen information. Financial institutions can detect patterns, track fraud trends, and identify potential fraudsters by analyzing this data in real time.
In the same way that financial institutions leverage OSINT solutions to discover trends and patterns, criminals can use data to facilitate fraudulent activity. Detecting malicious activity with early detection and real-time analysis will help organizations avoid the risks.
The integration of OSINT into fraud detection systems also enhances collaboration between organizations. Sharing threat intelligence gathered through OSINT can help create a collective defense against fraud, making it harder for criminals to exploit isolated vulnerabilities.