Arkose News

Depth of the Data Exposed in Breach Powers Complex Fraud

September 25, 20194 min Read

Fighting complex fraud requires a multi-level, long-term approach that bankrupts the fraud business model

In one of the most nefarious data breaches ever, the personal details of almost every citizen— including children—of Ecuador, have been breached. This data breach is particularly damaging because of the depth of data it has thrown into the wild.

Digital AND Physical Dangers

The breached data includes the full name, gender, date and place of birth, residential address, educational qualification, phone number, email IDs, marital status, date of marriage, date of death, family tree details, and national ID card numbers of the citizens. Even details of the bank accounts—including account number, balance, credit type, amount financed—associated with each individual have been thrown into the open. With access to such rich data, online crimes are inevitable. The risk, however, multiplies manifold as the depth of this data also increases the probability of physical dangers—burglary, kidnapping, and so forth.

The Ecuador data breach is particularly worrying as it has also made the digital identities of children available to fraudsters. Usually, when people realize they have been defrauded they report the crime which helps identify and stop fraud. However, since these children are still not monitoring their digital footprints actively, fraudsters have ample time to farm these identities for mass scale payout. This will damage the digital identities of the children even before they step into the world of digital commerce.

Identity: The Real Currency

Identity is the true currency in the digital economy. Businesses harness all of this data to improve their services and decision-making across customer touch points. But, the rapid growth of digital commerce has also given rise to an increase in fraud, as data breaches continue to supplement the personally identifiable information databases in the dark web.

Personally identifiable information is a treasure chest for fraudsters, as they can use this data in various ways to orchestrate numerous types of crimes. With the stolen log-in details fraudsters can easily takeover bank accounts to access saved payment details and wipe off the assets contained therein or use these accounts to launch other sinister crimes. Using stolen names, addresses, phone numbers, they can open new fraudulent accounts that can be used to launder money, seek fraudulent loans, and build synthetic profiles over a period of time. The stolen credit card details can be used to purchase expensive items. Fraudsters can abuse the social media accounts using stolen details for fraud and other criminal activities.

The bottom line is that the stolen credentials can be abused in various combinations and permutations to maximize the exploits. Unfortunately, the Ecuador data breach has just opened up additional opportunities for fraudsters and digital businesses must step up their defenses now.

Adopt Long-term Approach to Fight Fraud

To prevent fraudsters from abusing the stolen credentials to inflict large-scale losses, digital businesses must prepare to fight fraud proactively. Instead of catching up with fraud, they must adopt a strategic approach that helps them erode the financial gains for the fraudsters so they do not attack.

Arkose Labs helps digital businesses globally prevent fraud with its multi-tier, unified, and long-term approach which is rooted in prevention and stopping of abusive attacks at the point of entry.

The Arkose Labs Advantage

Combining global telemetry with adaptive step-up enforcement challenges, Arkose Labs Fraud and Defense Platform provides in-depth insights to help identify fraudsters from a group of genuine users. The platform analyzes digital intelligence to accurately ascertain the underlying intent of the user and assigns risk scores to each user. Based on these risk scores, adaptive stepped-up enforcement challenges are presented to deliver targeted and accurate friction for suspicious users—human or bot—while genuine users continue to enjoy a seamless experience. This wastes the fraudsters' resources and gradually diminishes the economic returns from the attack, ultimately making it non-viable.

Arkose Labs helps digital businesses proactively fight complex fraud and online abuse. To learn more, schedule a demo now.