Stopping COVID-19 related crime using graphical data

Amy Hodler explains why graphs could prove key to stopping illicit scamming associated with coronavirus crisis financial support.

Coronavirus aid has emerged as a big target for cyber criminals, who see the funds and loans central governments are paying out as lucrative sources for potential fraud. 

The World Health Organisation has seen a five-fold increase in cyberattacks since the pandemic started. According to the FT, the problem is particularly severe in Germany, where fraudsters are lurking in the shadows as businesses apply for emergency funds and then diverting the much-needed cash into their accounts. 

It is estimated that the Federal Republic’s North Rhine-Westphalia has lost tens of millions of euros in a recent phishing attack after cybercriminals successfully cloned an official website designed to distribute COVID-19 financial aid. 

In a recent joint advisory statement, the UK’s National Cyber Security Centre and the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency warned that a growing number of “malicious cyber actors and advanced persistent threat groups” are getting progressively more active on the international stage. 

Tackling opportunism

By their very nature, Cybercriminals are opportunistic — attacking when they see vulnerabilities in security and data infrastructure. The unanticipated operational challenges that companies and public sector bodies have been attending to in haste during the health crisis have made for some easy prey.

In a similar fashion to applications for aid, criminals seeking to defraud financial institutions use false identities when creating accounts or loan applications. Information such as a home address, phone number, and email details are reshuffled and reconstructed to create a fictitious persona.

Conventional fraud detection solutions are not powerful enough to uncover these synthetic identities. These solutions can only relate two to three pieces of data at any one time, such as name, home address or bank account. This approach may be adequate for ensnaring individual bad actors, but it isn’t advanced enough to uncover fraud rings where multiple parties are collaborating.

Fraud detection with graphs

The main reason why conventional approaches to fraud monitoring are not operationally practical is that most fraud detection systems are based on a relational database model. A relational model means that data is stored in predefined tables and columns. With large, unstructured data sets, these kinds of representations can rapidly hit the buffers. Queries end up being too complicated, and response times are too slow.

These solutions are trying to detect fraud in the absence of real context. Banks and government authorities need the ability to follow a trail from one account to another. This requires having a 360-degree view of the intricate complexity of the fraud network to determine how suspicious events are related.

Graph database technology may be an essential weapon in fighting back. In contrast to relational databases, graphs not only interpret individual data such as ‘person’, ‘account number’, and ‘home address’, but also their relationships with one another. These relationships include links such as ‘resident in’, or ‘transacted with’. The data model can thus accurately portray these complex relationships. 

The great advantage of graph database technology is that any number of qualitative or quantitative properties can be assigned to data, showing complex relationships in a coherent and descriptive way. 

One of the best-known graph algorithms for potentially thwarting coronavirus bad actors is ‘PageRank’. This algorithm measures transitive influence or connectivity between nodes or objects and can uncover objects based on their additive relationships and rank nodes with a relative score.

For fraud detection in financial institutions, graph technology can identify important or influential customers who head up countless transactions. Nodes with a high PageRank score can be illustrated using a visualisation tool so that they appear larger in the view and can be easily and rapidly isolated.

A richer way of representing information

Finding the centres of gravity for fraud in this way is critical. As business processes accelerate and become more automated, the time margins for detecting fraud become much narrower, increasing the need for a real-time solution.

Cyber fraud rings are becoming increasingly sophisticated at evading discovery. However, a richer way of representing information is key to uncovering scams with a high level of accuracy – checking the legality of applications and highlighting suspicious behaviours. As fraud attempts become increasingly complex, graph technology is a vital part of your organisation’s security arsenal.

Amy Hodler is Director, Analytics and AI at Neo4j

The views and opinions expressed in this Viewpoint article are solely those of the author(s) and do not reflect the views and opinions of Fintech Bulletin.