Addressing the Payments & Fraud 360 seminar in Sydney recently, Skip Myers – the director of loss prevention and fraud strategy at technology retailer Micro Center – said that this reasoning should form the basis of any prevention strategy.
He said it is necessary to think like a criminal who seeks the easiest means possible of ripping off the business, and then closing those loopholes.
A good place to stop future losses is to explore how past ones were allowed to happen, Mr Myers said.
“Fraud data tells a crime story – a digital whodunnit,” he said.
Mr Myers said it is possible to play detective to figure out how the theft occurred by treating everything like a crime scene, and tracing the culprit’s steps in reverse order.
He gave the example of a retailer discovering an empty box in the middle of an aisle, and how this detective process can identify how the theft occurred, and potentially even catch the culprit.
In this example, the theft was discovered at 2pm, providing a window of when to search the security cameras. Cross-checking records reveals that six employees called in sick that day, leaving the manager also off the floor trying to fill the staff shortage. This suggests the fraudster had scoped the store previously to determine staffing levels and took advantage of the prime time to strike.
In a bid to achieve this, Mr Myers suggested following this step-by-step process:
- Get into a crime scene mindset
- Analyse the root causes of the loss
- Examine internal variables
- Also examine external variables
- And then process your analysis
The same applies to tracing online fraud, only your crime scene will be a digital one, said Mr Myers.
“Any technology created for good, in the wrong hands, can be used for bad,” he said, noting the use of aeroplanes and cars as weapons by terrorists.
In the digital world, crime scene investigation will involve:
- Device fingerprint – what device was the fraudster using, when and where?
- Check the validity of their email address
- Embrace geolocation
- Explore the type of payment method used
- Dig into the shipping address
- The most important part of combatting fraud, Mr Myers said, is simply to do something about it.
“Get pissed off that someone can do this to your company and fight back,” he said.