arrow left facebook twitter linkedin medium menu play circle

How Criminals Use Stolen Data

The data breach itself isn’t the real concern. It’s the downstream attacks that follow.

By Christopher Watkins 2019年7月31日

Photo of Christopher Watkins

about Christopher Watkins
Christopher Watkins is Senior Creative Writer at DataVisor. He brings 10+ years of writing, editing, and strategy experience to his role. He was previously Senior Writer and Chief Words Officer at Udacity. He holds an MFA in Creative Writing from the University of Southern Maine.

The fact that “How are criminals using stolen data?” was the most requested question in Fang Yu’s recent Quora Session speaks volumes about how much the matter of data breaches weighs on our minds. It also highlights the complicated nature of the challenges we face and the uncertainties that continue to plague us.

Stolen Data

It’s no secret that data gets stolen. One need only to visit a news site to see the latest in data breach stories. However, this question of what happens to the data after it gets stolen is another matter. That it remains an open question for so many is concerning, because it’s the downstream attacks that rely on stolen data that we should be focusing on, as that’s where the real damage happens.

Fang Yu is uniquely positioned to speak to the matter. From her days as a Microsoft researcher to her role today as Co-Founder and CTO of DataVisor, Fang has spent more than a decade directly engaged in the drive to defeat modern digital fraud. In the conclusion of her answer, she speaks eloquently about what’s at stake, and where we need to put our focus:

“What’s most important to remember is that a data breach in and of itself does not immediately impact the end user. It becomes a real disaster when the data gets into the hands of criminals, because they’ll use it to steal as much as they can, and this can have a profound—and profoundly negative—impact on a person’s life.”

Fang also includes in her answer some detailed examples of how our data gets used once it falls into the hands of malicious fraudsters. Among the use cases she discusses are identity theft, account takeover, and credential stuffing.

The Look of Fraud Today

Another popular question-and-answer combination from the Quora Session further makes the point that people are very much still wrestling with ambiguity and confusion when it comes to the realities of fraud today. In answering the question “What does ‘fraud’ most commonly look like today?” Fang makes sure to provide some historical context before addressing our current situation:

“Fraud today represents a transition from physical to digital, from in-person to online, and from small-scale to massive scale. When fraud existed only in “the real world,” it was generally small in scale and localized. Someone would steal your wallet, then spend the money across town. Today, sophisticated fraud rings controlling huge volumes of bots create fake accounts across the globe and use them in massive, coordinated attacks. These changes mirror changes in society and technology. Our lives have moved online.”

Over the course of her response, Fang addresses the impact of bots on the fraud landscape, the challenges of balancing convenience against security, the technologically-empowered adaptability of the modern fraudster, and attack techniques such as account incubation and bust-out fraud. Despite her acknowledgment of how difficult it is to keep pace with modern fraud, she nonetheless offers a prescription:

“Unsupervised machine learning has emerged as the only genuinely viable way to prevent sophisticated modern fraud—it’s the only way we can defeat fraud, at the speed of fraud.”

How Is Digital Fraud Becoming More Sophisticated?

Thousands of readers checked in to find out an answer to the question of technology’s impact on fraud. Fang’s response covers a great deal of ground. Here are just a few of the insights she offers:

  • New technologies don’t necessarily replace old ones—instead, they add to them.
  • By sophistication, what we really mean is singularity—in other words, almost every attack is different, even when it’s the same fraudster behind the attack.
  • Fraudsters have learned that adaptability is the key to their success.
  • Every time a new tool, technique, or technology is introduced and adopted, we can assume it will be used by fraudsters as well.

Fang concludes her answer by again noting that unsupervised machine learning (UML) offers us a defining advantage in combating sophisticated digital fraud—a theme she develops further in response to this question: “How can advanced AI solutions be used to combat bot-powered fraud?”

“What is required today is holistic data analysis—the ability to look at data as a whole, to discover correlated patterns and reveal hidden connections between actions and accounts that would otherwise go undetected if viewed in isolation. This is why unsupervised machine learning is so important. With UML, we can look at data holistically, and we can interpret contextually, all without requiring historical labels. We can make the right decisions, even when confronted with attack types we haven’t seen before.”

You can explore Fang’s full Quora Session here. We invite you to dive in, upvote your favorite answers, and provide your own comments and insights.