BioCatch Blog Channel

Browse Topics

A network to disrupt criminal networks

Written by:

Raj Dasgupta

A network to disrupt criminal networks featured image

“I was too embarrassed to tell anybody.”

As a career fraud fighter, I hear confessions like this all the time. In this particular instance, I was at an airport, waiting by my gate for a delayed flight to finally begin boarding. I got to talking with a friendly, 84-year-old woman, flying to visit her two sons. Let me call her Beth. When she heard what I did for work, the floodgates opened.

A few years ago, she was in a vulnerable stage of her life, having just lost her husband. During a particularly lonely period over the holidays, she received a text message from an unknown number. One thing led to another, and by the time she realized she and this phantom Romeo were not actually in love, she’d lost $64,000 of her hard-earned savings.

This, unfortunately, is an all-too-familiar story for us fraud fighters. It happens too often and is simply heart-breaking.

Let us now explore what’s going on in the broader world of digital fraud and financial crime today. The garden variety cases of identity theft have grown more sophisticated. With rampant data breaches over the course of the last several years (Yahoo, National Public Data, LinkedIn, Ticketmaster, Marriott, AT&T, Equifax, I could go on and on), fraudsters don’t need to stitch together parts of stolen identities with their own personal information to commit new account fraud. They now have access to “fresh fullz” or never used stolen identities that often pass identity verification (IDV) checks and identity fraud models.

Scripted attacks, especially at account origination, have grown increasingly common in recent years, thanks in part to readily available GenAI tools. Fraudsters now have access to bots to help them do their dirty jobs at scale. Combatting this kind of scale requires the most sophisticated defenses. Technology that provides behavioral intelligence, allows financial institutions (FIs) to see that even though an identity may check out with regular origination controls, the behavior of the applicant can still appear very fishy.

Suppose, as a financial institution, you book some bad accounts. You may not realize they are bad immediately, especially if they are deposit accounts. However, there will be tell-tale signs of the account being used for nefarious purposes. Let’s examine some scenarios that can be indicative of the accounts being used as mules to move ill-gotten money.

We often see accounts being opened and then within minutes being accessed by different devices that use U.S. proxies to look like they are from the U.S. But when we look at the SIM, we see it registered with carriers outside the U.S. Most of the time, these handlers from outside the U.S. would use the “forgot password” flow to reset passwords. They then can deposit forged or counterfeit checks through RDC and use faster payment rails to move the money out. If the check returns, the FI is nearly always left holding the bag on the resulting loss, as – by then – the perpetrator is nowhere to be found.

Another scenario of “witting” mules are younger people who wouldn’t mind moving money on somebody else’s behalf, especially if they have an account that has been lying unused for a long time. Behavioral intelligence technology can see these sleeper accounts wake up and start to transact little by little before moving large sums of money.

Lastly, bad actors can take over an account and use it as a mule account unbeknownst to the legitimate account holder. Too often, we hear about victims of ATO giving up their bank-provided one-time passwords (OTPs) to fraudsters impersonating bank employees. With that OTP, the fraudster then gains near unrestricted access to the victim’s account. They can change notification settings, use the account as a mule, or even transfer away the entirety of the victim’s account balance. Behavioral intelligence can detect such behaviors from a fraudster as anomalous to the genuine user’s behavioral profile and alert banks in real-time before much damage can be done.

The worst part of these money movements is that there are victims at every stage of the process. The bad money might originate from account takeover fraud (ATO) or a scam (new scam MOs emerge literally every week) and then flow to a mule account from which it’s further laundered, before criminals finally convert it to cryptocurrency to fund the most egregious crimes in our society – human trafficking and modern slavery, drug trafficking and terror financing.

Is all this unstoppable? No.

The Dark Economy is a web of sprawling, interconnected criminal networks, serviced by contractors and subcontractors specializing in every niche element of perpetrating a crime and realizing its profits. It will take a network to defeat such networks.

Historically, banks have been reticent about sharing information with other banks, but contemporary scammer MOs have grown increasingly difficult to combat alone. Financial institutions must turn to network-based platforms from which they can receive critical insights into various risk events at origination and post-origination touchpoints.

Technologies based on user behavior, device, accounts, and transactions make this possible. Information shared by a network’s participating member banks can help unravel the interconnected web of accounts and criminal money movement, thus enabling the FIs to make risk decisions in real-time, stopping the flow of illegal money.

We’ve already launched such a network in Australia. BioCatch Trust™ Australia brought together the largest Australian banks to share information and gain valuable insights on recipient accounts, allowing them to adequately assess the risk of a fund transfer in real-time before letting the money out the door.

Our vision is to bring this capability to every country in which we operate (with many countries already in progress) and, eventually, to assess risk for cross-border transfers, thus enabling financial institutions all around the world to prevent the flow and eventual laundering of bad money to fund serious financial crimes.

We have the opportunity, the capability, and the duty to do this to make a difference in the lives of millions around the world.

Before Beth and I got up to board our flight, I showed her this text:

Picture1-Mar-03-2025-10-40-28-8091-PM

“Now I have gotten smarter!” she said. “I get these a few times a week but now know not to pay attention!”

I was so happy to hear that!

Recent Posts

The power of a pause: Can a small delay prevent big fraud losses? Authorized Push Payment Scams
March 05, 2025 The power of a pause: Can a small delay prevent big fraud losses?
Read article
Instant payments in Germany: Real-time transfers, heightened risk Payments
March 05, 2025 Instant payments in Germany: Real-time transfers, heightened risk
Read article
A scam type grows in India social engineering scams
March 03, 2025 A scam type grows in India
Read article