U2F (Universal 2 Factor)

U2F or Universal 2-Factor Authentication is a form of 2-factor authentication, in which the user completes a login process using a physical device as one form of verification to prove their identity and be granted access. U2F devices are physical security keys in and are usually combined with one of the other two major authentication factors: 1) something a user knows (such as a password or the answer to a question) or something the user is (such as a unique biometric marker like a fingerprint) - in order to grant access to a system. The benefit of a physical key over its counterparts, usually software-based keys, is that software keys, which generate one-time passwords delivered by phone or email, are known to be vulnerable to phishing attacks.

Unauthorized Disbursements

A disbursement is a payment made on behalf of another person for which reimbursement in the future is expected. An unauthorized disbursements could be defined as an amount of disbursements or expenditures made without any authorized approval. Unauthorized disbursements include five type of categories which are; check tampering, billing schemes, payroll schemes, register disbursements, and also expense reimbursement schemes.

Unauthorized use of assets

Unauthorized use of assets describes the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a deceased person's estate, or by any person with a responsibility to care for and protect another's assets.

Unauthorized Withdrawals

Unauthorized Withdrawal refers to the withdrawal or transfer of funds from an individual's banking account without proper authorization or consent by the individual.

Underdelivery

It is the delivery of less impressions, visitors, or conversions than contracted for a specified period of time. Underdelivery can occur for a variety of reasons. A site or network may experience an unexpected drop in traffic. Low CPM campaigns may be bumped for high CPM campaigns. Pay-for-performance may be bumped for any CPM campaigns, plus there is the added risk that the creative units fail to generate the anticipated level of response.

Understanding Device Fingerprinting: How It Works and Can Help Prevent Fraud

What is Device Fingerprinting?

Device fingerprinting is used to identify and track devices on the internet, particularly computers and mobile devices. It collects information about a device and creates a unique “fingerprint” based on that information. This can identify the device whenever it connects to the internet, even if it is using a spoofed IP address or hides other identifiers.

Businesses use device fingerprinting for various purposes, including tracking users for targeted advertising, detecting and preventing fraud, and improving website security. Some device fingerprinting techniques are relatively simple and only gather a few pieces of information. In contrast, others are more complex and can collect much more data about a device.

Several different factors can be used to create device fingerprints. These include the type and version of the operating system, the browser and browser version originally used, the device’s IP address, the screen resolution, and the installed fonts and plugins. Some techniques may also gather data about the device’s hardware, such as the processor type and the amount of memory.

How is a Device Fingerprint created?

To create a fingerprint, a website or service will typically use JavaScript or other means to gather the relevant information about the device. This device intelligence is then sent to a server, where it is analyzed and used to create a unique fingerprint for the device.

Whenever the device connects to the internet again, the server can use the fingerprint to identify the device and track its activity. This also allows the server to personalize the user experience or monitor their site behavior.

Device fingerprinting is just one technique that can be used to track and identify devices on the internet. Many other methods include tracking cookies, browser fingerprinting, and device profiling.

How is it helpful?

Device fingerprinting can be helpful in many ways, depending on how it is used. Some of the potential benefits include:Device Fingerprinting

  1. Personalization: Device fingerprints help personalize the user experience by providing customized content and recommendations based on the user’s past behavior and preferences.
  2. Fraud detection and prevention: It can identify suspicious activity and flag it for further investigation.
  3. Improved website security: It can improve website security by detecting and blocking suspicious activity and identifying and blocking malicious devices.
  4. Targeted advertising: Businesses can deliver targeted advertising by gathering information about a user’s interests and preferences and using that information to provide relevant ads.
  5. Improved user experience: By gathering information about a user’s device and preferences, fingerprinting helps to improve the overall user experience by providing a more personalized and relevant experience.

Device fingerprinting can also raise privacy concerns, as it involves collecting and storing information about a user’s device. To address these concerns, it’s crucial for companies that use this technology to be transparent about their data collection practices and to provide users with the ability to opt out or control their data.

How does Fraud.net use Device Fingerprinting?

Fraud.net offers fraud prevention and detection services for businesses. As part of our services, Fraud.net uses device fingerprinting to identify and track devices used to access businesses and their websites.

Our product, Device AI, scores, measures, and delivers real-time insights on website traffic so you can take action to keep your business safe while letting legitimate customers speed through. Device fingerprinting allows us to identify malicious or bot traffic and filter illegitimate users from accessing your site. You can also leverage this tool to track and trend suspicious activities and user behavior. 

For each device, we use an SDK to capture, screen, and verify location, language, proxies and TORs, bots, scripts, and more. This service is designed to be quick and easy to implement and can integrate with a variety of business platforms. And our service can help businesses to reduce fraud and improve the overall user experience by providing a more secure and personalized experience.

Want to know more about Fraud.net’s fraud prevention and risk management platform for enterprises? Request a demo to learn how you can leverage AI and machine learning to protect your business.

Unique Identity

A unique identifier (UID) is a numeric or alphanumeric string that is associated with a single entity within a given system. Unique identifiers can be assigned to anything that needs to be distinguished from other entities, such as individual users, companies, machines or websites.

Unsupervised Machine Learning

Unsupervised machine learning algorithms infer patterns from a data set without reference to known, or labeled, outcomes. Unlike supervised machine learning, unsupervised machine learning methods cannot be directly applied to a regression or a classification problem because you have no idea what the values for the output data might be, making it impossible for you to train the algorithm the way you normally would. Unsupervised learning can instead be used to discover the underlying structure of the data.

URL

URL stands for Uniform Resource Locator, and is used to specify addresses on the World Wide Web. A URL is the fundamental network identification for any resource connected to the web (e.g., hypertext pages, images, and sound files). The domain name is the computer on which the resource is located.

URL spoofing

URL spoofing is the process of creating false or fake URLs which pose as another website. The spoofed URL or website address appear to be very similar to the original, actual URL, but in reality redirects the user to a 'booby trapped' website.

Utility Fraud

What is utility fraud?

Scams keep getting more numerous and sophisticated. You’re probably aware of the different invoicing schemes that exist to steal money and information from businesses. But did you know that some criminals target utilities? Utility fraud is when a person fraudulently uses someone else's name or identity to order water, gas, cable or other types of services. Cable fraud is the most commonly committed utility scam. However, this type of fraud encompasses a wide range of schemes.

In March 2021, a Cumberland County, New Jersey, resident received a call they thought came from a local gas company. The representative asked them to purchase a prepaid card so they could pay an outstanding balance of $2,300 and prevent their gas from being shut off.

Criminals are getting creative...

Criminals are getting creative, so utility fraud can appear through several types of schemes. Some scammers operate online and use spoofed emails to steal payment information and other sensitive data. You can also find criminals who impersonate utility workers to gain access to homes and businesses to steal valuable items.

While fraudulent phone calls are a common form of utility fraud, it’s not the only one. In fact, in October 2020, the Suffolk County, New York, police department found that criminals had been posing as utility workers to gain access to homes and commit burglaries.

Utility fraud is sometimes related to identity fraud. If a criminal has access to your personal information, they can use it to open credit lines in your name, file a tax return, or turn on utilities at an address of their choice and get gas, electricity or even cable with no intentions of paying those bills.

With all of the schemes fraudsters enact, the best way to protect your organization is to be aware of the different ways they can use utilities to trick you.

Thankfully, there are steps you can take to protect your organization.

How does utility fraud affect your business?

There are different ways in which scammers can use this type of fraud to hurt your organization:

  • You might see recurring charges on your business credit card if a scammer uses your information to purchase cable or another utility.
  • If you fall for a scammer impersonating a utility company over the phone, they could steal your payment and other information and use it to make purchases or even open lines of credit.
  • Clicking on a phishing email could result in sensitive information getting stolen. These emails often ask you to click on a link to prevent your services from getting interrupted or to claim a refund.
  • Some criminals claim to work for government programs. They will ask for your personal information under the guise of helping you sign up for a program that will reduce your utility bills.
  • If you click on a malicious email, you could infect your device and entire network with malware.
  • Giving physical access to your facility to someone who is posing as a utility worker could result in theft.

These schemes can have devastating consequences for your business. In fact, in 2020, people lost a collective $1.2 billion to impostor scams.

In particular, spoofed emails that look like they came from utility providers can be extremely harmful as well. Businesses lost a total of $1.8 billion in 2020 to business email compromise (BEC).

These schemes can take up your valuable time and cost you a lot. Plus, a compromised network can result in issues with productivity or a lack of trust from your customers.

Fortunately, there are some solutions to consider for keeping your business, your network and your customers' data safe from these schemes. You can protect your bottom line with the right fraud prevention tools.Utility Fraud Infographic

What is the best way to protect yourself?

The methods you can implement to protect yourself from this type of fraud will also help you mitigate the risks linked to other schemes.

Review your best practices

Adopt a well-documented process to keep track of payables, including utility bills. Then if a utility company reaches out to ask for a payment or ask you to claim a refund, you will have a paper trail to refer to.

Additionally, employees should be aware that utility fraud exists. They should know not to share any sensitive information over the phone. When in doubt, it’s best to hang up and contact the utility company directly to see if there is an issue with the business account.

Lastly, a visitor log and a system to record planned visits from utility companies can protect you from scammers who impersonate utility workers.

Protect yourself from BEC

Criminals are getting more sophisticated. In fact, some of them are using AI-generated emails to create realistic spoofed messages from utility companies.

While there are clues that recipients can look for to identify spoofed emails, AI is your best line of defense. Indeed, this technology can look at multiple data points that human eyes can miss.

Protect your business identity

You can protect your business with an identity verification solution. This tool can look at hundreds of data points and verify whether an entity is who they claim to be. It’s a useful tool for spotting fake invoices and spoofed utility bills.

How Fraud.net can help with utility fraud

Fraud.net offers solutions to prevent utility fraud and protect your bottom line. Here are some of the tools we offer:

  • Email AI. With our email AI solution, recipients can see a risk score for each message they receive. This score will immediately let them know when something is off.
  • Identity verification. By looking at hundreds of data points, our identity verification solution can spot inconsistencies and let you know when someone is not who they claim to be.
  • Rules and workflows. We can help you review existing rules and workflows and advise you on how to create a well-documented process for handling invoices and utility bills.

Are you worried about falling victim to a utility fraud scheme? Find out how you can improve your fraud prevention efforts with our free email AI and a free fraud analysis.