Inside the mind of online scammers: Kristen, Trust & Safety Analyst

Kristen focuses on analyzing real-world data to understand phishing schemes and profile fraudster behaviour. In her job, it’s important to think like a scammer in order to anticipate their next steps and better protect N26 customers. She told us about her most recent trends she’s seeing and the best ways to stay secure online.

Kristen, you’re part of the Trust & Safety team at N26, which serves as an intelligence provider to teams who work on customer security. Can you explain what you do in your role?

I’m a Trust & Safety Analyst specialized in phishing schemes and account take-over investigations. This means that I identify and investigate new phishing and other fraud trends out in the world, including those where fraudsters gain access to customer accounts. I also do fraudster behaviour profiling, where my background in Psychology is extremely helpful. Basically, I analyze how fraudsters think and behave, and look at the ways they manipulate people into giving them information or access to their online accounts.

All of this information is used to make the N26 app and services even more secure based on real-life data. We also use it to educate our employees and, of course, N26 customers.

Online fraud has increased since the pandemic, when people started to do more and more things online. What would you say is the most prevalent issue people should be aware of?

Phishing attacks have truly spiked since 2020, which is definitely connected to increased online activity. However, that isn't the only reason. Most people will associate phishing with poorly formatted emails encouraging them to click on a link and share personal information – for example, to unlock an allegedly compromised customer account. However, phishing is much more than that. Many phishing schemes hinge on emotional manipulation, which is why they work well in times of crisis. That’s when people are most receptive, and therefore most susceptible and vulnerable.

An entire industry has developed around phishing and as a result, attacks are becoming more professional. Scammers may buy phishing kits on the Dark Web, which can be used to create templates for "successful" campaigns. Databases of compromised customer data or even telemarketing-like scripts for phishing phone calls are also available. Phishing by phone, called Vishing, is increasing because a personal conversation generally generates more trust than an anonymous email and is often much more effective. That's just human nature.

From a technical point of view, fraudsters now have entirely different possibilities than they did a few years ago. It's not difficult anymore to spoof a legitimate phone number – that is, have the caller ID fake a specific number to appear legitimate and generate trust.

Scammers may also use some of their victim's personal information, such as their name or a bank account number, both of which they may have purchased on the Dark Web, making it quite difficult to identify a fraudulent call as such.

You said that crisis situations are the perfect climate for fraudsters to thrive in. Why is that?

Scammers play on the fear and emotions of their victims. In difficult situations, such as the pandemic or the current Cost of Living Crisis, many people may be more receptive to questionable offers and fraud.

Did you identify and analyze other trends in the past few months that consumers should definitely be aware of?

One scheme that really stood out had to do with card fraud. Most people tend to think of skimming when they hear card fraud, where criminals copy card information using manipulated ATMs. However, that wasn’t the case with this scheme. Instead, this particularly sneaky scam was connected to a car sharing service.

Generally, most peer to peer platforms have built-in payment functionalities and often don’t allow exchanging of funds outside of the app. One reason is that leaving the app environment may lead to security issues and fraud. In the particular case I worked on, it was also intended that customers of the service would use its app or website to make their payments for a shared ride. However, we found that drivers would contact customers outside of the platform and ask them to pay a small reservation fee that was supposed to be refunded immediately after departure. To do this, customers were asked to provide the drivers with their card details and a code they would receive afterwards via text message. However, the scammers actually used the obtained information to link the victims payment method to a digital wallet that they control. The victims only became aware of this once the scammers made purchases via fake online shops in order to steal funds in a way that was very difficult to trace.

In addition to never sharing codes and passwords with others, what advice would you give consumers to improve their security and avoid fraud?

It’s important to keep a healthy dose of skepticism, just like in the offline world. Consumers should always question emails, text messages and calls that claim to be from their bank, payment processor, online shops or similar. If something strikes you as odd, it makes sense to end the call or ignore an email and check directly with the company in question to make sure they are actually behind it.

Generally speaking, consumers should be intentional about the things they do on the internet. Online, it's only natural that people want things to be quick and easy, and security mechanisms are often considered a disruption. Companies will continue to develop even better, more secure and friction-less methods to keep accounts secure going forward but for the time being, please make sure to take appropriate online security measures - like using 2 factor authentication and using a different secure password for every online account you own - even if it takes a few seconds longer. This really goes a long way.