Behavioral Analytics & Scams
13 March 2025

Jump to
First, we couldn’t trust credentials anymore.
Then, we couldn’t trust devices anymore.
Now, we can’t trust behavior anymore.“
Scams (or Authorized Push Payments) are the catalyst of a second evolution in fraud prevention. When a scam happens, traditional Account, Identity and Device checks are often insufficient detection mechanisms. After all, scams almost exclusively leverage social engineering. Victims are convinced to transfer funds to a fake family member or a fake “safe account”.
Figure 1: Evolution of fraud prevention
Behavioral Analytics & Scams
Behavioral Analytics provides the ability to translate behavioral customer journey events in risk scores. BA takes events from the customer journey, and data like timings, keystrokes, swipes, journey triggers, taps or clicks, and models them. A Multi-Model approach is
Figure 2: Multiple AI models
The Identity model is individual. It checks for deviations from a user’s regular modelled behavior:
- Manipulation
- Coaching / Dictation
- Pressure / Duress
- Uncertain behavior
The Baseline Fraud Model is federated, and checks for matches against known scam Modus Operandi, including (but not limited to):
- Impersonation Scams
- Romance Scams
- Investment Scams
- Family Scams
- Sales Scams
Applying Behavioral Biometrics to the Customer Journey
Scam- related behavioral events happen throughout the customer journey, from App / Web start to transaction signing. That’s why we often say:
Scams don’t start with a transaction; they end with one.
Figure 3: Behavioral indicators in the Customer Journey
Detection Rates
Scam Detection benefits tremendously from adding Behavioral Analytics. Our most recent measurements for the most common scams show the following increases:
Figure 4: Detection Rate increases
Verdict: Behavioral Analytics and Scams get along tremendously well
Behavioral Analytics is made for detecting scams. The nature of Social Engineering does not translate into technical TTPs and scores easily. Modelling behavioral allows Fraud Prevention teams to tie risk scores to behavior.
Behavioral Analytics provides a tremendous boost of detection rates of scams. As we will see later in this series, this power is even greater when synergizing with Device Risk and Threat Intelligence.
Behavioral Analytics and ThreatFabric
At ThreatFabric, we’ve solved some key issues with legacy Behavioral technology:
- Our technology is built on threat intelligence: this ensures our technology is ready for new, or unknown, Fraud Modus Operandi. Also, our Threat Intelligence landscapes allow Fraud teams to not only react but also pre-empt campaigns.
- ThreatFabric combines Multiple Behavioral Analytics models with Device Risk, built on Threat Intelligence, throughout the Customer Journey. This combination of technologies and multiple models in one SDK allows for unprecedented, pre-emptive detection accuracies.
- We use Edge AI scoring on the endpoint, combined with an ultra-light SDK footprint. This greatly reduces computing & license cost and eliminates the need for per-use pricing.
Figure 5: Behavioral and Device Technology in the Customer Journey