Skip to main content
Learning Center
Fraud BasicsFraud 101: What Is Fraud?

Absolute basics for someone who has never looked at fraud - what is fraud, how is it different from other crimes, and why does it matter

Fraud 101 — What It Is and How You Fight It

Last updated: 2025-08-26 · Estimated time: 8–12 min

The goal of this module is simple: understand what fraud really is, how it shows up in your product, and what your job is as an analyst.

What Is Fraud (in plain words)?

Fraud is lying to get something of value—money, goods, access, or power. In law, cases turn on three ideas: intent, a deceptive act, and harm. In the day‑to‑day, you’ll spot behaviors that predict loss and you’ll choose the right control at the right time.

The Four Big Dimensions

  • Who: a lone actor, a small crew, or an organized ring.
  • How: stolen cards, stolen accounts, social engineering, API/bot abuse.
  • Where: signup, KYC, login, payment, payout, refunds, loyalty, support.
  • What tools: infostealer logs, SIM swaps, phishing kits, bot frameworks, mule networks.

First‑Party vs. Third‑Party

  • Third‑party: someone uses another person’s identity or instrument (stolen card, hijacked account).
  • First‑party: the customer does it (chargeback lies, return abuse).
  • Hybrid: collusion or “I bought a hacked account and later claimed victim.”

Your Job as an Analyst

  1. Detect risky patterns early.
  2. Decide the lightest control that works (approve / deny / step‑up / hold).
  3. Explain your choices to teammates, auditors, and sometimes regulators.
  4. Improve the system every week (features, rules, models, playbooks).

Common tools

  • Data signals: device, IP/ASN, velocity, behavior, linkage.
  • Controls: rules, ML, 3DS/step‑up auth, limits, manual review.
  • Workflows: triage, case notes, evidence, escalations.

Fast “Indicators” You’ll Learn to Trust

  • Velocity bursts (many small tries, rapid signups).
  • Anomalies (new device + new geo + high‑risk action).
  • Linkage (shared emails/phones/devices/addresses/IPs).
  • Bad outcomes (chargebacks, ACH returns, abuse reports).

Balance Risk and UX

Tight controls stop fraud and can hurt good users. Use contextual step‑up (OTP, passkeys, selfie) when risk is high, not everywhere. Give customers clear explanations and an appeal path.

How You Measure Success

  • Loss rate (bps), chargeback rate, ATO rate, refund‑abuse rate.
  • Approval rate, manual‑review rate, step‑up rate.
  • Time‑to‑detect, time‑to‑resolve, case backlog.

Bottom Line

Fraud is a moving target. Make attacks expensive and unreliable. Keep the good users moving fast.

Previous ← /learning/fraud-history · Next → /learning/common-fraud-types

Test Your Knowledge

Ready to test what you've learned? Take the quiz to reinforce your understanding.