Investigating Target Selection and Financial Impact of Service Fraud

Abstract

A portion of the digital fraud occurring on the dark web comprises the illegal exchange of vouchers, coupons, and stolen accounts, defined in this research as service fraud. Despite its existence, this type of fraud had not been previously explored. This thesis employs a quantitative approach to examine which company characteristics influence the target selection process, and the financial impact of service fraud, conducted on eight prominent underground markets, from 2011 to 2017. Initial understanding of the matter is provided by mapping out the digital fraud landscape; exploring and classifying into four categories the different types of service fraud. The direct costs of such fraud for the analyzed companies are quantified, showing that the sustained losses are relatively low compared to the figures reported in various resources. Regression analysis is used to model which characteristics make companies more attractive to cyber criminals, and how they influence losses suffered by businesses. Reputation and domain popularity are able to explain to an extent the frequency of being targeted. Furthermore, companies operating locally, as well as smaller businesses seem to experience higher financial losses. The implications of the results for businesses and society are discussed. Expanding the current model with other factors or additional data, such as employed security controls and strategies, as well as using different research methods could enhance this topic and provide more insights.