Silo for Research helps analysts disguise themselves as they conduct their research
One of the largest global e-commerce companies, the group operates in more than 20 countries and is home to several well-recognized retail brands and service subsidiaries. The company’s fraud intelligence analysts are frequently investigating incidents where swindlers try to use the group’s prominent name in their fake job ads or promotional offers to lure unsuspecting individuals into falling for their crypto or credential stealing scams.
Every time a report of a potential scam comes in through a whistleblower hotline or from another source, fraud research analysts set out to learn as much as they can about the potential perpetrators, including their goals and tactics and whether someone inside the group might be involved. After a quick sanity check, investigators begin gathering information: they often pose as potential victims of a scam, following the fraudsters’ instructions, clicking on links, visiting websites and downloading attachments.
Using the Silo for Research cloud-based browser, investigators know that their systems are protected from malware and that their online research activity is not going to tip off the criminals. “Many of our cases originate from other countries,” comments a fraud intelligence analyst at the group. “With Silo for Research, we are able to disguise ourselves as individuals who have fallen for the scam, from the targeted region. That way, we can really see what the intended victims are seeing, but it’s not obvious to the fraudsters that they are being watched.”
“Silo for Research is an essential part of our operational security”
Before acquiring Silo for Research licenses, the fraud research team was relying on VPN to obscure their identities. But the VPN solution had its limitations – it wasn’t able to protect the group’s systems from malware exposure, and it couldn’t help them manipulate their user agent string to create a realistic “persona” when posing as a scam victim. “Many scams target people using specific messaging apps, like WhatsApp, for example,” explains the fraud intelligence analyst. “The criminals expect recipients to open messages on their cell phones and access their sites from a mobile OS. The sites are optimized for cell phones, so if the scammers notice that someone is looking at their website from a browser, they will likely get suspicious.”
Silo for Research gives the group a full array of features that help them customize how they appear to the websites they visit, including being able to control their language and keyboard settings, time zone preferences, hardware and software configurations and more. “Most importantly, Silo for Research allows us to conduct our research safely, with no danger to our networks and systems,” continues the fraud intelligence analyst. “Silo is a vital part of our operational security.”
The fraud investigation team has plans to expand the use of Silo to other divisions within the group to provide consistency across all investigations. “When we conduct research, we need to do it safely and from an environment that’s not going to alert the subject of our analysis,” concludes the fraud intelligence analyst. “We are planning to implement standard operating procedures for every fraud group using a central tool for conducting safe and effective investigations.” The group is also planning to incorporate the use of Collector to automate their data collection, and are working on best practices to document their research and provide detailed accounts of how they found each specific piece of evidence while maintaining compliance with data privacy laws.