01/9/2018 | Episode 13

Chocodiles and Chargebacks: Stories from Veteran Fraud-Fighters

Being a fraud analyst is a high-stakes job, often punctuated by strange twists and turns. How do analysts navigate the fast-paced world of online fraud? What challenges do they face? And what on earth do chocodiles have to do with it? In this episode, we sit down with two veteran fraud fighters: Michelle Arguelles and Kevin Lee. Michelle and Kevin draw on years of experience at companies like WePay, Facebook, and Square to give us an inside look at fraud fighting.

Michelle Arguelles is a Product Marketing Manager at Sift Science.

Kevin Lee is a Trust & Safety Architect at Sift Science.

  • Share this Episode

Hosted By

Roxanna “Evan” Ramzipoor is a content marketing manager at Sift Science. Her debut novel The Ventriloquists will be released in 2019.


Transcript

Evan: Welcome to Trust & Safety in Numbers presented by Sift Science. I’m your host, Evan Ramzipoor. Being a fraud analyst is kind of like being a forensic scientist. It’s messy. It’s often repetitive and sometimes exhilarating. And it’s nothing like what you’ve seen on TV. Okay, so maybe you haven’t seen fraud analyst on TV. Come on, HBO, where’s that gritty fraud analyst drama? I’m sitting down today with Michelle Arguelles and Kevin Lee. Before they started at Sift Science, they each worked on teams of fraud analysts. Michelle and Kevin are here to share stories from the fraud analyst frontlines. And just a warning for our listeners, one of these stories contains chocodiles. But before we get into that, let’s warm up with a quick fraud fact. Did you know that up to 20% of the second-hand concert and events tickets that you see for sale on sites like eBay or Craigslist aren’t real? To learn more, check out “Online Ticketing Fraud Challenges and Opportunities” on the Sift Science blog. Now onto the episode.

Kevin: Hi. My name is Kevin. I’m the Trust & Safety architect here at Sift Science. Prior to joining Sift, I was head of Global Spam ops at Facebook so I was in charge of preventing spam and other malicious behavior for Facebook and Instagram. And prior to that, worked at Square.

Michelle: Hi, I’m Michelle. I’m a product marketing manager at Sift Science, but I actually joined the Sift Science team couple of years ago as an account manager. So I was working with our customers to help them learn how to use Sift Science in the best way and get the most out of their integration. Prior to Sift, I was a senior risk analyst at a payment startup called WePay and did everything from manual review to handling disputes and chargebacks and helped build out our tooling.

Evan: What does day-to-day life look like for people who were fighting fraud on the frontlines as a fraud analyst or in a similar role?

Michelle: The majority of the day was definitely made up of working through manual review queues. At WePay we, at the time I was there, were primarily rules based. So we split up the queue based on rules and works through any accounts that were in the queue there. We also had a few other things we had to do. For example, whenever disputes came in or chargebacks came in, we would have to resolve them and send out chargeback papers assessments.

Kevin: And then on my end, I would sum it up in terms of day-to-day for a fraud analyst would be stressful just because oftentimes there’s money on the line if you want to let a particular transaction go for several hundred dollars. And on the flip side, stop a particular transaction and potentially create a false positive and kind of impacts a customer negatively. I’d say, it could be repetitive as well. Michelle mentions a lot of queues that you jump into. There can be hundreds and thousands of transactions or particular cases that you need to review, and it’s pretty constant. Fraud doesn’t sleep and so 24/7 you could be working those queues.

Evan: Can you guys speak a little bit to why this is such an important role? Llike, could you talk concretely about what exactly fraud analysts and people in similar roles are doing to help their companies and what life would be like without people like you?

Kevin: Sure. So first and foremost, I’d say, really, we are protecting our company and our customers from various types of abuse. I think the mandate for any risk team is pretty clear, whether it’s a financial mandate or customer experience mandate, really you are empowered to build trust between your company and that end user.

Michelle: Yeah. And just to piggy back off that, I mean, fraud can really be an existential problem for a business so the work that you do as a risk analyst is really impactful in making sure that your company isn’t getting hurt by fraud. But, you know, speaking from my experience at WePay where we actually were processing payments on behalf of other businesses, we were protecting a lot of small businesses from fraudulent chargebacks. You know, your mom and pop store might not know what fraud looks like, or how to protect themselves from it. So we could step in and really do that for our customers.

Kevin: If people, a.k.a. your customers are exploited or they’re cheated out of a product, they’re going to probably stop using your product, and so it’s incredibly important to have someone or have a team in place to kind of stop and minimize that type of abuse.

Evan: Do fraud analysts typically work alone or in teams, and do these teams start to cross different departments and functions, or are they pretty insular?

Kevin: So some of the teams that I’ve managed, they were pretty big operations. So they’re global. So there were teams in India, other parts of Asia, the U.S., several different places in the U.S., across Europe as well. And really you have different types of roles. Certainly, you have people that do transaction review and kind of going through orders one by one, or if the team gets big enough, potentially, you outsource activities like that and then you have someone on the team that manages the quality or the vendor relationships there. You’d also have other people doing more cross-functional types of roles that are working with engineers, or the product team, or the marketing team on different things that are happening to make sure that whatever new products come out or new launches are coming, that the team is fully aware and then have built-in proper safeguards and have all the things in place that they need to to ensure a successful launch.

Michelle: Yeah. WePay, honestly, had smaller operations than I think Facebook and Google had. When I started on the fraud team, I was team member number three but the team grew a lot, you know, when I left, and I think WePay has continued to grow and specialized. But in my day, yeah, we had a small team of people. We would divide up the queue based on rule basically, and we’d also divide people onto certain tasks. So, for example, I would handle chargeback and dispute resolutions, and another one of my team mates might handle KYC verification type of things. In terms of cross functional interaction with teams, we worked with the support team a lot. If they ever got reports from people that there was fraudulent activity, they’d relay that to us and we’d work with them to figure out how to stop the fraudsters and how to make things better for the good users.

We also work pretty closely with our sales team. Our sales team would come to us with any new customer they were onboarding onto the platform. So we needed to understand what their business model look like, and how risky it might be. As you imagine, a partner that we brought on who’d allowed four invoices for small businesses is riskier than someone like a donation platform just by virtue of what their business is. And we did have a couple of engineers too who work on risk specific things. So again, helping us build out the rules engine when we were working on it. And actually we had our own in-house built console so we worked with them to build it out and make sure it was a tool that made our work as efficient as possible.

Evan: All right. So here’s an important question for both of you. What is your fraud analysts’ patronus? And just some background for people who aren’t familiar with Harry Potter, a patronus is an animal that wizards can project to protect themselves, and it’s sort of a representation of who they are. So it’s basically a spirit animal without the cultural appropriation.

Michelle: Like Hermione’s, I like to think it would be an otter, but as those who now know me know well, I am a mother of five chickens so it might have evolved into a chicken at this point.

Kevin: For me I’d say, if it’s a fraud-based one, I’ll go with a raccoon just because they’re pretty smarts, adaptive, and they don’t mind getting their hands dirty.

Evan: As you both know, at Sift Science we really love collecting strange and memorable stories from the fraud frontlines, like in our “Two Confessions of a Fraud Analyst” blogs. So do either of you have any stories that you’d like to share?

Kevin: Okay. I’ll share two actually just because we’re talking a lot about frontline supports. There was one merchant that I dealt with in the past. They represented CAL FIRE. And so especially this year, there’s a lot of wildfires especially in California. Obviously, these firefighters need food. There was a particular merchant that claimed that they were supplying food to all the firefighters fighting these wildfires. And I’ve never heard of such a service before, but they were charging over $100 grand to feed these firefighters. And verifying that this merchant was legit was really, really stressful. They ended up being legitimate, but it was pretty stressful at the time verifying that they were making this many sandwiches or delivering this many meals to thousands of firefighters. The second one, a little bit lighter, was I once shut down someone who claimed to be the personal shopper of Kevin Durant, and he did not. Illegitimate.

Michelle: I actually had a couple nemesis when I was fighting fraud. Kevin’s nodding his head because there are just some people who come back all the time or who generally are large enough headaches. For me, one of my biggest headaches was actually a guy who sold chocolate-covered Twinkies. They’re also known as Chocodiles. He was a huge pain in the butt especially because at one point in time, a few years ago now, Hostess, I think is the company, announced they were no longer going to make Chocodiles. So he just got a huge influx of sales of Chocodiles, and that was a mess to deal with. And a similar story to Kevin Durant one, there definitely were times when we saw big donations come through, and I think there was one that came through from Chris Pratt. And I pretty easily identified that it was Chris Pratt who donated it because he tweeted and everything. But I was like, “No, but I’m gonna try to call Chris Pratt.” So I got on the phone, didn’t get him on the phone, but got someone else who was able to verify that he did in fact make the donation.

Evan: Thanks for joining me in Trust & Safety in Numbers. Until next time. Stay vigilant, fraud fighters.

Related Content

Not all Machine Learning Systems are Created Equal

Learn more about what sets Sift Science’s machine learning apart.

Download

Complete Guide to Account Takeover

With billions of compromised credentials already in criminals’ hands, how do you protect your users’ accounts, your brand, and your bottom line?

Download

X