Skip to main content
Splunk Lantern

Detecting ATM Fraud

Scenario: You work for a large bank with hundreds of ATMs, each with thousands of users. For government compliance reasons and to protect your customers, you need to monitor these ATMs for signs of suspicious activity. You want to evaluate potential risk of ATM fraud by performing analyses that help to indicate outliers and anomalies of fraudulent behaviors or transactions. You also need to make recommendations to the rest of the security team about which users should be investigated for potentially fraudulent activity. 

Prerequisites

To succeed in implementing this use case, you need the following dependencies, resources, and information.

Your lookups may not have the same fields as the ones demonstrated in the sample searches. Adjust field names as needed to match your environment.

How to use Splunk software for this use case

Depending on what information you have available, you might find it useful to identify some or all of the following: 

Results

Use the results of these searches to make recommendations to the rest of the security team about which users should be investigated for potentially fraudulent activity. Be sure to follow any industry policies and regulations that are required for compliance.

Additional resources

The searches in this guide are also included in the Splunk Essentials for the Financial Services Industry app, which provides more information about how to implement them successfully in your financial services maturity journey. In addition, this Splunk resource might help you understand and implement this use case:

  • Was this article helpful?