Skip to main content
Splunk Lantern

Detecting wire transfer fraud

Scenario: You work for a financial services company that conducts a lot of wire transfers. You know that your customers are at risk for many common scams, such as fake rental deposit requests, lottery winnings that supposedly require a tax prepayment, and overpayments on bad checks. You want to do everything you can to protect your customers from scammers and protect the reputation of your business.


To succeed in implementing this use case, you need the following dependencies, resources, and information.

Your sourcetypes may not have the same fields as the ones demonstrated in the sample searches. Adjust field names as needed to match your environment.

How to use Splunk software for this use case

Depending on what information you have available, you might find it useful to identify some or all of the following: 


Use the results of these searches to make recommendations to the rest of the security team about which users should be investigated for potentially fraudulent activity. Be sure to follow any industry policies and regulations that are required for compliance.

Additional resources

The searches in this guide are also included in the Splunk Essentials for the Financial Services Industry app, which provides more information about how to implement them successfully in your financial services maturity journey. In addition, this Splunk resource might help you understand and implement this use case: