Reinventing Fraud Detection Through Digital Fingerprinting and Link Analysis

Blog-Apr-15-2026-12-02-51-0755-PM

Fraud detection systems are designed to assess risk at the level of individual transactions or accounts. However, this approach is becoming less effective as fraud becomes more complex.

Fraud is often spread across multiple accounts, devices, and interactions rather than appearing as a single event, making it difficult for traditional detection models to capture this kind of activity.

A white paper from Microsoft, Reinventing Link Analysis: How Digital Fingerprinting and LLMs Are Transforming Enterprise Fraud Detection, authored by Akhil Singhal and Sadhana Viswanathan, explores how combining digital fingerprinting with link analysis can shift fraud detection from isolated events to network intelligence across systems.

From Isolated Detection to Network Intelligence

Traditional approaches work well for known patterns, but are less effective when fraud is distributed across multiple entities.

This has led to a shift towards network intelligence, where relationships between entities are analysed to uncover hidden connections. Rather than asking whether a single transaction is fraudulent, this approach focuses on how multiple interactions relate to one another across time and systems.

Identifying the User Behind Fraud Activity

A central component of this approach is digital fingerprinting, which creates a probabilistic representation of a user based on device, network, and behavioural signals.

These signals can include device characteristics, IP attributes, environmental configurations, and interaction patterns. By analysing how a user behaves, rather than relying solely on static identifiers, organisations can move closer to identifying the individual operating the system.

Identifying the “user at the keyboard” enables more accurate classification of risk, particularly in cases where fraudsters rotate accounts or reuse infrastructure to evade detection.

Connecting Fraud Through Link Analysis

Once suspicious activity is identified, link analysis is used to uncover relationships across historical and real-time data.

By connecting shared attributes such as device identifiers, login credentials, IP addresses, and behavioural patterns, systems can construct a network of related entities. This allows organisations to identify not only the initial fraud signal but also other accounts and transactions that may be connected.

This approach supports earlier detection by enabling organisations to reassess previously approved activity and prevent further abuse. It also shifts detection from identifying individual events to exposing broader fraud networks.

Looking to contribute to collaborative anti-scam initiatives? GASA Working Groups bring members together to develop practical, real-world solutions.

The Role of LLMs in Detection

The paper also outlines how LLMs can enhance link analysis by introducing a reasoning layer on top of traditional rule-based systems.

Instead of relying solely on predefined rules, LLMs can interpret patterns across complex datasets, identifying relationships that may not be captured through static logic. This allows detection systems to adapt more effectively to evolving fraud behaviours while reducing the need for continuous manual rule updates.

Importantly, this layer operates alongside existing controls, supporting decision-making while maintaining governance and oversight.

What This Changes for Fraud Prevention

Together, digital fingerprinting and link analysis enable a shift from reactive detection to preventive disruption of fraud activity.

By identifying connections across users, devices, and transactions, organisations can detect coordinated behaviour earlier and respond at scale.

This approach also delivers clear operational benefits:

  • Higher fraud coverage by detecting coordinated networks
  • Reduced false positives through probabilistic fingerprinting
  • Faster response through automated linkage and blocking
  • Greater scalability across large datasets
  • Improved explainability through connected fraud relationships

Network-level intelligence offers a more resilient model for detecting and disrupting organised fraud.

From Detection to Disruption

The approach outlined in the paper reflects a broader transition in fraud prevention, where detection is no longer limited to individual events but extends to understanding how activity is connected across systems.

This allows organisations to act earlier and more consistently, addressing fraud patterns before they scale.

The full white paper explores these concepts in greater detail, including the underlying architecture and practical considerations for implementation.

Sign up for the GASA newsletter to receive regular updates on scam prevention, research, and best practices.
Apr 21, 2026
4 minute read
Category
Research Topic - Fraud Prevention Region - Global Topic - Scam Detection Region - North America Industry - Big Tech / Social Media
Written by
Global Anti-Scam Alliance (GASA)
Global Anti-Scam Alliance (GASA)
Share article

Latest blogs & research

Romance scams continue to grow worldwide, exploiting trust, emotional vulnerability, and online relationships to manipulate victims into financial and emotional harm. Timed around Brazil’s Valentine’s Day period, the latest GASA meet-up, Golpes do Amor — Como eles acontecem e como se proteger, explored how these scams operate, why they are so effective, and how individuals can better recognise warning signs before becoming victims. Hosted by the Brazil Chapter of the Global Anti-Scam Alliance (GASA), the discussion highlighted findings from O Estado dos Golpes no Brasil. According to the report, romance scams have already affected 18 per cent of surveyed Brazilian adults, while 6 per cent of victims reported falling for this type of scam more than once. Beyond financial losses, speakers emphasised the severe emotional consequences victims often experience, including shame, trauma, and loss of trust. Read the Report – O Estado dos Golpes no Brasil Speakers: Rose Leonel, Journalist and Founder – ONG Marias da Internet Tanila Savoy, Founder – Associação Nacional de Vítimas da Internet (ANVINT) Lisandréa Salvariego Colabuono, Police Chief and Coordinator – NOAD, Polícia Civil de São Paulo Renata Salvini, Brazil Chapter Director – Global Anti-Scam Alliance A major focus of the discussion was the manipulation techniques commonly used in romance scams. Speakers explained how scammers frequently create convincing identities, often pretending to be foreigners, military personnel, or individuals living abroad, while avoiding in-person meetings and building emotional dependency over time. Urgency and financial pressure were highlighted as major warning signs, particularly when victims are pushed to act quickly or send money under emotional circumstances. The webinar also explored the lasting psychological impact of these crimes and reinforced that victims should never be blamed. Rose Leonel shared her personal story of transforming trauma into advocacy after becoming a victim of non-consensual intimate image sharing, an experience that ultimately contributed to the creation of the Rose Leonel Law in Brazil. Speakers stressed the importance of reporting scams, noting that even small details can assist investigations and help prevent future victims. The conversation reinforced the need for greater public awareness, victim support, and collaboration between civil society, law enforcement, and digital platforms to address emotionally manipulative fraud more effectively. Through initiatives like this meet-up, GASA continues working with experts and organisations worldwide to strengthen scam prevention and support victims of online fraud. Watch the full discussion below to learn how individuals and organisations can better recognise and respond to romance scams.

Romance Scams in Brazil: Warning Signs and Prevention

Experts from Brazil discuss how romance scams work, their emotional impact, and how victims can protect themselves online.

Topic - Scam Awareness Video Event - GASA Meet-Ups Industry - Law Enforcement
Acción coordinada. Impacto real. México lidera el cambio

De Viena a la Acción: GASA México y UNODC México Cierran Brechas Operativas

GASA México y UNODC México formalizan un Acuerdo de Intercambio de Comunicaciones, convirtiendo los compromisos globales de Viena en acción coordinada contra el fraude.

News Topic - Fraud Policy Industry - Policy Makers Region - Latin America
un global fraud summit what comes next discussions

What the UN Global Fraud Summit Discussions Tell Us About What Comes Next

Watch expert discussions from the UN Global Fraud Summit on the industrialisation of fraud, global collaboration, public–private frameworks, and next steps for implementation.

Best Practices Industry - National Cyber Security Centers (NCSCs) Region - Europe Region - Global
gasa webinar

Game Over for Scammers: Regional Defenses Against Online Gambling–Related Scams

Experts from INTERPOL, ACMA, and DGOJ examine how gambling-related scams operate and how global enforcement is responding.

Region - Europe Video Topic - Fraud Policy Event - GASA Meet-Ups
22,000 Fraud Signals Bank Attack Trends – March 2026

What 22,000 Fraud & Cyber Crime Operator Signals Reveal About the State of Bank Attacks

Falkin's analysis of 22,661 fraud operator signals shows how bank attacks are evolving across regions, typologies, and AI-driven scam infrastructure.

Research Region - Global Scam Trends Topic - Fraud Research
Microsoft White Paper on Link Analysis and Digital Fingerprinting in Fraud Detection

Reinventing Fraud Detection Through Digital Fingerprinting and Link Analysis

A Microsoft white paper examines how digital fingerprinting and link analysis shift fraud detection from isolated events to connected, network-level intelligence.

Research Topic - Fraud Prevention Region - Global Topic - Scam Detection
gasa meet-up

On the Frontlines: Fighting AI-Powered Scams & Fraud

Experts from Microsoft, OpenAI, Google and C4ADS share how AI is shaping scams and how to fight back.

Topic - Fraud Prevention Region - Global Video Topic - Scam Detection

Telecoms on the Front Line: GASA at the Stimson Center Dialogue on Combating Scams

According to GASA’s Global State of Scams Report, telecommunications channels—voice and SMS in particular—remain a predominant “front door” for scams.

News Topic - Fraud Policy Region - North America Industry - Policy Makers