CN117151736A - Anti-email fraud management early warning method and system - Google Patents

Abstract

The embodiment of the invention relates to the technical field of telecommunications, and discloses a reverse electricity fraud management early warning method, which comprises the following steps: receiving first cable data transmitted by a security management anti-electricity fraud internal system, wherein the first cable data is obtained through privacy calculation; and/or receiving second clue data transmitted by the financial terminal system, wherein the second clue data is obtained through privacy calculation; transmitting the first wire rope data and the second wire rope data to a pre-built anti-electricity fraud model to perform early warning identification so as to obtain a corresponding early warning identification result; and feeding back the early warning recognition result to the intelligent terminal of the corresponding user to carry out early warning reminding. According to the anti-electricity fraud management early warning method, on the premise of ensuring data safety, real-time mutual transmission and intercommunication of safety management data and financial institution data can be achieved, a fraud-involved account, a potential fraud-involved account and a potential victim account are analyzed and mined through a data technology, timely early warning is conducted, and the risk of telecommunication fraud is reduced.

Description

Anti-email fraud management early warning method and system

Technical field

The invention relates to the field of telecommunications technology, and specifically relates to an anti-email fraud management early warning method and system.

Background technique

With the development and popularization of communications and networks, more and more transactions are conducted through the Internet. The extensive application of Internet transactions has also given telecom network fraudsters an opportunity to take advantage of it, causing telecom network fraud to increasingly become a major hazard that threatens public property and social stability. With the continuous intensification of criminal crackdowns and legal publicity, telecommunications network fraud has been curbed to a certain extent. However, for some new electronic fraud methods, there is still no way to feedback them to financial institutions in a timely and efficient manner to ensure the safety of users' property. The entire process is cumbersome, which leads to lag in electronic fraud management and control, which in turn makes it impossible to effectively utilize data; ultimately, financial institutions have to pay attention to telecommunications fraud. management capabilities are relatively weak. Therefore, designing an anti-email fraud scheme capable of efficient prediction has become an urgent technical problem to be solved by those skilled in the art.

Contents of the invention

In view of the above defects, embodiments of the present invention disclose an anti-email fraud management early warning method, which can realize real-time mutual transmission and interoperability of security management data and financial institution data on the premise of ensuring data security, and mine out data through data technology analysis. Fraud-related accounts, potential fraud-related accounts and potential victim accounts, and provide timely warnings to reduce the risk of telecommunications fraud.

The first aspect of the embodiment of the present invention discloses an anti-email fraud management and early warning method, which includes:

Receive the first clue data transmitted by the security management anti-email fraud internal system, wherein the first clue data is obtained through privacy calculation; and/or receive the second clue data transmitted by the financial terminal system, wherein the second clue data The data is obtained through privacy calculation;

Transmitting the first clue data and the second clue data to a pre-built anti-email fraud model for early warning identification to obtain corresponding early warning identification results;

The early warning identification result is fed back to the corresponding user's smart terminal for early warning reminder; or the early warning identification result is fed back to the corresponding safety management system for early warning reminder.

As an optional implementation manner, in the first aspect of the embodiment of the present invention, the anti-email fraud model is constructed through the following steps:

Receive fraud information sets that are classified as telecommunications fraud transmitted by the security management anti-telephone fraud internal system;

Analyze and process the fraud information set to obtain multiple anti-fraud derivative indicators;

An anti-e-mail fraud model is constructed based on multiple anti-fraud derivative indicators.

As an optional implementation manner, in the first aspect of the embodiment of the present invention, the fraud information set includes user information data and the mobile terminal information data, and the fraud information set is analyzed and processed to obtain multiple Anti-fraud derivative indicators, including:

Obtain user behavior characteristics and device characteristics respectively according to the user information data and the mobile terminal information data;

According to the user behavior characteristics and device characteristics, characteristics changes before, during, and after the telecommunications fraud case occur are determined; and multiple anti-fraud derivative indicators are generated based on the characteristic changes.

As an optional implementation, in the first aspect of the embodiment of the present invention, the anti-electronic fraud model includes a card extraction model involved in the case, a first potential electronic fraud account model, a second potential electronic fraud account model and a potential victim. One or more of the models.

As an optional implementation manner, in the first aspect of the embodiment of the present invention, receiving the second clue data transmitted by the financial terminal system includes:

Receive the second clue data transmitted by the corresponding registered user at the financial terminal system; the registered user is registered and determined through the following steps:

Receive a user information group input by a user to be registered, where the user information group includes multiple user identity information, and the user identity information includes a mobile phone number, ID number, and bank card number;

Perform information verification on multiple user identity information in the user information group to determine whether they meet the registration conditions, and if so, determine that the registration is completed to obtain multiple registered users;

One registered user among the plurality of registered users is determined as the master user, and other users other than the master user are determined as slave users. The master user is used to receive early warning push information associated with the master user or the slave user.

As an optional implementation manner, in the first aspect of the embodiment of the present invention, after determining that registration is completed, the method further includes:

Receive protection configuration information input by the user, and associate the protection configuration information with the user information group.

The second aspect of the embodiment of the present invention discloses an anti-email fraud management early warning system, which includes:

Security management internal anti-email fraud system. The security management internal anti-email fraud system is used to interface with all systems within security management to collect security management system data, and perform privacy calculations on e-fraud data information associated with e-fraud behaviors. Transmit the electronic fraud data information after privacy calculation to the anti-electronic fraud center system through a dedicated network line;

Anti-email fraud middle platform system. The anti-email fraud middle platform system is used for data docking and interaction with the security management internal anti-email fraud system and the financial terminal system. The anti-email fraud middle platform system is also equipped with an anti-email fraud model. Used to identify and process the received data;

Financial terminal system. The financial terminal system is used to receive the middle-end data information transmitted by the anti-email fraud middle-end system and interface with the identity authentication module of the financial institution system. The identity authentication module includes a certificate authentication module and a face recognition module. and a fingerprint authentication module; the number of the financial terminal system is at least one.

As an optional implementation manner, in the second aspect of the embodiment of the present invention, the security management internal anti-email fraud system is provided with an offline data warehouse and a real-time data warehouse; the security management internal anti-email fraud system is also provided with There are business query module, data analysis module, model construction module, electronic fraud control module, monitoring and early warning module and police-enterprise linkage module.

A third aspect of the embodiment of the present invention discloses an electronic device, including: a memory storing executable program code; a processor coupled to the memory; the processor calls the executable program code stored in the memory , used to execute the anti-email fraud management early warning method disclosed in the first aspect of the embodiment of the present invention.

The fourth aspect of the embodiment of the present invention discloses a computer-readable storage medium that stores a computer program, wherein the computer program causes the computer to execute the anti-email fraud management early warning method disclosed in the first aspect of the embodiment of the present invention.

Compared with the prior art, the embodiments of the present invention have the following beneficial effects:

The anti-email fraud management early warning method in the embodiment of the present invention can realize real-time mutual transmission and interoperability of security management data and financial institution data on the premise of ensuring data security, and unearth fraud-related accounts and potential fraud-related accounts through data technology analysis. and potential victim accounts, and provide timely warnings to reduce the risk of telecommunications fraud.

Description of the drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings required in the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. Those of ordinary skill in the art can also obtain other drawings based on these drawings without exerting creative efforts.

Figure 1 is a schematic flow chart of the anti-email fraud management and early warning method disclosed in the embodiment of the present invention;

Figure 2 is a schematic flow chart of user registration disclosed in an embodiment of the present invention;

Figure 3 is a schematic flow chart of the construction of the anti-email fraud model disclosed in the embodiment of the present invention;

Figure 4 is a schematic structural diagram of an anti-email fraud management and early warning system provided by an embodiment of the present invention;

Figure 5 is an interactive schematic diagram of an anti-email fraud management and early warning system provided by an embodiment of the present invention;

Figure 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present invention.

Detailed ways

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the scope of protection of the present invention.

It should be noted that the terms "first", "second", "third", "fourth", etc. in the description and claims of the present invention are used to distinguish different objects, rather than to describe specific objects. order. The terms "comprising" and "having" and any variations thereof in the embodiments of the present invention are intended to cover non-exclusive inclusion. For example, a process, method, system, product or equipment that includes a series of steps or units is not necessarily limited to Those steps or elements that are expressly listed may instead include other steps or elements that are not expressly listed or that are inherent to the process, method, product or apparatus.

With the development and popularization of communications and networks, more and more transactions are conducted through the Internet. The extensive application of Internet transactions has also given telecom network fraudsters an opportunity to take advantage of it, causing telecom network fraud to increasingly become a major hazard that threatens public property and social stability. With the continuous intensification of criminal crackdowns and legal publicity, telecommunications network fraud has been curbed to a certain extent. However, for some new electronic fraud methods, there is still no way to feedback them to financial institutions in a timely and efficient manner to ensure the safety of users' property. The entire process is cumbersome, which leads to lag in electronic fraud management and control, which in turn makes it impossible to effectively utilize data; ultimately, financial institutions have to pay attention to telecommunications fraud. management capabilities are relatively weak. Based on this, embodiments of the present invention disclose anti-email fraud management early warning methods, systems, electronic devices and storage media, which can realize real-time mutual transmission and interoperability of security management data and financial institution data on the premise of ensuring data security. Through data Technical analysis unearths fraud-related accounts, potential fraud-related accounts, and potential victim accounts, and provides timely warnings to reduce the risk of telecommunications fraud.

After the Anti-Telecommunications Network Fraud Law was implemented and promulgated, it was clarified that security management and relevant financial institutions should bear the responsibilities of anti-telecommunications fraud. However, financial institutions and other institutions have weak capabilities to manage telecommunications fraud and the construction of technical systems is not perfect. In order to solve the above problems, this patent is based on the experience of security management cooperation projects to build a full-process anti-email fraud management, including but not limited to data storage, data technology, data transmission, system equipment, and terminal management. Committed to assisting security management in real-time control of electronic fraud cases, identifying and controlling potential fraud accounts. Empower financial institutions to improve their anti-electronic fraud capabilities and block the occurrence of electronic fraud crimes before, during and after the event.

Embodiment 1

Please refer to FIG. 1 , which is a schematic flow chart of an anti-email fraud management and early warning method disclosed in an embodiment of the present invention. Among them, the execution subject of the method described in the embodiment of the present invention is an execution subject composed of software or/and hardware. The execution subject can receive relevant information through wired or/and wireless means, and can send certain instructions. Of course, it can also have certain processing functions and storage functions. The execution subject can control multiple devices, such as remote physical servers or cloud servers and related software, or it can be a local host or server and related software that performs related operations on devices installed somewhere. In some scenarios, multiple storage devices can also be controlled, and the storage devices can be placed in the same place as the device or in different places.

As shown in Figure 1, the early warning method based on anti-email fraud management includes the following steps:

S101: Receive the first clue data transmitted by the security management anti-email fraud internal system, wherein the first clue data is obtained through privacy calculation; and/or receive the second clue data transmitted by the financial terminal system, wherein the first clue data The second clue data is obtained through privacy calculation;

This step mainly involves information interaction with the security management anti-email fraud internal system and the financial terminal system. The security of information can be greatly guaranteed through privacy computing, making data interaction between the security management system and financial institutions possible. .

There are some sensitive data in the security management system that are not easy to leak. For example, there are blacklists, graylists, white graylists (suspected victims/accounts), and new criminal graylists (suspicious accounts, suspicious persons). ), etc., based on the above data, more accurate risk matching screening can be achieved, thereby achieving early warning for subsequent users.

The privacy computing mentioned in the embodiment of the present invention refers to a type of information technology that implements data analysis and calculation on the premise of protecting the data itself from leakage, and includes the cross-fusion of many technical systems such as data science, cryptography, and artificial intelligence. Under the privacy computing framework, the data of participants does not leave the local area. While protecting data security, multi-party data collaborative application and joint calculation are realized, which solves the contradiction of using data and protecting data. The goal of privacy computing is the separation of data ownership and data usage rights. Meets the data security requirements of the security management system.

Privacy computing is mainly cryptography as the core, which includes multi-party secure computing, differential privacy, and homomorphic encryption; multi-party secure computing is a representative of privacy computing with cryptography as the core. Its main logic is that in the absence of a reliable third party Under this method, all parties encrypt their own data before calculating together. Each participant cannot know the information input by other parties and can only get the calculation results. Differential privacy is a method in cryptography that adds random noise to query results to ensure that the public output results will not leak individual data set ownership information, making it impossible for attackers to infer individual samples through publicly released results. of private information to achieve privacy protection. Homomorphic encryption refers to first performing basic encryption operations on data, and then directly using the encrypted data to perform operations (general encryption cannot perform operations), and the calculation results obtained in this way are calculated using the same operation method as the original data. The results obtained are consistent, that is, calculating first and then decrypting is equivalent to decrypting first and then calculating. In this way, the original data can be protected from being known, and the computing party can complete the computing task while saving decryption costs.

The trusted execution environment implements data protection on hardware. Its core idea is to build a trusted, isolated and confidential space that exists independently of the operating system. Data calculations can only be performed within this secure environment. By relying on trusted hardware to ensure its safety. Without the authorization code, operations such as accessing data cannot be performed. This is equivalent to isolating data from the outside world, which is also the most essential attribute of a trusted execution environment. The execution space provided by the trusted execution environment is more secure, has richer functions than the security chip, and does not impose computability restrictions on the algorithmic logic language in the privacy area. However, since this technology is implemented on hardware, it requires full trust in the hardware, that is, there are high credibility requirements for the manufacturers that provide the hardware.

Since it involves multi-terminal information interaction, federated learning is required during specific implementation. The essence of federated learning is distributed machine learning. On the basis of ensuring data privacy and security, joint modeling is achieved and the effect of the model is improved. . Federated learning does not require participants to transfer data to the central model for calculation. Instead, after training a small model locally, the trained model and the models trained by other parties are passed to the system platform for integration and debugging to achieve optimization. Purpose. This method not only keeps the data local, but also achieves the purpose of joint calculation and modeling. Federated learning is divided into three types according to the characteristics of the data: 1. Horizontal federated learning, which uses joint calculation scenarios between data sets that have more overlap with features but less overlap with samples; 2. vertical federated learning, which is more suitable for scenarios with more overlap between samples , and the scenario of joint calculation between data sets with less feature overlap. 3. Federated transfer learning is suitable for scenarios where there is little overlap in samples and features between data sets. In such a scenario, the data is no longer segmented, but transfer learning is used to make up for the lack of data or labels. Through the above method, it is possible to ensure data security and meet the needs of model construction.

More preferably, said receiving the second clue data transmitted by the financial terminal system includes:

Receive the second clue data transmitted by the corresponding registered user at the financial terminal system; Figure 2 is a schematic flow chart of user registration disclosed in an embodiment of the present invention. As shown in Figure 2, the registered user is registered and determined through the following steps:

S1011: Receive the user information group input by the user to be registered, the user information group includes multiple user identity information, and the user identity information includes mobile phone number, ID card number and bank card number;

S1012: Perform information verification on multiple user identity information in the user information group to determine whether they meet the registration conditions. If so, determine that the registration is completed to obtain multiple registered users;

S1013: Determine one of the multiple registered users as the master user, and determine other users other than the master user as slave users. The master user is used to receive early warning push information associated with the master user or the slave user.

That is to say, when implementing registration, we can provide family-based anti-email fraud service registration, and then carry out subsequent early warning settings.

With the authorization of citizens, Internet platforms and operators build fraud and intrusion analysis models based on their own ecological data to promptly discover the risk of fraud for citizens who have registered for services and push early warnings to the banking platform in real time. After receiving the early warning from the technical service provider, the Xingfang platform will push the information to the family members of the number. After seeing the information, the members will click on the information to confirm and persuade the parties concerned. If family members do not respond to the warning information within 2 hours, the bank operation will contact and communicate with the parties.

Because the registration of the plan is for individuals, but because individuals generally do not think that they will be cheated, registrants are less willing to take the initiative to register; however, for individual users, they may worry that their parents or partners will be cheated temporarily. So there is even more incentive to sign up for services for others. Especially if there are elderly people at home, as long as they are registered, they can be associated with their child users, and then the child users can also receive timely warning information for the elderly accounts. On the one hand, it can provide the number of registered users, and on the other hand, because The increase in the number of registered users will make the data obtained more complete, thus enabling better early warnings. Since a variety of information is associated during registration, financial institutions can more conveniently contact other family members associated with the account owner, which can further enhance the security of transactions.

More preferably, after the confirmation of registration is completed, it also includes:

Receive protection configuration information input by the user, and associate the protection configuration information with the user information group.

That is to say, when configuring protection, you can set a 24-hour delay for account payment, or set daily limits for account security protection.

S102: Transmit the first clue data and the second clue data to the pre-built anti-email fraud model for early warning identification to obtain corresponding early warning identification results;

More preferably, Figure 3 is a schematic flow chart of the construction of the anti-email fraud model disclosed in the embodiment of the present invention. As shown in Figure 3, the anti-email fraud model is constructed through the following steps:

S1021: Receive the fraud information set that is classified as telecommunications fraud transmitted by the security management anti-telephone fraud internal system;

S1022: Analyze and process the fraud information set to obtain multiple anti-fraud derivative indicators;

S1023: Construct an anti-email fraud model based on multiple anti-fraud derivative indicators.

More preferably, the fraud information set includes user information data and the mobile terminal information data, and the fraud information set is analyzed and processed to obtain multiple anti-fraud derivative indicators, including:

Obtain user behavior characteristics and device characteristics respectively according to the user information data and the mobile terminal information data;

According to the user behavior characteristics and device characteristics, characteristics changes before, during, and after the telecommunications fraud case occur are determined; and multiple anti-fraud derivative indicators are generated based on the characteristic changes.

More preferably, the anti-electronic fraud model includes one or more of a card extraction model involved in the case, a first potential electronic fraud account model, a second potential electronic fraud account model, and a potential victim model.

During specific implementation, different identification models can be constructed for multiple different anti-fraud derivative indicators, which can achieve more precise positioning, rather than building an anti-fraud model in a broad sense. The model construction here requires in-depth cooperation with the security management system, an in-depth understanding of the anti-email fraud business of security management, and the completion of documents such as demand analysis, demand confirmation, and demand design based on the anti-email fraud business needs; during specific implementation, it is necessary to cooperate with the criminal investigation The anti-email fraud expert team analyzed different cases of e-fraud and completed analysis report materials related to e-fraud. Through the mining and analysis of fraud-related accounts in e-fraud cases, they extracted the transaction behavior, address displacement, and transaction behavior of fraud-related accounts and potential victims. Behavioral characteristics in dimensions such as login operations and communication equipment, analyze the changes in characteristics before, during and after the occurrence of electronic fraud cases, build multiple data models, output the comprehensive score of the account's black-related risk, and analyze the comprehensive score for those whose comprehensive score exceeds the threshold. Account management and control. Technical management includes comprehensive analysis of various data sources, designing derived indicators, outputting analysis report documents, in-depth analysis with the security management anti-email fraud team, and using big data algorithms to complete the card purification model involved and dig out potential e-fraud accounts in advance. model, a model for mining potential electronic fraud accounts and a model for mining potential victims during the event.

In addition to the above indicator construction methods, portraits can also be constructed, and then accurate risk matching can be performed based on specific portrait data; for example, if it is targeted at fraudsters, it can be determined that the fraud profile includes equipment information, consumption information, electricity business data, operating behavior, transaction flow, asset information, and basic attributes; if it is for credit card agents, it can be determined that the loan credit card agent portrait includes basic attributes, loan information, credit records, asset information, equipment information, communication information, and consumption information , overdue information; based on the above information, the construction of the portrait model and subsequent early warning matching are carried out.

S103: Feed back the early warning identification result to the corresponding user's smart terminal for early warning reminder; or feed back the early warning identification result to the corresponding security management system for early warning reminder.

Generally, if it is targeted at individual users or financial clients, the corresponding information can be pushed directly to the corresponding smart terminal, so that individual users can know that their accounts are at risk. Or another way is to target the security management system. By collecting big data, specific abnormal accounts can be accurately identified, that is, the account information of the fraudster, and then the corresponding account information is sent to the security management system for processing. Further monitoring.

The data security guarantee of the embodiment of the present invention includes limited data dimensions (based on planning needs, collecting data in specific scenarios according to security management requirements, strictly controlling data dimensions and content to prevent excessive collection of information), private network dedicated (connecting to the network through dedicated lines, Dedicated private network, isolation from external networks, preventing network intrusion and data leakage), improving security management (establishing a data security management mechanism, backup and disaster recovery mechanism, strictly controlling data access permissions, and ensuring data security), encrypted transmission (encrypted data transmission to ensure Data transmission security, preventing data theft), etc.

Through the solution of the embodiment of the present invention, the data barriers between security management and financial institutions are opened, and the technical analysis related to the field of electronic fraud is integrated. The system is used as a carrier and the secret calculation method is used to realize the interconnection between police and enterprises; the security management anti-electronic fraud experience of many years is refined. Experience is transformed into professional model technology to empower financial institutions to control electronic fraud; simplify the electronic fraud management process, and use systems and dedicated lines to automatically discover potential fraud accounts, automatically control and handle electronic fraud accounts, and provide early warning to potential victims and other functions. Monitor and intervene in electronic fraud criminal activities in real time, and block the occurrence of electronic fraud crimes at multiple levels.

The anti-email fraud management early warning method in the embodiment of the present invention can realize real-time mutual transmission and interoperability of security management data and financial institution data on the premise of ensuring data security, and unearth fraud-related accounts and potential fraud-related accounts through data technology analysis. and potential victim accounts, and provide timely warnings to reduce the risk of telecommunications fraud.

Embodiment 2

Please refer to Figures 4 and 5. Figure 4 is a schematic structural diagram of an anti-email fraud management and early warning system disclosed in an embodiment of the present invention. Figure 5 is an interactive schematic diagram of an anti-email fraud management and early warning system provided by an embodiment of the present invention.

As shown in Figures 4 and 5, the anti-email fraud management early warning system can include:

Security management internal anti-email fraud system. The security management internal anti-email fraud system is used to interface with all systems within security management to collect security management system data, and perform privacy calculations on e-fraud data information associated with e-fraud behaviors. Transmit the electronic fraud data information after privacy calculation to the anti-electronic fraud center system through a dedicated network line;

Anti-email fraud middle platform system. The anti-email fraud middle platform system is used for data docking and interaction with the security management internal anti-email fraud system and the financial terminal system. The anti-email fraud middle platform system is also equipped with an anti-email fraud model. Used to identify and process the received data;

Financial terminal system. The financial terminal system is used to receive the middle-end data information transmitted by the anti-email fraud middle-end system and interface with the identity authentication module of the financial institution system. The identity authentication module includes a certificate authentication module and a face recognition module. and a fingerprint authentication module; the number of the financial terminal system is at least one.

More preferably, the security management internal anti-email fraud system is provided with an offline data warehouse and a real-time data warehouse; the security management internal anti-email fraud system is also provided with a business query module, a data analysis module, a model construction module, and an e-mail fraud module. Fraud control module, monitoring and early warning module and police-enterprise linkage module.

The solutions of the embodiments of the present invention include but are not limited to data analysis, data modeling design and deployment, system function design, data warehouse construction and disposal strategies. Comprehensively and systematically sort out all security management data sources, complete the construction of offline data warehouses and real-time data warehouses, and complete automatic data cleaning; support access to data such as national big data platforms, internal security management systems, and offline clues of financial institutions.

The data warehouse mentioned in the embodiment of the present invention is designed to solve the limited load of the database and meet the new analysis needs of the enterprise. If data wants to be migrated from various databases to a unified data warehouse, it needs to undergo extraction, transformation, and loading (ETL), and finally transform into structured/semi-structured data that can be directly analyzed by business personnel. Behind the data warehouse, enterprises commonly use BI to analyze data, generate reports, and assist decision-making. Data warehouse is a product that "implements data model construction for enterprises". Data warehouse stores structured and semi-structured data, so who should store unstructured data? Yes, it is the data platform. The data platform was created to solve the problem that the data warehouse cannot handle unstructured data and the report development cycle is long. It first extracts all data formats of the enterprise and puts them together to form a large data set, and then based on business needs , extract small data sets separately and provide them to data applications. Big data platform is the conceptual derivative of data platform in the big data era, and its functions are far better than those of data platform. The big data platform is a technology stack that mainly handles scenarios such as massive data storage, calculation, and real-time calculation of streaming data. It includes data collection, data storage, data calculation, data application, and task scheduling. The most typical one is built based on the Hadoop ecosystem. Big data platform. Under the pressure of computing and storage of unstructured data, real-time data and massive data, companies choose to shift from data warehouses to big data platforms.

The middle stage is relative to the "front stage and back stage". The front desk deals directly with users, including interfaces for users to interact directly, such as mobile apps, and business logic for the server to respond to user requests, such as product inquiries. Although the backend is invisible to users, it is indispensable, including the management system and configuration system for internal operations personnel. The backend provides configuration for the frontend. The data warehouse counts as a product, the big data platform counts as a platform, and the data center counts as a mechanism. Compared with data warehouses and big data platforms, the data center is closer to the business. The development and construction of data middle platform can be based on either a data warehouse or a big data platform. The difference lies in whether the enterprise's data application scenarios are diversified.

The embodiment of the present invention builds an anti-email fraud master control middle-end system to realize the docking of data management and technical management, and complete the required function development; realize the dedicated line docking of the upstream security management internal system, data secret calculation and transmission; realize the downstream external financial institution terminal Dedicated line connection, data secret calculation and transmission, and different business permissions set according to different financial institutions. Build an internal anti-email fraud system for security management, combine the actual needs of security management, realize the docking of data management and technical management, and complete the required functional development; as an upstream system, it is responsible for docking all internal systems of security management to achieve data collection; output e-mail fraud Relevant core data information is transmitted to the anti-email fraud master control center through secret calculations. Build a terminal system that is responsible for receiving data information from the central anti-email fraud control center, and is responsible for connecting certificate authentication, face recognition, fingerprint authentication and other functions for financial institution system access. After passing, the user is allowed to use some functions of the anti-email fraud control platform. In terms of electronic fraud control, both security management and financial institutions need to assume the responsibility of managing electronic fraud accounts and conduct timely financial management of discovered potential telecom fraud accounts and potential victims. Through the interaction of real-time data, the efficiency of police-enterprise linkage can be improved and the harm of fraud to society can be reduced.

The anti-email fraud management early warning method in the embodiment of the present invention can realize real-time mutual transmission and interoperability of security management data and financial institution data on the premise of ensuring data security, and unearth fraud-related accounts and potential fraud-related accounts through data technology analysis. and potential victim accounts, and provide timely warnings to reduce the risk of telecommunications fraud.

Embodiment 3

Please refer to FIG. 6 , which is a schematic structural diagram of an electronic device disclosed in an embodiment of the present invention. Electronic devices can be computers and servers. Of course, under certain circumstances, they can also be smart devices such as mobile phones, tablets, and monitoring terminals, as well as image acquisition devices with processing functions. As shown in Figure 6, the electronic device may include:

Memory 510 storing executable program code;

processor 520 coupled to memory 510;

The processor 520 calls the executable program code stored in the memory 510 to execute some or all of the steps in the anti-email fraud management early warning method in Embodiment 1.

An embodiment of the present invention discloses a computer-readable storage medium that stores a computer program, wherein the computer program causes the computer to execute some or all of the steps in the anti-email fraud management early warning method in Embodiment 1.

An embodiment of the present invention also discloses a computer program product, wherein when the computer program product is run on a computer, the computer is caused to execute some or all of the steps in the anti-email fraud management early warning method in Embodiment 1.

An embodiment of the present invention also discloses an application publishing platform, wherein the application publishing platform is used to publish computer program products, wherein when the computer program product is run on a computer, the computer is caused to execute the anti-email fraud management early warning method in Embodiment 1. some or all of the steps.

In various embodiments of the present invention, it should be understood that the size of the sequence numbers of each process does not necessarily mean the order of execution. The execution order of each process should be determined by its function and internal logic, and should not be used in the present invention. The implementation of the examples does not constitute any limitations.

The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or they may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of this embodiment.

In addition, each functional unit in various embodiments of the present invention may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The integrated unit can be implemented in the form of hardware or software functional units.

If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-accessible memory. Based on this understanding, the technical solution of the present invention is essentially, or the part that contributes to the existing technology, or all or part of the technical solution, can be embodied in the form of a software product, and the computer software product is stored in a memory , including several requests to cause a computer device (which can be a personal computer, a server or a network device, etc., specifically a processor in a computer device) to execute part or all of the steps of the method described in various embodiments of the present invention.

In the embodiments provided by the present invention, it should be understood that "B corresponding to A" means that B is associated with A, and B can be determined based on A. However, it should also be understood that determining B based on A does not mean determining B only based on A. B can also be determined based on A and/or other information.

Those of ordinary skill in the art can understand that some or all of the steps in the various methods of the embodiments can be completed by instructing relevant hardware through a program. The program can be stored in a computer-readable storage medium, and the storage medium includes only Read-Only Memory (ROM), Random Access Memory (RAM), Programmable Read-only Memory (PROM), Erasable Programmable Read-Only Memory (EPROM), One-time Programmable Read-Only Memory (OTPROM), Electronically Erasable Programmable Read-Only Memory (EEPROM), Read-Only Disc ( CompactDisc Read-Only Memory (CD-ROM) or other optical disk storage, magnetic disk storage, magnetic tape storage, or any other computer-readable medium that can be used to carry or store data.

The anti-email fraud management early warning method, system, electronic equipment and storage medium disclosed in the embodiments of the present invention have been introduced in detail. This article uses specific examples to illustrate the principles and implementation methods of the present invention. The description of the above embodiments is only It is used to help understand the method and its core idea of the present invention; at the same time, for those of ordinary skill in the field, there will be changes in the specific implementation and application scope according to the idea of the present invention. In summary, this The content of the description should not be construed as limiting the invention.

Claims (10)

1. An anti-email fraud management early warning method, which is characterized by including: Receive the first clue data transmitted by the security management anti-email fraud internal system, wherein the first clue data is obtained through privacy calculation; and/or receive the second clue data transmitted by the financial terminal system, wherein the second clue data The data is obtained through privacy calculation; Transmitting the first clue data and the second clue data to a pre-built anti-email fraud model for early warning identification to obtain corresponding early warning identification results; The early warning identification result is fed back to the corresponding user's smart terminal for early warning reminder; or the early warning identification result is fed back to the corresponding safety management system for early warning reminder. 2. The anti-email fraud management and early warning method as claimed in claim 1, characterized in that the anti-email fraud model is constructed through the following steps: Receive fraud information sets that are classified as telecommunications fraud transmitted by the security management anti-telephone fraud internal system; Analyze and process the fraud information set to obtain multiple anti-fraud derivative indicators; An anti-e-mail fraud model is constructed based on multiple anti-fraud derivative indicators. 3. The anti-email fraud management early warning method according to claim 2, wherein the fraud information set includes user information data and the mobile terminal information data, and the fraud information set is analyzed and processed to obtain Multiple anti-fraud derivative indicators, including: Obtain user behavior characteristics and device characteristics respectively according to the user information data and the mobile terminal information data; According to the user behavior characteristics and device characteristics, characteristics changes before, during, and after the telecommunications fraud case occur are determined; and multiple anti-fraud derivative indicators are generated based on the characteristic changes. 4. The anti-electronic fraud management early warning method according to claim 2, characterized in that the anti-electronic fraud model includes a card extraction model involved in the case, a first potential electronic fraud account model, a second potential electronic fraud account model and potential victimization. One or more types of human models. 5. The anti-email fraud management early warning method according to claim 1, characterized in that said receiving the second clue data transmitted by the financial terminal system includes: Receive the second clue data transmitted by the corresponding registered user at the financial terminal system; the registered user is registered and determined through the following steps: Receive a user information group input by a user to be registered, where the user information group includes multiple user identity information, and the user identity information includes a mobile phone number, ID number, and bank card number; Perform information verification on multiple user identity information in the user information group to determine whether they meet the registration conditions, and if so, determine that the registration is completed to obtain multiple registered users; One registered user among the plurality of registered users is determined as the master user, and other users other than the master user are determined as slave users. The master user is used to receive early warning push information associated with the master user or the slave user. 6. The anti-email fraud management early warning method according to claim 5, characterized in that, after the confirmation of registration is completed, it further includes: Receive protection configuration information input by the user, and associate the protection configuration information with the user information group. 7. An anti-email fraud management early warning system, which is characterized by including: Security management internal anti-email fraud system. The security management internal anti-email fraud system is used to interface with all systems within security management to collect security management system data, and perform privacy calculations on e-fraud data information associated with e-fraud behaviors. Transmit the electronic fraud data information after privacy calculation to the anti-electronic fraud center system through a dedicated network line; Anti-email fraud middle platform system. The anti-email fraud middle platform system is used for data docking and interaction with the security management internal anti-email fraud system and the financial terminal system. The anti-email fraud middle platform system is also equipped with an anti-email fraud model. Used to identify and process the received data; Financial terminal system. The financial terminal system is used to receive the middle-end data information transmitted by the anti-email fraud middle-end system and interface with the identity authentication module of the financial institution system. The identity authentication module includes a certificate authentication module and a face recognition module. and a fingerprint authentication module; the number of the financial terminal system is at least one. 8. The anti-email fraud management early warning system as claimed in claim 7, characterized in that the security management internal anti-email fraud system is provided with an offline data warehouse and a real-time data warehouse; the security management internal anti-email fraud system also It is equipped with business query module, data analysis module, model construction module, electronic fraud control module, monitoring and early warning module and police-enterprise linkage module. 9. An electronic device, characterized in that it includes: a memory storing executable program code; a processor coupled to the memory; the processor calls the executable program code stored in the memory, using To implement the anti-email fraud management early warning method described in any one of claims 1 to 6. 10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program, wherein the computer program causes the computer to execute the anti-email fraud management early warning described in any one of claims 1 to 6 method.