Abstract: Methods and systems are presented for cross-entity fraud mitigation. A refund request for a transaction between a first entity and a second entity is received via a network from a device of the first entity. A transaction history associated with an account of the first entity with a service provider is obtained. From the obtained transaction history, metadata relating to previous refund requests processed for previous transactions associated with the account of the first entity is extracted. The extracted metadata is evaluated to determine a risk score for the refund request received for the transaction, where the risk score indicating a risk of fraud associated with the refund request. A decision on authorization of the refund request is generated for the transaction, based on the risk score. A notification of the decision is transmitted via the network to a device of the second entity.

Abstract: Techniques are disclosed relating to methods that include a process, executing on a computer system, receiving a request to access a website, and altering the request to include one or more characteristics of anti-malware scanners. The method further includes the process sending the altered request to the website, and receiving a response to the altered request. The method also includes the process detecting whether the received response utilizes one of a known set of anti-malware cloaking techniques, and providing, based on the detecting, an output indicative of an outcome of the altered request.

Abstract: Methods and systems are presented for detecting malicious webpages based on dynamically configuring a device to circumvent one or more evasion techniques implemented within the malicious webpages. When a known malicious webpage is obtained, programming code of the known malicious webpage is analyzed to determine one or more evasion techniques implemented within the known malicious webpage. The one or more evasion techniques may cause a webpage classification engine to falsely classify the known malicious webpage as a non-malicious webpage. A software update is generated based on one or more feature parameters extracted from the one or more evasion techniques. The software update is used to for modify the webpage classification engine such that the webpage classification engine would correctly classify the known malicious webpage.

Abstract: Methods and systems are presented for detecting malicious webpages based on dynamically configuring a device to circumvent one or more evasion techniques implemented within the malicious webpages. When a known malicious webpage is obtained, programming code of the known malicious webpage is analyzed to determine one or more evasion techniques implemented within the known malicious webpage. The one or more evasion techniques may cause a webpage classification engine to falsely classify the known malicious webpage as a non-malicious webpage. A software update is generated based on one or more feature parameters extracted from the one or more evasion techniques. The software update is used to for modify the webpage classification engine such that the webpage classification engine would correctly classify the known malicious webpage.