Skip to main content

Risk Warning: CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 83% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money. Please click here to read our full Risk Warning.

79% of retail investor accounts lose money when trading CFDs with this provider.

Risk Warning: CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 83% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money. Please click here to read our full Risk Warning.

79% of retail investor accounts lose money when trading CFDs with this provider.

What is anomaly detection in account security?

Anomaly detection identifies unusual account activity that may indicate security risks or unauthorised access attempts. It is a specialised component of the platform's broader risk control framework that uses automated algorithms and pattern recognition to continuously compare current account behaviour against established baselines, flagging any activity that deviates significantly from what is considered normal for that particular user.

The system builds a behavioural profile for each account based on historical patterns — including typical login times and locations, usual device types and browsers, regular trading activity levels, and standard transaction sizes and frequencies. When an event occurs that does not fit this profile, the anomaly detection system flags it for further evaluation. For example, a login from a country where the user has never previously accessed their account, a series of rapid transactions that are inconsistent with the account's typical activity, multiple failed password attempts in quick succession, or a withdrawal request to a payment method that has not been used before could all trigger an anomaly alert. Each of these scenarios may be perfectly legitimate, but they could also indicate that someone other than the account holder is attempting to access or misuse the account.

When an anomaly is detected, the system can respond in several ways depending on the severity and nature of the flagged activity. Low-risk anomalies may simply be logged for review, while higher-risk events may trigger immediate protective measures such as requesting additional verification, temporarily restricting the flagged action, or sending a real-time notification to the account holder, alerting them to the unusual activity. This layered response approach helps protect users from potential threats while minimising unnecessary disruption to legitimate account use. Users who receive anomaly-related notifications should review them carefully and respond promptly, confirming the activity if it was intentional, or reporting it immediately if it was not. Keeping security features such as two-factor authentication enabled and maintaining consistent account usage patterns both help the anomaly detection system function more accurately and effectively.