Betrugsbuchungsdetektor: Nutzung von KI zur Identifizierung verdächtiger Reisebuchungen
Experte
Dies ist ein SecOps, AI Summarization-Bereich Automatisierungsworkflow mit 20 Nodes. Hauptsächlich werden If, Set, Code, Gmail, Webhook und andere Nodes verwendet. Betrugsbuchungserkennung: Erkennung verdächtiger Reisebuchungen mit Google Gemini
Voraussetzungen
- •Google-Konto + Gmail API-Anmeldedaten
- •HTTP Webhook-Endpunkt (wird von n8n automatisch generiert)
- •Möglicherweise sind Ziel-API-Anmeldedaten erforderlich
- •Google Sheets API-Anmeldedaten
- •Google Gemini API Key
Verwendete Nodes (20)
Kategorie
Workflow-Vorschau
Visualisierung der Node-Verbindungen, mit Zoom und Pan
Workflow exportieren
Kopieren Sie die folgende JSON-Konfiguration und importieren Sie sie in n8n
{
"id": "MMiXWOQE8aw4OD3k",
"meta": {
"instanceId": "dd69efaf8212c74ad206700d104739d3329588a6f3f8381a46a481f34c9cc281",
"templateCredsSetupCompleted": true
},
"name": "Fraudulent Booking Detector: Identify Suspicious Travel Transactions with AI",
"tags": [],
"nodes": [
{
"id": "664a521a-7b7c-4a9a-ae3a-06cb326d6923",
"name": "Buchungstransaktion Webhook",
"type": "n8n-nodes-base.webhook",
"position": [
-1540,
120
],
"webhookId": "fraud-detection-webhook",
"parameters": {
"path": "fraud-detection",
"options": {},
"httpMethod": "POST",
"responseMode": "responseNode"
},
"typeVersion": 1
},
{
"id": "940ec478-de93-4595-a391-8aefb170b5d9",
"name": "Buchungsdaten extrahieren",
"type": "n8n-nodes-base.set",
"position": [
-1320,
120
],
"parameters": {
"values": {
"string": [
{
"name": "user_id",
"value": "={{ $json.body.user_id }}"
},
{
"name": "booking_amount",
"value": "={{$json.body.amount}}"
},
{
"name": "booking_time",
"value": "={{$json.body.timestamp}}"
},
{
"name": "ip_address",
"value": "={{$json.body.ip_address}}"
},
{
"name": "payment_method",
"value": "={{$json.body.payment_method}}"
},
{
"name": "booking_location",
"value": "={{$json.body.location}}"
},
{
"name": "session_id",
"value": "={{$json.body.session_id}}"
}
]
},
"options": {}
},
"typeVersion": 1
},
{
"id": "e138c720-be0f-4182-8cc7-a5b9ea0cfbd5",
"name": "IP-Geolokalisierungsprüfung",
"type": "n8n-nodes-base.httpRequest",
"position": [
-1120,
120
],
"parameters": {
"url": "=http://ip-api.com/json/{{$node['Extract Booking Data'].json['ip_address']}}",
"options": {}
},
"typeVersion": 1
},
{
"id": "5a9d3b88-ddb3-46dc-93f1-3f142cba5050",
"name": "Erweiterter Risikorechner",
"type": "n8n-nodes-base.code",
"position": [
-660,
120
],
"parameters": {
"jsCode": "const bookingData = $input.first();\nconst geoData = $node['IP Geolocation Check'].json;\nconst agentResponse = $node['AI Agent'].json.output;\n\n// Parse AI agent response\nlet aiAnalysis;\ntry {\n // Extract JSON from agent response\n const jsonMatch = agentResponse.match(/\\{[\\s\\S]*\\}/);\n if (jsonMatch) {\n aiAnalysis = JSON.parse(jsonMatch[0]);\n } else {\n throw new Error('No JSON found in response');\n }\n} catch (e) {\n console.error('AI Analysis parsing error:', e);\n // Fallback analysis\n aiAnalysis = {\n risk_score: 50,\n risk_level: 'MEDIUM',\n reasons: ['AI analysis parsing failed - manual review required'],\n fraud_indicators: ['System error'],\n recommendation: 'REVIEW'\n };\n}\n\n// Calculate additional rule-based risk factors\nlet additionalRiskScore = 0;\nlet riskFactors = [];\n\n// Amount-based risk assessment\nconst amount = parseFloat(bookingData.booking_amount);\nif (amount > 10000) {\n additionalRiskScore += 25;\n riskFactors.push('Very high transaction amount (>$10,000)');\n} else if (amount > 5000) {\n additionalRiskScore += 15;\n riskFactors.push('High transaction amount (>$5,000)');\n} else if (amount < 10) {\n additionalRiskScore += 10;\n riskFactors.push('Unusually low amount - potential testing');\n}\n\n// Geographic risk assessment\nif (geoData.country === 'Unknown' || geoData.status === 'fail') {\n additionalRiskScore += 20;\n riskFactors.push('IP geolocation failed or unknown');\n} else if (['TOR', 'VPN', 'Proxy'].includes(geoData.proxy || '')) {\n additionalRiskScore += 15;\n riskFactors.push('VPN/Proxy detected');\n}\n\n// Time-based pattern analysis\nconst bookingTime = new Date(bookingData.booking_time);\nconst hour = bookingTime.getHours();\nif (hour < 6 || hour > 23) {\n additionalRiskScore += 10;\n riskFactors.push('Unusual booking time (late night/early morning)');\n}\n\n// Payment method risk evaluation\nconst highRiskPayments = ['cryptocurrency', 'prepaid_card', 'gift_card', 'mobile_payment'];\nif (highRiskPayments.includes(bookingData.payment_method?.toLowerCase())) {\n additionalRiskScore += 15;\n riskFactors.push(`High-risk payment method: ${bookingData.payment_method}`);\n}\n\n// Combine AI score with rule-based score\nconst aiRiskScore = aiAnalysis.risk_score || 0;\nconst combinedRiskScore = Math.min(100, Math.round((aiRiskScore + additionalRiskScore) / 2));\n\n// Determine final risk level\nlet finalRiskLevel;\nif (combinedRiskScore >= 80) finalRiskLevel = 'CRITICAL';\nelse if (combinedRiskScore >= 40) finalRiskLevel = 'HIGH';\nelse if (combinedRiskScore >= 40) finalRiskLevel = 'MEDIUM';\nelse finalRiskLevel = 'LOW';\n\n// Combine all risk factors and indicators\nconst allRiskFactors = [...riskFactors, ...(aiAnalysis.reasons || [])];\nconst allFraudIndicators = [...(aiAnalysis.fraud_indicators || []), 'Rule-based analysis completed'];\n\n// Determine final recommendation\nlet finalRecommendation;\nif (finalRiskLevel === 'CRITICAL') finalRecommendation = 'BLOCK';\nelse if (finalRiskLevel === 'HIGH') finalRecommendation = 'REVIEW';\nelse finalRecommendation = 'APPROVE';\n\nreturn {\n user_id: bookingData.user_id,\n booking_amount: bookingData.booking_amount,\n risk_score: combinedRiskScore,\n risk_level: finalRiskLevel,\n recommendation: aiAnalysis.recommendation || finalRecommendation,\n risk_factors: allRiskFactors,\n fraud_indicators: allFraudIndicators,\n ai_analysis: aiAnalysis.reasons || ['No AI analysis available'],\n location: `${geoData.city || 'Unknown'}, ${geoData.country || 'Unknown'}`,\n ip_address: bookingData.ip_address,\n timestamp: new Date().toISOString(),\n session_id: bookingData.session_id,\n payment_method: bookingData.payment_method,\n ai_raw_score: aiRiskScore,\n rule_based_score: additionalRiskScore\n};"
},
"typeVersion": 1
},
{
"id": "dddfa887-aef3-4a39-8f39-6d6bf663cc47",
"name": "Kritische Risikoprüfung",
"type": "n8n-nodes-base.if",
"position": [
-440,
20
],
"parameters": {
"conditions": {
"string": [
{
"value1": "={{$json.risk_level}}",
"value2": "CRITICAL"
}
]
}
},
"typeVersion": 1
},
{
"id": "770d0bee-3c76-44d8-9636-95ce05a71ad0",
"name": "Hohe Risikoprüfung",
"type": "n8n-nodes-base.if",
"position": [
-440,
220
],
"parameters": {
"conditions": {
"string": [
{
"value1": "={{$json.risk_level}}",
"value2": "HIGH"
}
]
},
"combineOperation": "any"
},
"typeVersion": 1
},
{
"id": "da250ec0-9f4a-459a-8764-a54f18f1bee7",
"name": "Benutzerkonto sperren",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
-200,
0
],
"parameters": {
"url": "https://oneclicktracker.in/booking/fraud/block-user",
"options": {},
"requestMethod": "POST",
"bodyParametersUi": {
"parameter": [
{
"name": "user_id",
"value": "={{ $('Extract Booking Data').item.json.body.user_id }}"
}
]
}
},
"executeOnce": true,
"typeVersion": 1
},
{
"id": "0b8dd1bc-b61d-4fc1-a36f-6cac7505228e",
"name": "Zur Überprüfung kennzeichnen",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
-200,
380
],
"parameters": {
"url": "https://oneclicktracker.in/booking/fraud/flag-transaction",
"options": {},
"requestMethod": "POST",
"bodyParametersUi": {
"parameter": [
{
"name": "user_id",
"value": "={{ $('Extract Booking Data').item.json.body.user_id }}"
}
]
}
},
"executeOnce": true,
"typeVersion": 1
},
{
"id": "fe50e27a-a223-4d1e-926b-eb52b308cb0e",
"name": "In Google Sheets protokollieren",
"type": "n8n-nodes-base.googleSheets",
"position": [
0,
120
],
"parameters": {
"columns": {
"value": {},
"schema": [
{
"id": "user_id",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "user_id",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "booking_amount",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "booking_amount",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "risk_score",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "risk_score",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "risk_level",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "risk_level",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "recommendation",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "recommendation",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "risk_factors",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "risk_factors",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "fraud_indicators",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "fraud_indicators",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "ai_analysis",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "ai_analysis",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "location",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "location",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "ip_address",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "ip_address",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "timestamp",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "timestamp",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "session_id",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "session_id",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "payment_method",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "payment_method",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "ai_raw_score",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "ai_raw_score",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "rule_based_score",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "rule_based_score",
"defaultMatch": false,
"canBeUsedToMatch": true
}
],
"mappingMode": "autoMapInputData",
"matchingColumns": [],
"attemptToConvertTypes": false,
"convertFieldsToString": false
},
"options": {},
"operation": "append",
"sheetName": {
"__rl": true,
"mode": "list",
"value": "gid=0",
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/1mKhcdDnwEwzLlvjze_7A0D9KJNWt58ByOxM3mBm5mqA/edit#gid=0",
"cachedResultName": "Sheet1"
},
"documentId": {
"__rl": true,
"mode": "list",
"value": "1mKhcdDnwEwzLlvjze_7A0D9KJNWt58ByOxM3mBm5mqA",
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/1mKhcdDnwEwzLlvjze_7A0D9KJNWt58ByOxM3mBm5mqA/edit?usp=drivesdk",
"cachedResultName": "Fraud Detection data for flight"
},
"authentication": "serviceAccount"
},
"credentials": {
"googleApi": {
"id": "ScSS2KxGQULuPtdy",
"name": "Google Sheets- test"
}
},
"typeVersion": 4
},
{
"id": "2e8c8aed-cd8d-4ec3-83c7-9b3c351a216e",
"name": "Antwort senden",
"type": "n8n-nodes-base.respondToWebhook",
"position": [
220,
120
],
"parameters": {
"options": {},
"respondWith": "json",
"responseBody": "={\n \"status\": \"processed\",\n \"risk_level\": \"{{$node['Enhanced Risk Calculator'].json.risk_level}}\",\n \"risk_score\": {{$node['Enhanced Risk Calculator'].json.risk_score}},\n \"recommendation\": \"{{$node['Enhanced Risk Calculator'].json.recommendation}}\",\n \"message\": \"Transaction analyzed: {{$node['Enhanced Risk Calculator'].json.risk_level}} risk detected\",\n \"actions_taken\": \"{{$node['Enhanced Risk Calculator'].json.risk_level === 'CRITICAL' ? 'User blocked, critical alert sent' : $node['Enhanced Risk Calculator'].json.risk_level === 'HIGH' ? 'Flagged for review, alert sent' : 'Logged for monitoring'}}\",\n \"fraud_indicators_count\": {{$node['Enhanced Risk Calculator'].json.fraud_indicators.length}},\n \"session_id\": \"{{ $('Extract Booking Data').item.json.body.session_id }}\"\n}"
},
"typeVersion": 1
},
{
"id": "2f2735be-f13e-4067-9bd5-e1a2c31abfc4",
"name": "KI-Agent",
"type": "@n8n/n8n-nodes-langchain.agent",
"position": [
-960,
120
],
"parameters": {
"text": "=Analyze this booking transaction for potential fraud patterns and suspicious behavior:\\n\\n**Transaction Details:**\\n- User ID: {{$node['Extract Booking Data'].json['user_id']}}\\n- Amount: ${{$node['Extract Booking Data'].json['booking_amount']}}\\n- Booking Time: {{$node['Extract Booking Data'].json['booking_time']}}\\n- IP Location: {{$node['IP Geolocation Check'].json['city']}}, {{$node['IP Geolocation Check'].json['country']}}\\n- Payment Method: {{$node['Extract Booking Data'].json['payment_method']}}\\n- Session ID: {{$node['Extract Booking Data'].json['session_id']}}\\n\\n**Please provide your analysis in the following JSON format:**\\n{\\n \\\"risk_score\\\": [number between 0-100],\\n \\\"risk_level\\\": \\\"[LOW/MEDIUM/HIGH/CRITICAL]\\\",\\n \\\"reasons\\\": [\\\"reason1\\\", \\\"reason2\\\", \\\"reason3\\\"],\\n \\\"fraud_indicators\\\": [\\\"indicator1\\\", \\\"indicator2\\\"],\\n \\\"recommendation\\\": \\\"[APPROVE/REVIEW/BLOCK]\\\"\\n}",
"options": {
"systemMessage": "You are an advanced fraud detection AI specialist with expertise in identifying suspicious booking patterns and fraudulent transactions. Your role is to analyze booking data comprehensively and identify potential fraud indicators.\\n\\n**Analysis Framework:**\\n1. **Amount Analysis**: Evaluate transaction amounts for unusual patterns (too high, too low, round numbers)\\n2. **Temporal Patterns**: Check for suspicious timing (late night bookings, rapid successive transactions)\\n3. **Geographic Risk**: Assess location-based risks and IP geolocation inconsistencies\\n4. **Payment Method Risk**: Evaluate payment method security levels\\n5. **Behavioral Anomalies**: Identify unusual booking patterns or session behaviors\\n\\n**Risk Scoring Guidelines:**\\n- 0-25: LOW risk - Normal transaction patterns\\n- 26-50: MEDIUM risk - Some concerning factors, monitor closely\\n- 51-75: HIGH risk - Multiple red flags, requires human review\\n- 76-100: CRITICAL risk - Severe fraud indicators, immediate action needed\\n\\n**Response Format**: Always respond with valid JSON containing risk_score, risk_level, reasons array, fraud_indicators array, and recommendation. Be specific and actionable in your analysis."
},
"promptType": "define"
},
"typeVersion": 1.9
},
{
"id": "fe64d367-c1b7-4d4b-b45c-bafce9d52948",
"name": "Google Gemini Chat Model",
"type": "@n8n/n8n-nodes-langchain.lmChatGoogleGemini",
"position": [
-960,
340
],
"parameters": {
"options": {},
"modelName": "=models/gemini-2.5-pro"
},
"credentials": {
"googlePalmApi": {
"id": "RvSkIBjP48ORJKhU",
"name": "Google Gemini(PaLM) Api account - test"
}
},
"typeVersion": 1
},
{
"id": "8eb4697e-38b8-4629-9169-28b34cd3fafb",
"name": "Workflow-Übersicht",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1160,
-580
],
"parameters": {
"width": 600,
"height": 200,
"content": "## Fraud Detection Workflow Overview\n\nThis workflow is designed to detect and manage fraudulent booking transactions by integrating various checks and AI-powered analysis. It processes incoming booking data, performs IP geolocation, enriches data with AI insights, calculates risk scores, and takes automated actions based on the risk level. Finally, it logs all transactions and sends appropriate notifications."
},
"typeVersion": 1
},
{
"id": "73367c54-cf16-4254-b9dd-0e8e2534235a",
"name": "Datenerfassungshinweise",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1560,
320
],
"parameters": {
"color": 4,
"width": 500,
"height": 240,
"content": "## 1. Initial Data Ingestion & Extraction\n\n- **Booking Transaction Webhook**: This node acts as the entry point for the workflow, receiving incoming booking transaction data via a `POST` request to the `/fraud-detection` endpoint.\n- **Extract Booking Data**: This `Set` node extracts key booking details (user ID, amount, timestamp, IP address, payment method, location, session ID) from the incoming webhook payload, making them easily accessible for subsequent nodes."
},
"typeVersion": 1
},
{
"id": "817d9283-4967-485e-be6a-323613db855d",
"name": "Geolokalisierungs- & KI-Hinweise",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1020,
480
],
"parameters": {
"color": 5,
"width": 600,
"height": 250,
"content": "## 2. IP Geolocation and AI Analysis\n\n- **IP Geolocation Check**: This `HTTP Request` node enriches the booking data by fetching geolocation details (city, country) based on the extracted IP address.\n- **AI Agent (Langchain)**: This AI Agent node uses the `Google Gemini Chat Model` to analyze the booking and geolocation data. It provides an AI-driven `risk_score`, `risk_level`, `reasons`, `fraud_indicators`, and `recommendation` in a structured JSON format.\n- **Google Gemini Chat Model**: This node provides the large language model capabilities to the AI Agent for fraud analysis."
},
"typeVersion": 1
},
{
"id": "a7fe1d15-9007-42b6-a2ec-f06cda926232",
"name": "Risikoberechnungshinweise",
"type": "n8n-nodes-base.stickyNote",
"position": [
-880,
-280
],
"parameters": {
"color": 6,
"width": 600,
"height": 260,
"content": "## 3. Risk Calculation and Decision Logic\n\n- **Enhanced Risk Calculator**: This `Code` node combines the AI-generated risk score with additional rule-based risk factors (e.g., amount, unusual time, payment method, IP geolocation status) to calculate a `combinedRiskScore` and `finalRiskLevel`.\n- **Critical Risk Check**: This `If` node checks if the `risk_level` is `CRITICAL`.\n- **High Risk Check**: This `If` node checks if the `risk_level` is `HIGH` or `MEDIUM`.\n\nBased on the risk level, the workflow branches into different paths for further action."
},
"typeVersion": 1
},
{
"id": "d5b0ffe4-cfdd-4c4b-a2a5-c57ea75b2193",
"name": "Aktions- & Benachrichtigungshinweise",
"type": "n8n-nodes-base.stickyNote",
"position": [
0,
-280
],
"parameters": {
"color": 3,
"width": 600,
"height": 240,
"content": "## 4. Action & Notification\n\n- **Block User Account**: If `CRITICAL` risk, this `HTTP Request` node triggers an external system to block the user.\n- **Gmail1**: If `CRITICAL` risk, this `Gmail` node sends a critical fraud alert email.\n- **Flag for Review**: If `HIGH` risk, this `HTTP Request` node flags the transaction for manual review in an external system.\n- **Gmail**: If `HIGH` risk, this `Gmail` node sends a high-risk transaction email for review."
},
"typeVersion": 1
},
{
"id": "ee5f8df1-f361-49ff-943c-78873c58b96a",
"name": "Protokollierungs- & Antworthinweise",
"type": "n8n-nodes-base.stickyNote",
"position": [
40,
340
],
"parameters": {
"color": 2,
"width": 600,
"height": 200,
"content": "## 5. Logging & Response\n\n- **Log to Google Sheets**: This `Google Sheets` node logs all transaction details, risk analysis, and actions taken to a Google Sheet for record-keeping and auditing.\n- **Send Response**: This `Respond to Webhook` node sends a final JSON response back to the originating system, summarizing the fraud analysis status, risk level, score, recommendation, and actions taken for the session."
},
"typeVersion": 1
},
{
"id": "c751fd4f-a299-4144-a008-c4bf0c87d7b2",
"name": "Nachricht senden",
"type": "n8n-nodes-base.gmail",
"position": [
-200,
-180
],
"webhookId": "72497b63-f6a0-4d82-9560-781bed9c28c0",
"parameters": {
"sendTo": "abc@gmail.com",
"message": "=<h2 style='color: #d32f2f;'>🚨 CRITICAL FRAUD ALERT</h2><div style='background-color: #ffebee; padding: 15px; border-left: 4px solid #d32f2f; margin: 10px 0;'> <h3>Transaction Details</h3> <ul> <li><strong>User ID:</strong> {{ $('Extract Booking Data').item.json.body.user_id }}</li> <li><strong>Amount:</strong> ${{ $('Extract Booking Data').item.json.body.amount }}</li> <li><strong>Risk Score:</strong> {{$json.risk_score}}/100</li> <li><strong>Risk Level:</strong> {{$json.risk_level}}</li> <li><strong>Recommendation:</strong> {{$json.recommendation}}</li> <li><strong>Location:</strong> {{$json.location}}</li> <li><strong>IP Address:</strong> {{ $('Extract Booking Data').item.json.body.ip_address }}</li> <li><strong>Payment Method:</strong> {{ $('Extract Booking Data').item.json.body.payment_method }}=</li> </ul></div><div style='background-color: #fff3e0; padding: 15px; border-left: 4px solid #f57c00; margin: 10px 0;'> <h3>Risk Factors Identified</h3> <ul> {{$json.risk_factors}} <li></li> </ul></div><div style='background-color: #fce4ec; padding: 15px; border-left: 4px solid #e91e63; margin: 10px 0;'> <h3>Fraud Indicators</h3> <ul> {{$json.fraud_indicators}} <li></li> </ul></div><div style='background-color: #e3f2fd; padding: 15px; border-left: 4px solid #1976d2; margin: 10px 0;'> <h3>Additional Information</h3> <ul> <li><strong>Timestamp:</strong> {{$json.timestamp}}</li> <li><strong>Session ID:</strong>{{ $('Extract Booking Data').item.json.body.session_id }} </li> <li><strong>AI Score:</strong> {{$json.ai_raw_score}}/100</li> <li><strong>Rule-based Score:</strong> {{$json.rule_based_score}}/100</li> </ul></div><div style='background-color: #ffcdd2; padding: 15px; border: 2px solid #d32f2f; margin: 20px 0; text-align: center;'> <h3 style='color: #d32f2f; margin: 0;'>⚠️ IMMEDIATE ACTION REQUIRED ⚠️</h3> <p style='margin: 10px 0;'>This transaction has been flagged as CRITICAL risk. Please investigate immediately.</p></div><hr><p style='font-size: 12px; color: #666;'>Generated by Fraud Detection System | {{$json.timestamp}}</p>",
"options": {},
"subject": "=🚨 CRITICAL FRAUD ALERT - {{ $('Extract Booking Data').item.json.body.user_id }} - ${{ $('Extract Booking Data').item.json.body.amount }}"
},
"credentials": {
"gmailOAuth2": {
"id": "PcTqvGU9uCunfltE",
"name": "Gmail account - test"
}
},
"typeVersion": 2.1
},
{
"id": "18e9486f-00d9-41eb-ae4a-53a850965e5c",
"name": "Nachricht senden1",
"type": "n8n-nodes-base.gmail",
"position": [
-200,
200
],
"webhookId": "158386a0-0723-4f83-9ce7-ab38e739682c",
"parameters": {
"sendTo": "abc@gmail.com",
"message": "=<h2 style='color: #f57c00;'>⚠️ HIGH RISK BOOKING DETECTED</h2><div style='background-color: #fff8e1; padding: 15px; border-left: 4px solid #f57c00; margin: 10px 0;'> <h3>Transaction Summary</h3> <ul> <li><strong>User ID:</strong>{{ $('Extract Booking Data').item.json.body.user_id }}</li> <li><strong>Amount:</strong> ${{ $('Extract Booking Data').item.json.body.amount }}</li> <li><strong>Risk Score:</strong> {{$json.risk_score}}/100</li> <li><strong>Risk Level:</strong> {{$json.risk_level}}</li> <li><strong>Recommendation:</strong> {{$json.recommendation}}</li> <li><strong>Location:</strong> {{$json.location}}</li> <li><strong>Payment Method:</strong>{{ $('Extract Booking Data').item.json.body.payment_method }}</li> </ul></div><div style='background-color: #fce4ec; padding: 15px; border-left: 4px solid #e91e63; margin: 10px 0;'> <h3>Risk Analysis</h3> <ul> {{$json.risk_factors}} <li></li> </ul></div><div style='background-color: #e8f5e8; padding: 15px; border-left: 4px solid #4caf50; margin: 10px 0;'> <h3>Recommended Actions</h3> <ul> <li>Review transaction history for this user</li> <li>Verify payment method authenticity</li> <li>Check for pattern similarities with known fraud cases</li> <li>Consider temporary account restrictions if needed</li> </ul></div><p style='margin-top: 20px;'><strong>Session ID:</strong>{{ $('Extract Booking Data').item.json.body.session_id }}</p><p><strong>Timestamp:</strong> {{$json.timestamp}}</p><hr><p style='font-size: 12px; color: #666;'>Fraud Monitoring System | Please review within 24 hours</p>",
"options": {},
"subject": "=⚠️ High Risk Transaction - Review Required - {{ $('Extract Booking Data').item.json.body.user_id }} "
},
"credentials": {
"gmailOAuth2": {
"id": "PcTqvGU9uCunfltE",
"name": "Gmail account - test"
}
},
"typeVersion": 2.1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "96fe125c-cc90-4c67-a256-f6f59f7bbc91",
"connections": {
"2f2735be-f13e-4067-9bd5-e1a2c31abfc4": {
"main": [
[
{
"node": "5a9d3b88-ddb3-46dc-93f1-3f142cba5050",
"type": "main",
"index": 0
}
]
]
},
"770d0bee-3c76-44d8-9636-95ce05a71ad0": {
"main": [
[
{
"node": "0b8dd1bc-b61d-4fc1-a36f-6cac7505228e",
"type": "main",
"index": 0
},
{
"node": "18e9486f-00d9-41eb-ae4a-53a850965e5c",
"type": "main",
"index": 0
}
]
]
},
"dddfa887-aef3-4a39-8f39-6d6bf663cc47": {
"main": [
[
{
"node": "da250ec0-9f4a-459a-8764-a54f18f1bee7",
"type": "main",
"index": 0
},
{
"node": "c751fd4f-a299-4144-a008-c4bf0c87d7b2",
"type": "main",
"index": 0
}
]
]
},
"940ec478-de93-4595-a391-8aefb170b5d9": {
"main": [
[
{
"node": "e138c720-be0f-4182-8cc7-a5b9ea0cfbd5",
"type": "main",
"index": 0
}
]
]
},
"e138c720-be0f-4182-8cc7-a5b9ea0cfbd5": {
"main": [
[
{
"node": "2f2735be-f13e-4067-9bd5-e1a2c31abfc4",
"type": "main",
"index": 0
}
]
]
},
"fe50e27a-a223-4d1e-926b-eb52b308cb0e": {
"main": [
[
{
"node": "2e8c8aed-cd8d-4ec3-83c7-9b3c351a216e",
"type": "main",
"index": 0
}
]
]
},
"5a9d3b88-ddb3-46dc-93f1-3f142cba5050": {
"main": [
[
{
"node": "dddfa887-aef3-4a39-8f39-6d6bf663cc47",
"type": "main",
"index": 0
},
{
"node": "770d0bee-3c76-44d8-9636-95ce05a71ad0",
"type": "main",
"index": 0
},
{
"node": "fe50e27a-a223-4d1e-926b-eb52b308cb0e",
"type": "main",
"index": 0
}
]
]
},
"fe64d367-c1b7-4d4b-b45c-bafce9d52948": {
"ai_languageModel": [
[
{
"node": "2f2735be-f13e-4067-9bd5-e1a2c31abfc4",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"664a521a-7b7c-4a9a-ae3a-06cb326d6923": {
"main": [
[
{
"node": "940ec478-de93-4595-a391-8aefb170b5d9",
"type": "main",
"index": 0
}
]
]
}
}
}Häufig gestellte Fragen
Wie verwende ich diesen Workflow?
Kopieren Sie den obigen JSON-Code, erstellen Sie einen neuen Workflow in Ihrer n8n-Instanz und wählen Sie "Aus JSON importieren". Fügen Sie die Konfiguration ein und passen Sie die Anmeldedaten nach Bedarf an.
Für welche Szenarien ist dieser Workflow geeignet?
Experte - Sicherheitsbetrieb, KI-Zusammenfassung
Ist es kostenpflichtig?
Dieser Workflow ist völlig kostenlos. Beachten Sie jedoch, dass Drittanbieterdienste (wie OpenAI API), die im Workflow verwendet werden, möglicherweise kostenpflichtig sind.
Verwandte Workflows
Konkurrenz-Analyse-Content-Inspector: Automatische Themen-Mapping von Websites
Analyse von Wettbewerbsinhalten und -lücken mit Gemini AI, Apify und Google Sheets
If
Set
Code
+
If
Set
Code
30 NodesMychel Garzon
Verschiedenes
Automatisierung von Instagram-Influencer-Lieferungen und Vertragskonformität
Automatisierte Erinnerungen zur Einhaltung von Instagram-Influencer-Verträgen mit Claude AI und Slack
If
Set
Code
+
If
Set
Code
26 NodesOneclick AI Squad
Soziale Medien
n8n-Knoten in der visuellen Referenzbibliothek erkunden
Erkundung von n8n-Knoten in der visuellen Referenzbibliothek
If
Ftp
Set
+
If
Ftp
Set
113 NodesI versus AI
Sonstiges
AI-Kundensupport-Routing und Zusammenfassungs-System
Automatisierte Bearbeitung von Kunden-Support mit GPT-4o, Slack und CRM-Integration
If
Set
Code
+
If
Set
Code
32 NodesNodeAlchemy
Ticketverwaltung
Automatischer Preisvergleich von Hotels durch Multi-Platform-Crawling und E-Mail-Berichte
Automatisierung des Hotelpreisvergleichs durch Multi-Platform-Scraping und E-Mail-Berichte
If
Set
Code
+
If
Set
Code
19 NodesOneclick AI Squad
Marktforschung
Intelligente Immobilien-E-Mail- und Telefonmarketing-Kampagne mit KI-generierten Leads
Automatisierung der Immobilienmarketing mit Llama AI, VAPI-Anrufen und Gmail-Kampagnen
Code
Wait
Gmail
+
Code
Wait
Gmail
23 NodesOneclick AI Squad
Lead-Pflege
Workflow-Informationen
Schwierigkeitsgrad
Experte
Anzahl der Nodes20
Kategorie2
Node-Typen11
Autor
Oneclick AI Squad
@oneclick-aiThe AI Squad Initiative is a pioneering effort to build, automate and scale AI-powered workflows using n8n.io. Our mission is to help individuals and businesses integrate AI agents seamlessly into their daily operations from automating tasks and enhancing productivity to creating innovative, intelligent solutions. We design modular, reusable AI workflow templates that empower creators, developers and teams to supercharge their automation with minimal effort and maximum impact.
Externe Links
Auf n8n.io ansehen →
Diesen Workflow teilen