As technology continues to evolve, new ways for fraudsters to execute their tactics continue to emerge. The continual rise in fraud as a multi-billion dollar problem can be attributed to the increasing digitization of financial services. It’s incredibly easy to get an online bank account, apply for credit cards online, access credit lines, and transfer money through numerous apps or services. This leaves the door open for bad actors and cybercriminals to exploit these systems for financial reward.
On average, 63% of businesses have experienced stagnant or growing fraud rates within the past 12 months. Payment fraud alone is on track to exceed $25 billion per year by 2020.
The average internet user in the US has extensive personal information stored online including social security numbers, typically on multiple sites, which leaves hackers with juicy data they can sell or monetize when these systems are compromised. The recent data breach by Equifax shows that no company is out of reach from mishandling data, and it’s possible that many other breaches have occurred that the public is not yet aware of.
Old Tricks Still Work
The classic physically stolen credit card is a tactic that is still not going away. While it’s much easier for consumers to notice their credit card is missing faster than seeing a false charge on their credit card, this tactic continues to be effective. Manipulating consumers through phone calls or emails such as impersonating their financial institution via social engineering continues to be an impressive tactic that routinely compromises accounts. This is a significant factor contributing to the multi-billion dollar headaches of payment fraud.
The Need for Real-Time Gratification
Consumers want their products & services in real-time and companies are always evaluating their risk-reward ratios to appease this demand. Many newer companies working to gain market share will accept a higher risk ratio in order to gain clients and offer real-time gratification. This can also include real-time money transfers, and digital goods.
Mobile Malware On the Rise
Mobile usage and successful transactions through mobile devices continues to rise year over year, so it’ no surprise that cybercriminals are increasing their efforts to target these potential victims. New mobile malware released in 2017 allowed criminals to steal banking and credit card credentials using innovative methods that weren’t previously seen by security researchers. Mobile malware is also able to subscribe the user to mobile billing subscriptions (popular outside the US), without the user’s knowledge, by clicking links in the background. These fraudsters are usually able to be paid by advertisers for generating subscriptions before they can determine the transactions are fraudulent, often taking months before the advertisers are made aware and forced to refund all of the charges.
The Cryptocurrency Craze
As more financial institutions work to reduce money transfer fees, they are joining the Cryptocurrency movement which allows for cheaper and more efficient money transfers. This puts millions and billions of dollars at risk of being compromised through hacked private keys or internal breaches that could compromise the bank’s Cryptocurrency wallets. Innovating has its risks and setbacks and this is one hurdle the financial industry will need to further evaluate as Cryptocurrency becomes more mainstream.
Another side effect of increased online transactions and greater internet usage, account takeover occurs when thieves are mobile to use hacked login information to access a consumer’s account. This tactic is continuing to grow in more popularity with cybercriminals as more data breaches occur and traditional malware is able to compromise consumers and steal their account credentials. In 2016, this tactic rose 31% and the latest stats continue to be alarming. Usually this method can be detected within a few days by the consumer or business responsible for the account, however a few days can already be too late for some services to avoid any damage.
So Where Do We Go From Here?
Cybercriminals are certainly bound to continue innovating and exploiting new technology. The most effective solution to preventing these types of fraud is a real-time monitoring service that can evaluate users and transactions to determine suspicious actions as they occur. Many businesses are now using machine learning and AI to automate their quality control and compliance departments, with technicians manually reviewing some accounts to ensure all is running smoothly.