In Credit Risk Management, Fraud, Risk Management, Trends

Fraud in the financial services industry is a growing trend. While the old adage of “what goes up, must come down” holds true for many things, financial fraud is increasing in both volume and monetary impact.

Data from The Nilson Report indicates that global card fraud alone accounted for $22.8 billion in 2016, up 4.4% from 2015.[1] Frank McKenna, noted fraud consultant, estimated that total losses for that same year were $181 billion.[2] And the financial impact for consumers in the US was $16.8 billion in 2017, clearly illustrating the role fraudsters play in emptying both corporate and consumer coffers.[3]

But it’s not just monetary losses that consumers and financial institutions (FIs) are facing. According to an article from Laura Bruck, VP of Marketing for EZ Shield, “data breach events per year [have] increased more than 70 percent – and experts predict that number will only continue to rise.”[4]

Data breaches allow criminals to buy, sell and use personally identifiable information (PII), user names, passwords, and more in their fraudulent activities. Considering that the top five breaches in 2017 tally hundreds of millions of records, FIs and consumers are likely to face increased fraud as those records get used by criminals.

The New World of Financial Fraud

Tactics and techniques are changing as consumers and FIs embrace digital channels. Fraudsters are taking new and novel approaches to their crimes, and changes in technology are making it easier than ever.

“Gone are the days when fraudsters had to have advanced hacking or programming skills,” said Monica Eaton-Cardone, co-founder and Chief Operating Officer of Chargebacks911.[5] New tactics and techniques have emerged as financial fraud adapts to the changing digital landscape.

Fraud-as-a-Service

For criminals, a relatively low initial investment can have a quick return – at the expense of consumers and affected FIs. Eaton-Cardone notes that fraudsters “can simply buy or rent tools, botnets, and services on the dark web… instead of lone attackers, we’re looking at a widespread network of organized crime.”[6]

As Charles Cooper points out in a recent article for CSO, “cybercrime-as-a-service…has opened a wide digital door to anyone looking to score a quick, illicit buck on the internet.”[7] Distributed denial-of-service (DDoS) booter rentals, prepackaged ransomware kits, verified and guaranteed PII stolen from data breaches – all the pieces a bad actor needs to commit fraud are available to rent, lease or purchase. Some criminals are even “making customer service guarantees a key differentiator, with try-before you buy options and returns for ‘faulty’ merchandise such as bad payments cards.”[8]

Fraud for Hire

Fraudsters can turn to organized rings who are more than willing to provide both the technical elements and a support network to perpetrate their crimes. According to Charles Cooper:

“Many online marketplaces on the dark web actually tout the technical support they can supply to anyone who requires extra handholding. The cybercrime-for-hire business appears to be so robust that hacker gangs reportedly are hard pressed to keep up with demand.”[9]

This “for hire” model adds further complexity. With a group of ready and willing criminals able to perpetrate fraud, FIs have more to fear than groups out for personal profit. A disgruntled employee or customer seeking revenge for a perceived slight from an FI can hire thugs to do the dirty work. And with the anonymity afforded by deep web browsers and cryptocurrency, that customer or employee could potentially avoid detection.

Scary new world?

In addition to the As-a-Service and for-hire models of fraud perpetration, fraudsters are exploring additional tactics. From incorporating artificial intelligence to using social engineering, these bad actors are continuing to increase and expand their approaches, often with great success.

With these changes, FIs and consumers will need to prepare themselves for an increase in financial fraud attempts. Leading FIs will partner with best-of-breed solution providers to protect consumers, while implementing detection and mitigation tactics that don’t add to the friction a legitimate customer might face when conducting their personal business.

Wondering about other implications of fraud and how your organization can fight back?

Download our whitepaper Fighting the Good Fight today and learn more.

Sources:

[1] Kragie, A. (2017, October 27). Payment Card Fraud Data: Stats for Issuers. Rippleshot.  [Web blog post]. Retrieved April 12, 2018, from http://info.rippleshot.com/blog/payment-card-fraud-data

[2] McKenna, F. (2017, January 17). Top 10 Fraud Types for 2017 Based on Losses. frankonfraud. [Web blog post]. Retrieved April 18, 2018, from http://frankonfraud.com/fraud-reporting/top-10-fraud-losses-for-2016-and-where-they-are-headed-now/

[3] Pascual, A., Marchini, K., & Miller, S. (2018, February 06). 2018 Identity Fraud: Fraud Enters a New Era of Complexity. Javelin. Retrieved April 28, 2018, from https://www.javelinstrategy.com/coverage-area/2018-identity-fraud-fraud-enters-new-era-complexity

[4] Bruck, L. (2018, January 22). Lessons Learned From Data Breaches in 2017. Fighting Identity Crimes. [Web blog post]. Retrieved April 18, 2018, from https://www.fightingidentitycrimes.com/lessons-learned-data-breaches-in-2017/

[5] Chargebacks 911. (2017, September 19). Chargebacks911: Organized Crime Targets eCommerce via Fraud as a Service (FaaS). Business Insider. [Web blog post]. Retrieved April 15, 2018, from http://markets.businessinsider.com/news/stocks/chargebacks911-organized-crime-targets-ecommerce-via-fraud-as-a-service-faas-1002382423

[6] Ibid

[7] Cooper, C. (2017, July 27). The Rise and Rise of Cybercrime as a Service. CSO. [Web blog post]. Retrieved April 17, 2018, from https://www.csoonline.com/article/3205253/data-breach/the-rise-and-rise-of-cybercrime-as-a-service.html

[8] Starnes, R. (2016, February 02). Https://www.csoonline.com/article/3028122/security/the-dark-net-s-fraud-as-a-service-faas.html. CSO. [Web blog post]. Retrieved April 10, 2018, from https://www.csoonline.com/article/3028122/security/the-dark-net-s-fraud-as-a-service-faas.html

[9] Cooper, C. (2017, July 27). The Rise and Rise of Cybercrime as a Service. CSO. [Web blog post]. Retrieved April 17, 2018, from https://www.csoonline.com/article/3205253/data-breach/the-rise-and-rise-of-cybercrime-as-a-service.html

Recommended Posts

Start typing and press Enter to search

neuro-id