17 December 2017

44975

Retired Member

3,251Posts 11,857,536Views 3,524Comments
Online Banking

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.

It's official - fraud is influenced by the recession

05 February 2010  |  3920 views  |  1

This week CIFAS, the UK’s Fraud Prevention Service, published its 2009 annual fraud statistics, and in line with expectations, the number of people affected by fraud continues to increase.

Since the recession started to bite 18 months ago the general view has been that fraud increases in a recession and fraudsters change their tactics depending on what promises to be most profitable for them.

Well we now have some definitive numbers to prove this hypothesis.

The assumption was that with a reduction in the amount of lending taking place we would see a reduction in the amount of application fraud taking place (the use of lies and forged documents in an attempt to obtain products or services). The CIFAS numbers support this with a 25 per cent reduction in application fraud.

That’s the good news; the bad news is fraudsters don’t just disappear into thin air. They have to protect their profits and margins.

The second part of the hypothesis was that fraudsters change tactics and this is exactly what we are seeing. Fraudsters have returned to stealing the identities of others in order to benefit financially. Across 2009, there were over 85,000 UK victims of impersonation (people whose identities have been hijacked by identity fraudsters) up 35 per cent and 24,000 victims of account takeover (existing accounts hijacked by fraudsters) up 16 per cent.

Indeed account takeover has increased by a staggering 250 per cent during the last 24 months, thanks to the ubiquitous use of phishing e-mails and malware. There has also been a 55 per cent increase in fraudulent insurance claims as claimants become more dishonest.

However, there is more good news. CIFAS reports a 241 per cent increase in the use of protective registration – a service that makes it more difficult for fraudsters to apply for credit under somebody else’s name. The increase has been put down to a heightened awareness of identity fraud, the damage it can do and the problems associated with resolution. People are now proactively looking for ways to stop identity fraud taking place in the first place.

This is huge cultural shift, albeit by a small population, but significant nevertheless.

There is also further good news. Now we know that fraudsters change their tactics, we can, to a certain extent, try to pre-empt their next move by tightening up existing fraud detection processes and implementing best practice to stop them in their tracks. The adoption of credit monitoring services and identity protection services can only help as consumers become more responsible for their personal and financial information.

The battle against fraud will continue to ebb and flow, but learning from recent trends, continued education and heightened consumer responsibility might just make a difference.

 

TagsSecurityRisk & regulation

Comments: (1)

Uri Rivner
Uri Rivner - BioCatch - Tel Aviv | 11 February, 2010, 11:19

Account takeover using Telephony is massive in the UK. In an October meeting of the leading card issuers RSA held in London, every single issuer pointed to account takeover fraud as the number one trend; and most of it is done by calling the issuer and using a mix of social engineering and credentials collected via phishing.

Other than the facts mentioned in this blog, there are 2 additional things to consider: first, fraudsters who do not speak English can use a service running out of Moscow to call UK banks. The service operates 24/7, costs $7 per call, and all you need is the phone banking credentials (which you can phish).

Second, a new attack vector is called Chat in the Middle - see http://www.finextra.com/community/Fullblog.aspx?id=3311

In this attack, fraudsters pop up a fake chat box after you click on a link in a standard phishing email, present themselves as the fraud department of the bank, and ask for your phone number. They'll ask you all the 'security questions' and then say that all is well in your account after all... Then use the stolen credentials to take over the account.

Technologies to stop these are biometrics (which still does not seem mature enough in terms of false rejections and ease of deployment), and Knowledge Based Authentication in which you're being asked multiple choice questions based on your background; the questions are built in a way that confuses fraudsters but is very 'top of mind' for the genuine users.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Retired's profile

job title
location
member since 2014
Summary profile See full profile »

Retired's expertise

Member since 2009
3181 posts3,524 comments
What Retired reads

Who's commenting on Retired's posts

Ketharaman Swaminathan
Raymond Lee
James Andrew
Dharmesh Mistry
David Andrzejek
Ralf Ohlhausen
Tom Hay
Nicola Cowburn
Michael Wright
Charmaine Oak
Francis Chlarie