Fraud Gone Global
Holiday shopping fraud, data breaches, synthetic identity fraud, and credential stuffing, all made headlines this week. This Week in Fraud Trends, December 13, 2019.
There are as many types of fraud attacks as there are targets for fraudsters to take aim at, and there is a seemingly never-ending chess match going on between those trying to innovate their way into more and greater crimes, and those innovating their way towards stopping them.
Success in the field of fraud prevention requires understanding the means fraudsters are using to commit their illicit acts, and every day, we learn more about just how complex and sophisticated their efforts are.
This week, a detailed article from Roll Call reported on news that the Federal Reserve is issuing new warnings about a practice known as Synthetic Identity Fraud:
“Synthetic identity fraudsters have shown a willingness to invest substantial effort into maximizing profits cultivating synthetic identities over a long time by making small payments on the account to increase its legitimacy and earn credit line increases. Once the credit lines are large enough, the thief vanishes with cash or easily convertible goods, a move called ‘busting out,’ according to the Fed.”
(for more about “bust-out fraud” please visit DataVisor’s Fraud Wiki: https://www.datavisor.com/wiki/bust-out-fraud/)
A story from BizReport, meanwhile, shone a light on increasing challenges with global retail fraud — particularly as regards mobile shopping:
“Iovation has released new data that indicates digital fraud is also on the rise. According to their report over the Black Friday/Cyber Monday weekend fraud jumped by about 60% (2017 vs 2019), with Black Friday capturing the lion’s share of fraudulent purchases. Most of the bad buys originated in China with many of those coming from mobile devices.”
The holiday shopping season is, of course, a magnet for fraudsters, and new account fraud is a familiar and feared problem this time of year. As reported by KSL, however, 2019’s shopping cycle offers some intriguing numbers — as it turns out, while overall holiday fraud is up, new account fraud is down:
“New account fraud increased 27.8% worldwide YTD in 2019, compared to full-year 2018 results, and more than 100% compared to 2014 levels. Surprisingly, attempted new account fraud was 19% less during the Black Friday/Cyber Monday weekend (compared to the average 2019 fraud levels), when fraud attempts normally escalate.”
Anytime you’re talking about modern digital fraud, you’re going to find yourself talking about data breaches. Personal information loosed in a breach — and subsequently bought and sold on the dark web — is almost guaranteed to end up as the raw material for a new fraud attack. So we’d be remiss in neglecting to update you on new data breach news. This week, we learned from InfoSecurity of a new breach of fairly staggering proportions:
“In total, the database contained 2.7 billion email addresses, and plain text passwords for more than one billion of them — providing a perfect starting point for a credential stuffing campaign.”
Credential stuffing is one of the many new techniques fraudsters have devised that enable them to use stolen personal data to commit new crimes, and it’s something DataVisor has reported on before — Director of Research Ting-Fang rightly described the practice as “an especially damaging breed of ATO.”
Another DataVisor voice emerged in the news this week: DataVisor VP Priya Rajan was recently interviewed for a podcast from Soar Payments:
Gleanable insights from the podcast include:
- Why the consumer-driven “immediacy economy” makes fraud management so crucial to any business or organization.
- What “unsupervised machine learning” is, and how the technology helps DataVisor combat fraud and spam.
- How an increasingly digital world, and the continued rise of mobile devices, makes fighting fraud more important than ever.
- Why the technological sophistication of fraudsters presents such unique challenges to fraud prevention companies.
(You can listen to the full episode here!)
We speak often about the sophistication and scope of modern fraud, but to many, this can seem like an abstract concept. Courtesy of a new story from Wired this week, however, we can now understand how modern digital crime is — literally — right at our front door:
“When it comes to something like a Ring doorbell or camera, the devices can be genuinely useful, but they also generate sensitive data that would be valuable to many parties — from law enforcement to criminals or even nation state hackers. Which makes security that much more important.”
Security — as the quote above states — is important. Very important. The lack of it is everyone’s problem. It’s an enterprise problem, and it’s an individual problem. At DataVisor, we work at the enterprise level, but we do so because — like our clients — we care about individuals. This week, we learned from Dark Reading that a new generation of individuals are taking it upon themselves to protect themselves:
“Adoption of two-factor authentication (2FA) is rapidly increasing, particularly among people aged 18–34, as consumers grow concerned with protecting online accounts from data breaches.”
That’s a hopeful note to end on, and while we know 2FA isn’t the sweeping solution the world ultimately needs, increasing adoption of this kind is a sign that people are taking online security seriously, and that’s never a bad thing.
Join us again next week, for another edition of This Week in Fraud Trends!
~
Interested in learning more about the battle against modern digital fraud?
