6 New Types of Fraud and How to Prevent Them (2023)

Fraudsters are constantly in search of new ways to exploit people’s private information.

Security breaches continue to take a heavy toll on businesses. In e-commerce alone, losses from online payment fraud totaled more than $40 billion in 2022.

At the same time, the rise of generative artificial intelligence (AI) technologies has opened the door to fraudsters usingdeepfakes and other advanced methods to commit crime.

Read on to learn about the new types of fraud in 2023 — and how to protect yourself.

New types of fraud

1. Deepfake fraud. Deepfakes are synthetic media, such as video or audio, created using artificial intelligence (AI). Fraudsters can use deepfakes to impersonate individuals and deceive victims into making transactions, providing sensitive information, or participating in other fraudulent activities. From 2022 to 2023, the proportion of deepfakes among all fraud types increased by 4,500% in Canada, 1,200% in the U.S., 407% in Germany, and 392% in the UK.
2. Synthetic identity theft involves creating fictitious identities by combining real and fabricated personal information. Fraudsters use synthetic identities to open accounts or apply for credit, often targeting financial institutions or government programs. Synthetic identity theft can be difficult to detect as the identities may initially appear legitimate.
3. AI voice scams. AI has allowed bad actors to replicate someone’s voice. There are cheap online tools that can translate an audio file into a replica of a voice, allowing criminals to “speak” as someone else.
4. E-skimming, or formjacking, refers to the injection of malicious code into e-commerce websites to steal payment card details during online transactions. First, criminals get access to the source code/server of an online store. This can happen through vulnerabilities or bruteforce. Then, they inject malware into the payment flow. Lastly, they duplicate payment data.
5. “Fraud as a service” (FaaS) is when fraudsters offer their services on the darkweb to carry out scams on behalf of paying clients. This may include a variety of services, including phishing, hacking, or botnet attacks.
6. AI-powered phishing. In 2023, phishing has stepped up to a new level, with AI now being used to write convincing emails and SMS.

Read further: Fraud and Money Laundering in E-commerce: How Proper Identity Verification Can Prevent It (Guide 2023)

How these new frauds can be prevented

Liveness detection

The human eye can’t distinguish between a high-quality deepfake and a real person. However, artificial intelligence can help.

AI is incorporated into Sumsub’s in-house liveness and deepfake detection, a proprietary technology that detects spoofing attempts while authenticating real users in seconds. It works by analyzing certain artifacts of provided images using the latest technologies, ensuring no fraudsters pass the check. Thanks to machine learning, this technology can detect a person’s biometrics and liveness with over 99% accuracy, therefore providing better customer protection.

Nowadays, liveness and deepfake detection are an integral part of the KYC flow for many businesses. But there are also other use cases:

• Two-factor authentication (2FA). An additional biometric check ensures reliable protection of the user’s account without the need for passwords or SMS codes. It can also be used for re-verifying user identities if passwords or devices are lost.
• User action confirmation. Prevent account takeovers with a simple biometric check that determines who’s really behind the screen. This ensures that the true user initiates transactions, account deletion, or other sensitive steps.
• Securing physical entrances. Biometric technology can also be used to control access to doors, gates, and other entry points.

Read further: Liveness Detection: Choosing a Solution That Won’t Let Fraudsters In

Transaction monitoring

Transaction monitoring is an ongoing security process that helps companies detect suspicious transactions, and is a must-have for businesses. Transaction monitoring software spots unusual patterns and reviews dubious transactions made in digital or fiat currencies. The purpose is to answer the following questions:

• Where did the money come from?
• Where is the money going?

Transaction monitoring can detect a great number of illegal activities, including money laundering, terrorist financing, fraud (including traces of e-skimming and chargebacks), identity theft, etc.

For business, transaction monitoring is essential for compliance with AML regulations and fraud prevention.

Essential security routines

To prevent e-skimming and other hacks, it’s recommended to develop several security routines, including:

• Using a malware monitor software for your site
• Ensuring MFA and strong password policies for your employees
• Training your employees to deal with phishing attacks
• Running automated vulnerability audits on your website/online store
• Ensuring that only specific IPs can access the control panel of your website; Declining access from unknown locations
• Installing security patches timely, and remember critical software updates.
• Implementing a Content Security Policy (CSP) and Subresource Integrity (SRI), which will make it harder to inject malicious code into your online store
• Being on the lookout for phishing attacks by using link checker tools and checking community reviews of unknown websites
• Using a secure VPN.