Brief About Digital Fraud Types
A brief explanation of different fraud stereotypes
For the past 2 decades, there has been continuous increasing demand and reliance on Online shopping payments. It shows no signs of stalling at any point. The yearly volume of digital payments means is estimated in trillions. Well, Amazon online revenue alone accounts for $280 billion from the pie. So, you can imagine the magnitude of such an industry. That should be beneficial (Digital credit facilities, expenses managements …) and non-beneficial (Privacy concerns with the bank/Big brother) in ways we can all argue about.
Regardless, there is one major aspect that was introduced since the early days of Online Payments: Digital Fraud. Some quick statistics: there was an increase of 73% of online Fraud from 2018 to 2019. It is estimated that by 2022, such Fraud would amount for a total of $41.5B+
There is a general misconception most of us fall into is that there are many types and figures of Digital Fraud unlike what is widely believed there is one type of Online Fraud. The attackers have been thinking cleverly and creatively about many ways for getting the Card credentials in your wallet.
To fully understand the online Fraud, you can check first how the payment flow works through i.e. https://www.helcim.com/article/how-credit-card-processing-works/
The fraudulent actors can be either of the following:
- End Users (Attackers)
- Merchants (Intentionally or Unintentionally)
Historically, such actors target the following layers for financial gains:
- The merchants
It happens when the attacker successfully attacks the merchant website or end-user account through phishing/skimming for retrieving card credentials or attempting to make fraudulent purchases by taking over the user account.
- The acquirers
This is where attackers target payment acceptance methods such as POS devices and online payment processors for sniffing card data
- The issuers
Also referred to as the last layer in the payment stack; it is the layer responsible for checking the user balance, conducting the required accounts deductions/additions. The attackers attempt to extract the relevant correct card details using multiple techniques such as BIN/ASI Attacks
Below is a glimpse of the different types of fraud attacks in the following series articles:
- BIN/ASI Attacks
- ATO Attack
- Chargeback Attack
- POS Attacks
- ATM Jackpotting
- Stand-in processing
I will be explaining the details of each of these attacks in separate Medium articles.
