With change, huge opportunity often emerges. This opportunity, however, presents itself not just to forward-thinking digital businesses, but also to cybercriminals who can remain just ahead of the technology curve. As organizations continue to merge their digital and physical services, innovating to meet an increasingly diverse consumer base, fraud prevention strategies must keep pace with this evolution, transformation and growth. Without a robust, and layered approach, businesses are opening themselves up to new fraud risks. Fraudsters remain masters of disguise, continually searching out the weakest link under a cloak of legitimacy.
This weakest link may well be those new-to-digital customers who have come online during the pandemic. Younger adults and the older population have been shown to be the most susceptible to fraud attacks. Fraud prevention extends not only to detecting identity spoofing, automated bot attacks and account takeovers, but also to awareness, education and customer messaging that shows all customers how to better spot potential scams. It’s likely that we will continue to see fraudsters preying on pandemic-related anxieties, offering investments that look too good to be true or products that are in hot demand online.
It’s not just new customers that must be protected, however. Trusted, existing customers may be inconvenienced with additional authentication steps as “back to normal” behaviour is potentially flagged as unusual following the unprecedented change that took place in consumer behaviour in 2020. How can organisations ensure that reliable fraud prevention does not mean unnecessary friction for good customers? Regulatory change and economic uncertainty will also merge with this evolving digital landscape:
Open banking platforms will become a key target for fraudsters looking to exploit customer data across accounts. PSD2 in Europe will see fraudsters looking for loopholes and exemptions in tighter fraud defences. Again, good customers may see a change to transaction acceptance rates with the new swathe of authentication strategies that mandate two layers of strong customer authentication (SCA).
It’s likely too that as economies respond to the impact of the pandemic, fraudsters will look to benefit from the downturn via increased mule recruitment, promising consumers fast money in return for use of their bank account to funnel proceeds of crime through global organisations.
eCommerce merchants will likely see a growth in first party fraud as more consumers feel the economic pinch.
EXPERT COMMENTARY
Kate Dunckley – Solutions Consultant LexisNexis Risk Solutions
It’s impossible to look back on 2020 without mentioning the impact Covid-19 and the global pandemic has had on the world, especially when talking about cyber fraud trends and behaviours.
Billions of people were pushed further into the digital world nearly overnight. Our lives have changed as we have begun embracing the online citizenship duties that came with this necessary digital transformation. Basic needs like grocery shopping, and little pleasures like beauty products and home décor items, came from online sellers, thus the overall global 38% growth in eCommerce transactions doesn’t come as a surprise to anyone. Additionally, the need for entertainment as an outlet for happiness in the dark times pushed our media consumption up by 9% during the pandemic.
While the digital economy is booming, online transaction volumes are rising, and digital portfolios expanding and improving, so are the cybercriminals. We have seen a 32% growth in automated attacks in the eCommerce world in July-December 2020. Not only that – the UK alone has seen 44% growth in bots during that period. This would suggest that cybercriminals have used the time and invested in developing networks of automated bots that are starting to push the boundaries of security and online traffic management. With a well-developed bot network, a fraudster can do lots of things, but let’s focus on a few:
Beat traffic before an average consumer – This happens especially during the time of special releases, like with the Playstation 5 launch.
Consoles were available on reseller marketplaces for extortionate prices a day or two after launch – Traditional retailers were out of stock within minutes of the selling window opening.
Test a large volume of stolen credentials before they expire – Now, with the significant increase in online activity, especially in media and eCommerce in 2020, there is an expectation of card-not-present (CNP) fraud to be on the rise and that will have an impact on both retailers and issuers – from fraud and loss prevention management, as well as the regulatory perspective.
Find a weak spot in digital defences – Obtaining card data is a primary objective of a cyber-attacker targeting merchants, payment processors and eCommerce platforms; thus bot attacks weakening the layers of security are the easy option for gaining access to financial targets.
Once a data breach occurs, it is difficult to stop the avalanche of fraud that follows. Seeing bots on the rise in 2020, CNP fraud will be the one to watch in months to come.
The UK Cybercrime Report is a supplement to the LexisNexis® Risk Solutions Global Cybercrime Report, which is based on cybercrime attacks detected by the LexisNexis® Digital Identity Network® from July – December 2020. From global risks and industry opportunities, to analysing the cybercrime landscape in a pandemic, download your free copy of the global cybercrime report today to learn how to tackle fraud and build trust with genuine customers.
