Fall Foliage Isn’t All That’s a ‘Changing: New Fraud Techniques
Winter. Spring. Summer. Fall. Repeat.
Unless you are lucky enough to live in sunny Southern California or Florida, seasonal change is a constant part of life. The same applies when it comes to technology. But while seasons are cyclical, technology progresses in a much more linear fashion and is ever evolving. The Fall foliage serves as a reminder (to you and your business) that fraud tactics change too. The fraud techniques you were monitoring last year have likely been upgraded and now may not be recognizable to your business. This blind spot places your organization at risk from both a revenue and brand perspective.
Your fraud detection tactics and overall prevention strategy deserve some careful examination before the holiday shopping spike. Here are just a few ways the fraudsters are employing new strategies to steal, swindle, and hack their way to a payday.
Overdrawn and Out of Luck
At least 40 million dollars was recently stolen from Eastern European Banks by a cyber-criminal gang. According to Bleeping Computer, fraudsters used a “new technique that combines hacking the bank's network, the manipulation of overdraft limits, disabling fraud alerts, and mass ATM withdrawals.” This multi-layered approach illustrates the lengths and many combinations of strategies fraudsters will use to ensure their bottom line.
Fraudsters are always changing their tactics, networking with new criminals, expanding their reach, and developing new tools – all to steal from online merchants that are not actively monitoring their fraud prevention.
Criminals openly share information and best practices on both the open and dark web, causing the fraud industry to grow at a rampant pace. Popular sites of today’s fraudsters like Rescator.CC and Wickybay are chock-full of software tools, instructional videos, and bundled offerings. Businesses must be vigilant employing technology and partners that have domain expertise to proactively detect, deter, and prevent fraudulent activity against businesses and digital assets (i.e. customers).
Hacking various devices connected to the Internet of Things (IoT) is not a completely new strategy in and of itself. The adoption and rise of IoT has allowed fraudsters to find new points of entry, ranging from the innocuous, like home security cameras, to the practically ridiculous, smart fish tanks. Anything that connects to a public and/or unsecure network is at risk, and should be protected as such.
Faith (Or Lack Thereof) In Institutions
This year, the general public wised up to the fact that our public institutions—yes, those organizations that house scores of our valuable personal data—range from mildly unprepared to sitting ducks for cyber-attacks.
Fraudsters are starting to more aggressively target organizations like school systems, public and private universities, healthcare agencies, federal government agencies, financial institutions, and even entire states! All of the large-scale data breaches that occurred in recent months have given fraudsters more opportunities to steal and utilize personal data and conduct fraudulent transactions.
The Waiting Game
At this point, there have been so many data breaches that most likely every individual consumer’s personal information has been compromised in some way. All of this data is extremely valuable to fraudsters as they carry out card-not-present fraud schemes now and in the future.
It remains to be seen exactly how fraudsters will choose to implement and use all of the data they’ve collected, especially as their tactics evolve and their criminal networks grow. But the good news is that with the right fraud prevention strategy in place, merchants can guard against fraud before it happens, and even boost sales in the process.