Over 60 percent of banks say fraud volumes are rising, with over 40 percent reporting that average fraud hit value is going up. Under COVID, one study finds that 22 percent of Americans had been targeted by pandemic-related fraud attempts as of April.
It’s largely a function of the COVID-era eCommerce explosion, and efforts to reduce fraud become more difficult during heavy buying periods like the year-end gifting holidays.
“For merchants focused on sustainable growth, successfully mitigating fraud becomes increasingly important, and ever more so during the holiday season,” Rahul Pangam, co-founder and CEO of Simility, told PYMNTS. “Fraudsters know that higher transaction volumes and a demand for fast processing times leave merchants vulnerable to attacks. During this hectic time of year, merchants are particularly vulnerable to promotion abuse, account takeover and transaction fraud. To successfully address fraud, merchants need to have a fraud prevention strategy in place well before the holiday season.”
PYMNTS’ latest Digital Fraud Tracker®, done in collaboration with Simility, is a study in the forces impacting fraud and security in a year when cyberthieves have been having a field day.
They Can Get To Anyone
No one is immune, no matter how big, sophisticated or digital-native they may be. What happened to Amazon is an ideal glimpse into how well threat vectors operate.
“Amazon Prime Day, a two-day event during which the eCommerce giant offered deals and discounts to its main subscription service customers, also resulted in a fraud spike. A recent study found that phishing websites and emails spiked as the event drew closer, with many fraudsters using the Amazon brand and logos to trick customers into surrendering their login data and payment card credentials,” per the Digital Fraud Tracker®. “This spike was the largest increase in Amazon-related phishing attempts since March, when the COVID-19 pandemic forced Americans indoors and made them rely on the marketplace more than ever before.”
Another popular cyberattack this year is the account push payment (APP) type, a real-time attack, with the Tracker noting that “the number of real-time payments has risen dramatically in recent years, and APP fraud has grown alongside it. Fraudsters utilizing these schemes rely on tactics such as phishing and impersonation scams to trick customers and businesses into sending them payments or payment details, and their use of real-time rails can enable them to make off with the funds before customers catch on. The nature of these payments means that consumers cannot reverse them once the payments have been made.”
Behavioral Biometrics Ensure You Are You
Fighting APP attacks, account takeover (ATO) and the nasty assemblage of digital tools at the beck of bad actors, companies must leverage “tools such as behavioral biometric authentication to ensure that those initiating payments are who they say they are. These technologies can monitor consumers’ payment habits to determine whether they deviate from the norm and warrant further investigation,” per the Tracker.
FIs can combine these insights with robust data analytics operations to better profile their customers’ payment habits, making fraudulent activity easier to distinguish.
Simility’s Pangam added that “a robust fraud solution built on decades of intelligence combined with advanced machine learning can give merchants more insight and control to fine-tune decisioning based on their unique business needs and tolerance for risk,” adding that “merchants need to get comfortable monitoring their analytics to benchmark their ‘normal’ and block suspicious activity. Merchants can further up their game by tapping into advanced fraud tools that enable [them] to investigate suspicious activity, create custom rules using complex logic and pass custom fields.”