Social engineering scams occur when fraudsters trick their victims into trusting them enough to send either money or personal information. When the victim sends money, it is known as authorized push payment (APP) fraud. Since it can take many forms, each difficult to stop, this fraud type is one of the more troubling types — and it’s on the rise.
For context, there were a record 1,025,968 phishing attacks globally during the first quarter of 2022, the first time the number of phishing incidents surpassed 1 million in a single quarter. It is not just phishing attacks that are up, either. A survey of business executives throughout the Americas found that 44% of respondents experienced a rise in phishing, while 33% experienced a rise in scamming and 17% experienced an increase in criminals using social engineering scams to penetrate company networks.
The month’s edition of the “Digital Fraud Tracker®” explores the world of social engineering scams and how difficult it is to stop this type of fraud.
Around the Digital Fraud Space
One common form of social engineering fraud are romance scams — fraud schemes that cost Americans $956 million in 2021, according to the FBI. Romance scams occur when a criminal, using a fake profile, poses as a potential romantic partner and tricks the victim into sending money. Worryingly, losses are likely much higher because many victims might be reluctant to report the crime out of embarrassment. Experts also believe romance scams are poised to become even more common.
Given the rise of social engineering scams worldwide, law enforcement is stepping up efforts to combat the criminals behind these attacks. For example, 76 countries recently joined an Interpol-led operation to fight social engineering and telecommunications scams. The effort, code-named First Light 2022, spanned two months and resulted in raids on 1,770 locations and the arrest of 2,000 alleged criminals. Law enforcement also froze 4,000 bank accounts and seized more than $50 million in illicit funds.
For more on these and other stories, visit the Tracker’s News and Trends section.
Valley Bank on Preventing Social Engineering Scams
Social engineering scams have opened a new type of fraud for banks to fight against. These scams, which occur when criminals trick victims into sending the fraudster money instead of stealing it themselves, come in several forms and are exceedingly difficult to stop.
In this month’s Feature Story, Milliesia Armogan of Valley Bank talks about how banks can fight social engineering scams and how Valley Bank is responding to the rise of this type of fraud through consumer education efforts.
Understanding Social Engineering Scams
Unlike traditional fraud, in which criminals force their way into systems and steal money or data without victims’ involvement, social engineering scams involve criminals tricking victims into directly participating. Criminals have many methods at their disposal to create the needed deception, including phishing emails, malware-infected ads and links and spoofed phone calls. The rise of faster payment products also aids fraudsters, and fraud on these rails is becoming more common.
For banks and other financial institutions, the victim’s direct involvement makes this fraud particularly difficult to stop, as does the existence of complicated payment ecosystems in which the bank is only one of multiple participants facilitating the transaction. Given these challenges, some industry leaders are calling for cooperation between different actors in this process, including social media companies, payment platforms and government agencies.
To learn more about social engineering scams, read the Tracker’s PYMNTS Intelligence.
About the Tracker
The “Digital Fraud Tracker®,” a PYMNTS and DataVisor collaboration, examines how social engineering scams are becoming more common and why preventing this fraud is particularly challenging.