- Security TWENTY
- Women in Security
Fraud is on the rise, according to trade body CIFAS. The age of data-enabled fraud has truly arrived, the counter-fraud information sharing body says. Of note during the first quarter of 2012:
Fraud was 30 per cent higher in the first three months of 2012 compared with the same period in 2011, and 13pc higher than the last quarter of 2011. This was driven by a 40pc increase in identity fraud, and an 86% eruption in the take-over of accounts. Misuse of accounts by the genuine account holder rose by 13pc compared with the same period in 2011 and is now the second most commonly kind of fraud committed.
While improved detection techniques used by organisations will according to CIFAS help to uncover more fraud, the levels and types of fraud being attempted and committed are a reality check to businesses, public sector and individuals.
Identity related crime
Crimes relating to the misuse of personal data (eg identity fraud, including impersonation, and the takeover of accounts) constituted over half of all frauds in 2011. The most shocking finding from the first quarter of 2012 is that this surge has accelerated, with nearly two thirds of all frauds (65pc) being directly related to the misuse of personal details, impersonation and takeover of accounts.
Richard Hurley, CIFAS Communications Manager, says: “If anyone was sceptical about the role that identity data or personal details play in fraud, then these figures remove any shred of doubt. Businesses and organisations across the UK and beyond must now recognise that the rules have changed. Data and information – whether digital or not – can no longer be taken at face value. Nor can processes and safety be assumed to be ‘someone else’s responsibility’. By not taking every step to guard their own personal data, both individuals and organisations are effectively leaving their doors and windows open for digital thieves to come and steal it.”
Misuse of accounts
The fraud challenge, however, is not solely created by financial criminals attempting to steal funds from innocent victims. Misuse of facility fraud (where a legitimately obtained account is used fraudulently – e.g. to receive stolen funds, or falsely claiming not to have received goods, cards, monies etc) has risen by about 13pc since the first quarter of 2011. Most disconcerting, however, is that these frauds are as likely to be the result of financial pressures on otherwise honest people as they are to be attributable to those who unwittingly or knowingly allow their accounts to be used for criminal purposes, to receive and send illegal payments.
Richard Hurley says: “Whether the motivation is criminal or simply desperation, these figures demonstrate a dangerous situation. Individuals must be aware that fraudulently misusing an account can have serious consequences, including the withdrawal of services. These figures also indicate that organisations need to do more to educate their customers, and help prevent them from getting into such situations.”
Richard Hurley adds: “Improving fraud detection is excellent news, but prevention will always be better than cure. In these economically troublesome times, therefore, organisations must recognise that the challenges posed by misuse of details and accounts are severe, and invest in proven technologies and techniques to prevent losses to themselves and their customers. Individuals, equally, must recognise that their challenge is to safeguard their own details responsibly and take every step to remove risk, while recognising the truly counterproductive effect that fraudulent use of their own accounts can wreak.”
Pat Carroll, CEO, ValidSoft comments: “The fact that identity fraud and account takeovers were the main drivers for the increase confirms that fraudsters are ever more determined to steal personal data in order to access people’s money. Security technology needs to work on this premise and prevent the fraudsters from being able to use any data which is stolen. As we move towards a more mobile environment, a real-time, multi-layered, multi factor authentication approach to verifying parties to a transaction and the integrity of the transaction itself, should become the norm. Adopting a blend of visible and invisible layers dramatically increases the complexity for the fraudster to conduct a transaction, but increases the ease of use for the genuine customer.”