Is any identity safe? With most of us now relying on digital products and services to work, shop and entertain, we can be targeted on multiple devices, via various channels – the opportunity for fraudsters has never been bigger, writes Carol Hamilton, Director of Compliance and Fraud Solutions EMEA, GBG.
Identity fraud is no longer a hobby for hackers. It is a full-blown industry, now worth £3 trillion a year. We are now, of course, not only preparing for the long-tail trend of digital transformation, but also adjusting to the short-term acceleration of building our daily lives around digital services and experiences; with that comes a new surge in organised cybercrime and fraud.
While these threats continue to evolve, the underlying themes are often the same, and businesses should be aware of these main fraud risks to better protect themselves and their customers. Even as fraudster activity rises, there are some practical steps that companies can take to navigate the expanding digital fraud landscape.
Awareness of the primary techniques used by fraudsters is vital for businesses if they are to mitigate the impact of rising fraud attempts. And with a staggering 75pc of companies having fallen victim to fraud in the past year, it’s clear that there’s work to be done here.
However, when it comes to individual consumers, the signs of fraud aren’t always easy to spot. In many ways, fraud behaviours have grown in complexity over the past few years, yet individual scams remain simple and straightforward. For example, a scammer can trick consumers into committing fraud via a fake email or phone call, without needing to hack into their bank account or steal personal details. If the consumer is logging on to make a transaction – how are businesses to know whether it’s legitimate or fake?
Money mules are a great example here – in which the ‘mule’ is used to transfer illegal funds on behalf of the scammer. This is becoming more prevalent amongst teenagers and students, who are being targeted on social media by criminals to launder money through their account. Even though they themselves are not the intentional fraudster, the young person is the one committing the crime, making themselves liable.
Whilst these types of transactions are reasonably simple for the scammer, it can be tricky for companies to detect in the data. As I mentioned above, the footprint being left by the fraudulent transaction simply shows a consumer logging into their account and sending money – what you don’t see is the fact that they’ve received a scam call and have been coerced into sending money. However, there are a number of increasingly sophisticated fraud prevention techniques that can be used to stop a scammer in their tracks.
Scammer defences
A key technique used to tackle rising scam threats is profiling based on key behaviours. We can profile victims and customers using data surrounding their usual activities, in order to understand what’s normal for them. For example, if a consumer normally accesses their bank account in the evenings, it would be unusual for them to send a large sum of money to a new payee on a Tuesday morning. At the same time, if a consumer is usually able to set up new payees quickly, it may take them longer if they’re doing this while on the phone to a scammer. Each instance of unusual activity is another red flag for scam activities.
Banks and banking providers can also look at the transaction itself, and consider the end destination of the money. Is the end account connected to fraud in anyway? Is a normal banking customer sending a payment to an identified mule account? If so, more checks should be put in place before allowing the individual transaction.
Authentication likewise plays a crucial role. Adding steps of authentication creates ‘friendly friction’ – interrupting the transaction process to second guess and personalise the journey in line with the needed level of suspicion. For example, once a certain cost or score is reached for a transaction, it can trigger a text or verification step. Ultimately, when there’s a level of suspicion around a transaction, disrupting the journey or adding extra levels of verification is vital not only to put off scammers, but also to ensure the quick, smooth-running of operations for verified customers.
While our increasingly digital world has become a catalyst for scam opportunities, Covid-19 has also changed the nature of fraud. With the majority of the population staying at home and accessing services online, the use of digital platforms has exploded. Everything from shopping and entertainment to banking and everyday communication has taken place online – opening even more opportunities for scammers.
Across the globe, we’ve also seen a spike in desperation and an increase in those looking to exploit the crisis. These scams have taken many shapes and forms, including scams around essential goods and fundraising attempts, targeted fraud attempts on disconnected elderly members of society, and desperate businesses increasing fraud as they try to survive.
Given this shift toward digital-first living, it’s up to businesses to combine technology and data to better combat scammers. Technologies such as AI and machine learning are all helping to improve the profiling techniques and detection of fraudulent accounts, but we also need to be educating consumers as to the dangers and warning signs of these malicious actors The best way to stop fraud is to prevent it, which starts with the end user.
While it’s impossible to apply blanket processes when tackling fraud, education and acting on shared understanding are both crucial. Ultimately, a combination of fraud prevention technologies and improved consumer awareness will help to combat the rise in scams and protect individuals.
See also in a webinar, Carol Hamilton and Max Excell joined by First Abu Dhabi Bank’s Charanjeet Singh and CredoLab’s Michele Tucci for a conversation about harnessing alternative data and machine learning for multi-layered fraud and compliance decisioning.
