These are the themes of a new report issued by payments processor First Data Corp.
"Fraud Trends in 2010: Top Threats From a Growing Underground Economy" defines the industry's top 10 fraud trends, highlighting the role of internal fraud - a vulnerability that's only grown because of the slumping global economy.
"As we encounter poor economic situations, [insiders] are more apt to take opportunities as they come to [them]," says Charlotte Ritonya, director of product management for First Data's Financial Services division.
Top ThreatsAmong the top fraud trends named as threats to consumers, merchants and banking institutions:
- Malware Attacks - including Trojans such as Zeus, which has infected tens of thousands of computers, pilfering private information, including banking credentials. These attacks have fueled the trend of corporate account takeover incidents that have plagued commercial banking accounts.
- Phishing, Vishing, Smishing and Whaling - the gamut of schemes via which fraudsters pretend to be a trustworthy entity such as a bank or credit card company and attempt to pry usernames, passwords, PINs and other private information from victims.
- ATM Skimming - the increasingly popular crime in which electronic devices are placed over ATM card slots to intercept payment card data.
- SQL Injections - The modus operandi of hackers such as Albert Gonzalez, who committed some of his most notorious crimes by entering Structured Query Language coding into web forms to access and manipulate databases behind the sites or systems.
- Insider Fraud - in which trusted employees and contractors are increasingly taking advantage of their privileged access to steal from corporate and consumer accounts.
Other fraud trends mentioned in the report include counterfeit payment cards, money laundering via "money mules," and crimes committed in virtual worlds such as Second Life.
How to RespondIn terms of responding to these threats, it all comes down to monitoring and securing systems, says Ritonya, who offers three strategies to deter fraud:
- Educate and Deputize Consumers - More than half of today's fraud incidents are discovered by the consumer or victim.
- Stronger Authentication - This goes down to the most basic elements of an account, such as address changes. "By employing mobile technology, you can have a more real-time connection with consumers," Ritonya says. "You can send a quick note (or SMS text) to a customer to ask them if they did request the address change."
- Sharing Experience - with peers about the types of fraud they see and how they are fighting back.
First Data, one of the world's largest electronic payments processors, provides services for more than 5 million merchants and 2,000 card issuers globally. In sharing this report, Ritonya says, the company's objective is to educate customers on strategies and tools to detect and prevent the most prevalent forms of fraud.
"It's really difficult to measure the damage in fraud losses alone," she says. "If an entity is breached, it's damaging to the reputation. Often, consumers abandon the relationship. Whether it's a fast-food chain, a hospitality chain, a financial institution - data breaches really hurt a reputation."