Skip to content

Online detective: Trends in the Modus Operandi of the Fraudster in 2021

Maxim Kuzin Apr 19, 2021 10:41:17 AM

Sun Tzu himself pointed out that if you know the enemy and know yourself, you need not fear the result of a hundred battles. So in this series on the Anatomy of the Fraudster we zoom in on how the fraudster works. Because when we know how fraudsters operate and where our (organisations’) behaviour enables them, we can protect ourselves.

So let’s take a look at the ‘fraud-trends’ in 2021.

Social engineering even during a worldwide health crisis

When we focus on online fraud, we might think about huge organisations and systems under attack. But human beings are so much more vulnerable to fraud and hackers than governments or businesses. One deceiving story, or a Business Email Compromise (BEC), and people are tricked into transferring money to criminal bank accounts.

Even now, during a global health crisis, social engineering is the weapon of choice for many fraudsters. Interpol Orange Notice warns, for example, against the falsification, theft and illegal advertising of fake COVID-19 and flu vaccines. 

  • During the first quarter of 2020, almost 1 million COVID-related spam messages were found,
  • and 48,000 malicious URLs were detected. 
  • In January 2021, Europol announced that the world’s largest illegal dark web marketplace had been taken offline in an international operation involving Germany, Australia, Denmark, Moldova, the US and the UK. Half a million buyers and 2,400 sellers were active in this illegal marketplace. 

These are just a few examples of large-scale, cross-border fraud schemes where social engineering was involved. 

Card fraud remains popular

Even though social engineering schemes are popular, card fraud remains the most common type of fraud in countries where card penetration is high.  

The card fraudster buys credit card data on the so-called darknet using cryptocurrency. These data are mostly stolen through phishing or hacking. Card-not-present (CNP) fraud and card-present (CP) fraud are the two main types of card fraud that require different detection and prevention strategies. 

  • Card-not-present (CNP) payment transactions remain fraudsters’ preferred target for the simple reason that the buyer and seller do not meet in person. The anonymous nature of CNP payments makes it much more vulnerable than payment methods where cards and buyers are physically present. CNP fraud involves the unauthorised use of specific credit or debit card numbers, security codes, expiry dates and billing addresses to purchase products and services via e-commerce websites or over the phone. 
  • When card data is stolen in the presence of payment cards (i.e. on ATMs, mobile POS devices) this is called card-presence (CP) Fraud. Most victims aren’t aware of the unauthorised use of their cards until they check the periodical statements. This allows fraudsters to buy time.

Friendly fraud on of the top 3 threats to e-commerce

Even though a friendly fraudster sounds nice, their actions aren’t and still cause a lot of damage. 

Friendly fraud happens when a customer tries to get money back from a legitimate transaction by filing a chargeback. The cardholder received the product but lies to their bank, claiming they didn’t authorise the purchase or they never received the product. The merchant loses the delivered product, the amount paid for the product, and the merchant has to pay a chargeback fee for the disputed transaction.  

According to the FBI, friendly fraud is one of the top 3 threats to e-commerce. It is the most common and costly chargeback fraud scheme. The majority of chargebacks consist of friendly fraud. 

A variation on this friendly approach by a fraudster is the first party application fraud. When fraudsters apply for loans or credit cards by using their own identity, this is called first-party application fraud. After the approval, they cash the loan and disappear below the radar. 40% of application fraud involves using fake IDs or combining stolen data of several victims. 

Hard to detect counterfeit fraud

Skimming or copying is the new counterfeiting. Fraudsters add stolen card data to a fake plastic card to take over the accounts of their victims. The skimming devices can be found everywhere that transactions are done: at gas stations, restaurants, movie theatres or ATMs. A hidden micro-camera may film the PIN code that is being entered. Also, fraudsters can ‘fish’ an individual’s private or financial data through emails, SMS or VM messages (SMS’ing or vishing). 

Skimming isn’t easy to detect. Though, in regions where merchants massively accepted EMV chip-enabled card payments, counterfeit fraud was reduced by 75%. (VISA, 2019). 

Sharp increase in social media fraud scams 

Fraudsters follow their (potential) victims anywhere. And one of the most popular places on the internet is social media. Especially in times where we cannot meet up in person as much as we used to.

Reports of social media fraud scams where victims were tricked into spending vast amounts of money tripled in 2019, with a sharp increase after the worldwide lockdowns increased social media activity. The US Federal Trade Commission announced that reported losses through social media fraud scams climbed to nearly $117M during the first half of 2020. Reported scams often are related to online shopping, romance scams, and fake income opportunities. Many reports involved web shops that didn’t deliver sold products and nearly one-quarter of the victims were ‘seduced’ to buy products or services promoted through deceptive advertisements.

Identity theft victims are getting younger

A remarkable shift is seen in the numbers of Identity (ID) Theft; the people targeted by these fraudsters are getting younger.

Identity (ID) theft happens when someone steals personal information to commit fraud.The identity thief may use your information to apply for credit, file taxes, or get medical services. These acts can damage your credit status, and cost you time and money to restore your good name.

Using stolen or lost cards is named lost/stolen fraud a in payment scheme. A couple of recent cases show the damage caused by this type of fraud. Operation Carding Action 2020 disrupted criminal trade in stolen credit card data on the dark web. Together with law enforcement in Italy, Hungary and the UK, Interpol analysed 90.000 pieces of credit card data and prevented around US$48 million in losses for both consumers and financial organisations. 

While fraudsters used to target the elderly, more younger victims are reported now:

  • A large number of the EU victims now are aged between 41-50 years old, a 43% increase for this age group. 
  • A similar pattern can be seen in the US, where the FTC handled 1.6 million fraud reports in 2019. 33% of these were from people between the ages of 20 - 29, while just 13% were from people over 70 years old.
  • In Canada, Equifax revealed a similar trend, with millennials becoming prime fraud targets.

Account takeover increased by over 50%

Account takeover occurs when a criminal takes over another person’s genuine account. Based on the customers’ personal information obtained through data breaches, fraudsters can impersonate the actual cardholder and request a replacement card by falsely reporting theft or loss. 

If customers do not actively monitor their transaction history, account takeover can go unnoticed for quite some time. 

  • Account takeover has increased by 57% over the last months. 
  • Javelin Strategy found that 40% of takeovers happen within 24 hours of a criminal’s access to a victim’s account. 
  • In 2019, account takeovers were 72% up over the previous year. 

Although the takeover is sometimes hard to detect, tools to prevent it are available. Automated transaction monitoring tools can detect this type of fraud in time - and save a lot of damage.

Fraud Management Solution for the online detective

More and more transactions take place in the digital world and fraudsters follow the money. To prevent and detect fraudsters, the online detective needs digital support. BPC’s Fraud Management solution helps issuers, acquirers and others detect and prevent fraud across all payment channels, in real-time. The SmartVista Fraud Management solution covers real-time transaction monitoring and allows performing statistics profiling on any level – customer, account, card, terminal, merchant or device. 

Do you need better fraud protection for your financial institution? Talk to our team, we can help from ideation to go live and share invaluable experience.