Identity theft and fraud has reached a new record, with the amount fraudsters took rising to $16 billion.
Javelin Strategy & Research’s 2017 Identity Fraud Study shows a significant increase in the number of people who fell victim to identity theft in 2016—a 16% year-over-year increase to 15.4 million victims, up from from 13.1 million in 2015. This number, representing 6.15% of all consumers, is a record high since Javelin Strategy & Research began tracking identity fraud in 2003.
This translated into $1 billion more in fraudulent takings by the criminals as well.
The study found that despite the efforts of the industry, fraudsters successfully adapted to net two million more victims this year thanks to a resurgence in existing card fraud. That included an increase of 40% in card-not-present (CNP) fraud.
Driven by closing opportunities for point-of-sale fraud and the growth of e- and m-commerce, fraudsters are increasingly moving online, dramatically increasing the prevalence of CNP fraud by 40%. Meanwhile incidence of fraud at the point-of-sale (POS) remained essentially unchanged from 2014 and 2015 levels.
Account takeover bounced back too. After reaching a low point in 2014, both account takeover incidence and losses rose notably in 2016. Total ATO losses reached $2.3 billion, a 61% increase from 2015, while incidence rose 31%. Account takeover continues to be one of the most challenging fraud types for consumers with victims paying an average of $263 out-of-pocket costs and spending a total of 20.7 million hours to resolve it in 2016—that’s 6 million more than in 2015.
The study also found that the increase in EMV cards and terminals in the US became a catalyst for driving fraudsters to shift to fraudulently opening new accounts. At the same time, fraudsters have become better at evading detection, with new-account fraud (NAF) victims being notably more likely to discover fraud through review of their credit report (15%) or when they were contacted by a debt collector (13%).
“After five years of relatively small growth or even decreases in fraud, this year’s findings drives home that fraudsters never rest and when one area is closed, they adapt and find new approaches,” said Al Pascual, senior vice president, research director and head of fraud & security, Javelin Strategy & Research. “The rise of information available via data breaches is particularly troublesome for the industry and a boon for fraudsters. To successfully fight fraudsters, the industry needs to close security gaps and continue to improve, and consumers must be proactive too.”
On a positive note, while fraudsters are becoming better at evading detection, consumers with an online presence are getting better at detecting fraud quicker, leading to less stolen overall per attempt.
Data privacy expert Adam Levin, chairman and founder of CyberScout, told Infosecurity that the report is a “dramatic confirmation that the identity theft chickens have come home to roost.”
He noted a host of recent reports showing a spike in compromises in critical categories (ACI Worldwide shows a 31% increase in retail fraud attempts during the 2016 holiday season; Risk Based Security said there were over 4.2 billion records exposed in 2016 vs. previous record of 3.2 billion in 2013; and Identity Theft Resource Center/CyberScout found a 40% jump in number of data breaches in 2016).
“In 2017, consumers must become better informed as to the risks inherent in this dangerous digital world, be more alert to the signs of individual compromise and know what to do to contain and reverse the damage or take advantage of identity theft protection services offered by their insurers, employers or financial services firms,” Levin said.