E-commerce payment fraud soared by 18% from 2015 to 2016, while online banking fraud dropped as cyber-criminals changed tactics to target users directly, according to Financial Fraud Action UK.
The payments industry body revealed e-commerce fraud for 2016 stood at nearly £309 million, although this should be put in context of card spending also increasing by 18% over the period to £248 billion.
FFA UK put the rise in fraud down to an increase in breached data being made available on the darknet and the success of phishing and SMSishing scams designed to trick users into giving up their details.
On the face of it, there was better news for online banking, where related fraud losses dropped 24% to just £102m, while the number of cases increased slightly, by 2%.
However, FFA UK intelligence suggests that this reduction is due to cyber-criminals eschewing traditional attack methods involving the use of malware.
It explained:
“The proportion of prevented fraud has reduced from £7.57 in every £10 in 2015 [to £6 in £10 in 2016], largely due to criminals shifting their methods away from using malware attacks on online banking systems, which bank security processes identified and stopped, and towards methods less susceptible to direct bank intervention, such as scams directly targeting the customer.”
FFA UK director, Katy Worobec, argued that the organization’s “Take Five” campaign can help end users by educating them to remain suspicious of any unsolicited contact.
“Banks take the threat of fraud extremely seriously and continuously invest in advanced detection and verification systems to protect customers,” she added. “At the same time criminals continue in their attempts to circumvent this security by targeting customers for their personal and security information.”
Lisa Baergen, director at anti-fraud firm, NuData Security, explained that many fraudsters are switching to online channels as more countries adopt EMV.
“To detect out-of-character and potentially fraudulent transactions, before they can create a financial nightmare for consumers, we must adopt new authentication methods that can’t be deceived,” she added.
“Solutions that draw from consumer behavior and interactional signals are leading the way to provide more safety for consumers without friction, and less fraud in the marketplace.”