Last week, I had the pleasure to be part of a panel at Experian’s Vision 2018 Conference. The panel centered around a discussion on how a layered fraud prevention approach is more robust in preventing fraud than a single solution. There are no silver bullets, of course.
What really caught my attention was a question from the audience regarding the future of fraud. It was in response to a conversation about the shifts in fraud we are seeing as a result of EMV technology, namely higher fraud rates in account opening and CNP fraud channels.
In response, my fellow fraud prevention professionals have made a lot of gains in terms of reducing these types of fraud. The person posing the question wanted to know what was next? When does all of this stop?
The general consensus was that EMV was a massive change for the industry because at one time, all doors were closed to fraudsters. Using counterfeit cards was no longer possible, which forced fraudsters to find other ways to monetize.
Don’t be the weakest link
I feel that before any other big jump, fraudsters are going to continue to exploit the weakest links. By that. I mean companies who lag behind competitors in terms of fraud prevention capabilities.
There’s a great example of this from my time at Emailage. A few years ago, we implemented our solution for Gol Airlines in Latin America, who at the time were suffering very high fraud losses.
After we came online, it didn’t take much time for all the displaced fraud to start hitting their main competitors in the region. In the next 12 months, several more airlines were leveraging our technology, since they didn’t want to be the weakest link and suffering the brunt of fraud attacks. What happened next? Fraudsters shifted their sights to Online Travel Agencies.
The same process repeated, we signed the biggest OTA in Latin America and not long after that, the second and third largest were also part of our network. That’s how it goes.
Expect social engineering fraud
Another front that fraudsters will continue to exploit is social engineering. Social engineering represents much more work for the fraudster. But these types of fraud are much harder to identify since you have an actual person participating in the transaction.
Currently, we see this trend coming to light on job posting and dating sites. Fraudsters are recruiting naive people to serve as middlemen (and women) in fraud scams. On a job posting, fraudsters will post a fake job to gain access to personal information that can later be used to gain advantages in CNP fraud. Packages can be delivered to an address, then forwarded to a different address.
What makes it hard for this type of fraud to be identified is that instead of one address, you have several that are used before the merchandise arrives at a final location.
Similar tactics are used on dating websites. Here, financial scams are the primary goal for fraudsters. By opening bank accounts using personal information, fraudsters are able to move stolen money through these accounts in ways that make it very hard to track.
Instead of one account, there are a concentration that can number in the hundreds, all receiving and transferring funds. It’s very hard to track down the final fraudster bank account.
These two trends are ones to watch and are just the tip of the iceberg in terms of social engineering scams.
In order to prevent what is coming, you must first ensure that you are not the weakest link out there. Fraudsters will continue to look for the path of least resistance.
It’s critical to protect your base. To do so requires a layered approach that utilizes the best technology. That’s where Emailage becomes important, in looking at the email address and connecting other attributes like name, address, phone, etc. to give a holistic view of the fraud risk associated with your order.
Social engineering present a very tough problem. As hard as it may be, don’t blindly trust that any transaction is coming from a true individual. Always attempt to find the tenure associated with the count, as well as the number of meaningful transactions.
Fraudsters can always age accounts and relationships to trick your false sense of security. If you require a level of meaningful transactions, this becomes much harder to accomplish.
I invite you to follow me on LinkedIn
Click here to discover how to get secure, intelligent risk assessment using an email address.