Online fraud and identity theft gaining risky momentum

Surprising emergence of bank branch fraud  

Sydney, Australia: Thursday, 24 November 2016 – Use of stolen identities in fraud events has risen by 80 per cent in the year to June 2016, with 57 per cent of credit application fraud now occurring online, according to new research.

Released today to coincide with the bi-annual Veda Fraud Focus Group, the 2016 Veda Cybercrime and Fraud Report shows that the volume of reported fraudulent activities climbed by a third.

Veda’s Fraud Focus Group gathers representatives from Australia’s big banks, credit unions, card companies, international financial institutions, telecommunication companies, remittance companies, law enforcement officials and anti-fraud experts to discuss strategies to combat cybercrime and fraud.

Veda’s 2016 Cybercrime and Fraud Report extracts data from Veda’s Shared Fraud Database to offer an understanding of cybercrime and fraud in 2016 and beyond, and propose ways for businesses and consumers to keep one step ahead.

Imelda Newton, Veda General Manager, Fraud and Identity Solutions, said the latest insights from the Veda Shared Fraud Database reveal that growth in fraud shows no signs of slowing in 2016.

“Reports of fraudulent online credit applications have gained steady momentum in the past year, making up 57 per cent of all fraudulent applications in the six months to June 2016. This is up from 50 per cent in the same period in 2015, and 45 per cent in 2014,” Ms Newton said.

“This trend is likely to continue into the future, as individuals and businesses become more reliant on the internet for their banking, shopping and other financial interactions.

“Another continuing trend is the growth of identity takeover – the fastest growing type of fraud – where a genuine identity is stolen from an individual and misused for financial gain. This type of fraud goes hand-in-hand with data breaches, which are often a result of online hacking and vicious malware,” Ms Newton added.

Insights from this year’s data identified the emergence of a surprising upward trend in fraud occurence in bank branches.

“Fraudulent credit applications through bank branches are experiencing a resurgence, rising 13 per cent in 2016. It is surprising, given the amount of cameras, witnesses and security controls, that perpetrators can inflict damage within these trusted environments,” Ms Newton said.

“This rise in branch fraud may be a result of banks and other financial institutions continuing to use manual methods when verifying identities. One of the downsides to these manual processes is the subjectivity of manual identity verifications. By using electronic verification the subjectivity is removed and a common standard set of rules can be applied.  

“As online credit providers toughen up rules and technology for the verification of identity, the traditional branches need to adopt the same processes” Ms Newton said.

The Veda 2016 Cybercrime and Fraud Report has also identified five key cybercrime challenges and threats for 2017. 

Among these threats, Veda believes the CEO fraud, or cyberattacks on C-suite executives, will become particularly prominent in the coming year.

“Cybercriminals are becoming more creative. Taking avantage of an employee’s trust has proved to be a successful strategy and can offer access to a wealth of information,” Ms Newton said.

“The key to combatting fraud is to stay on the front foot – there is no such thing as ‘set and forget’ cybercime and fraud prevention system. Fraudsters are constantly on the lookout for new ways to steal information, so businesses and individuals need to be equally tenacious,” she added.

Top five trends in fraud for 2017:

1. CEO fraud, or cyber-attacks on C-suite executives, will grow. Techniques such as ‘spear phishing’, where cybercriminals hook their victims with a malware-infected email that appears to be from a trusted individual or business, will increasingly be used in this kind of attack.
    
2. The commoditisation of the tools of cybercrime will also increase. Cybercriminals will look to build their ‘businesses’ by swapping and selling stolen information and prewritten malware, or by offering their skills for hire, on the dark web.
    
3. State-sponsored cyber espionage will become one of the hottest topics of 2017, as foreign cybercriminals re-double their efforts to digitally infiltrate government and related agencies – both with and without the knowledge of their own governing bodies.
    
4. Ransomware will continue to pose a real threat. Cybercriminals will focus their efforts on organisations, like legal firms or doctors’ surgeries, which hold a goldmine of sensitive personal information but are often less secure than many government or private business databases.
    
5. The ‘paradox of protection’ will come to the fore. As people become more aware of cybercrime, many will attempt to protect themselves by taking their personal information and professional verification tools offline wherever possible. However, by reverting back to offline methods, many individuals and organisations run the risk of leaving personal details vulnerable to being stolen from low-security storage and migrated online.

Veda Fraud Focus Group members contribute data and share access to Veda’s Shared Fraud Database, including confirmed fraud events, details used in previous fraudulent applications and methods of fraud.

The Veda 2016 Cybercrime and Fraud Report can be downloaded here.

For more information please contact: Philippa Hill philippa.hill@veda.com.au