Online fraud research

73% of financial companies report that they were subject to attacks or became victims of a card fraud in 2015. Over the past 10 years, such a large percentage was observed only once, in 2009. Since then, the proportion of organizations suffering from the actions of fraudsters has gradually decreased. But in 2015 there was a sharp jump, and the number of deceived rose immediately by 9%, to 73%.
We at PayOnline, being a processing company, are proud that the percentage of fraud transactions in our last 6 months is as follows:
- by the number of transactions: less than 0.05%
- by amount: less than 0.1%
And this is despite the fact that the conversion passability of payments remains unchanged.
Data AFP (Association for Financial Professionals)
Every year the amount of stolen funds also grew. So, 5 years ago, losses from a card fraud all over the world barely reached $ 10 billion, but in 2014 the amount exceeded $ 16 billion.
Data The Nilson Report
At the same time, the size of the company did not matter much; they attacked both medium-sized companies with annual revenues of up to $ 1 billion and large corporations with revenues of $ 1 billion or more. But the number of accounts of the organization has influenced the choice of fraudsters. Companies whose cash flows were split into a larger number of current accounts (100 or more) were attacked much less frequently.
Data Association for Financial Professionals
The main areas of online fraud activities are e-commerce (according to a forecast by Juniper Research, by 2020 the volume of illegal operations in e-commerce will reach 16.6 billion dollars), banking operations (6.9 billion dollars by 2020 ) and tourism ($ 1.5 billion).
Business Email Compromise
BEC attack
Атака, получившая название BEC (Business Email Compromise — «компрометация деловой переписки»), нацелена на самые разные компании по всему миру — от крупных корпораций до малого бизнеса и некоммерческих организаций.
Злоумышленники, предварительно собрав всевозможную информацию о жертве и ее партнерских связях, имитируют переписку партнеров по бизнесу. В сообщении, представляясь финансовыми или генеральными директорами, мошенники сообщают о смене банка и номера счета для платежных переводов. По словам экспертов, фальшивки выглядят очень правдоподобно. С 2013 года общая сумма ущерба уже превысила $2,3 млрд.
Злоумышленники, предварительно собрав всевозможную информацию о жертве и ее партнерских связях, имитируют переписку партнеров по бизнесу. В сообщении, представляясь финансовыми или генеральными директорами, мошенники сообщают о смене банка и номера счета для платежных переводов. По словам экспертов, фальшивки выглядят очень правдоподобно. С 2013 года общая сумма ущерба уже превысила $2,3 млрд.
BEC is a relatively new type of fraud for financial companies. Despite the fact that financial security specialists are well aware of email-phishing and are doing everything possible to prevent theft, more and more companies are suffering from the hands of BEC scammers. According to the FBI, from October 2013 to February 2016, more than 17.5 thousand companies from 79 countries of the world applied to law enforcement agencies for theft of funds. The company's average losses from a successful attack range from $ 25,000 to $ 75,000. The total amount of damage for the entire period exceeded $ 2.3 billion. And the total number of incidents has increased by 270% since January last year.
A significant increase in the number of successful BEC attacks may indicate that preventing this type of fraud is much more difficult than previously thought, because the main tool of a fraudster in this case is information about the victim company, often public, which is freely available. At the same time, only 45% of organizations around the world are confident that their information security systems are able to counteract modern cyber threats.
In 2015, the majority of finance professionals (64%) reported that they had been subjected to a BEC attack. The victims of fraudsters often became large companies with an annual income of at least $ 1 billion.
Data Association for Financial Professionals
56% of companies caught on the bait, transferred funds through electronic payment systems. 29% used checks. The next most popular means of payment were credit cards and ACH (Automated Clearing House) - an electronic payment network that combines various regional electronic interbank systems, designed for mutual settlements between individuals, enterprises, financial institutions and government organizations.
Data Association for Financial Professionals