Online fraud research
Modern technologies such as EMV, 3D-Secure, fingerprint scanning were designed to secure payments and, if not eliminated, then significantly reduce the number of illegal card transactions. But, as studies show, these measures provide only temporary "relief", because fraudsters quickly find new ways to cheat. So, for example, active efforts to introduce detection and anti-fraud systems (FDP) of some large airlines have significantly reduced the number of fraudulent operations, but the criminals immediately turned their attention to other weaknesses in the system. A similar situation is observed in almost all areas. Despite the introduction of new standards and the efforts of information security services, reports of theft of funds appear regularly, and, according to experts, In the coming years, the situation will not change. On the contrary, analystsJuniper Research predicts an increase in online fraud, which, by 2020, is estimated to reach $ 25.6 billion. 73% of financial companies report that they were subject to attacks or became victims of a card fraud in 2015. Over the past 10 years, such a large percentage was observed only once, in 2009. Since then, the proportion of organizations suffering from the actions of fraudsters has gradually decreased. But in 2015 there was a sharp jump, and the number of deceived rose immediately by 9%, to 73%.
We at PayOnline, being a processing company, are proud that the percentage of fraud transactions in our last 6 months is as follows:
- by the number of transactions: less than 0.05%
- by amount: less than 0.1%
And this is despite the fact that the conversion passability of payments remains unchanged.
Data AFP (Association for Financial Professionals)
Every year the amount of stolen funds also grew. So, 5 years ago, losses from a card fraud all over the world barely reached $ 10 billion, but in 2014 the amount exceeded $ 16 billion.
Data The Nilson Report
At the same time, the size of the company did not matter much; they attacked both medium-sized companies with annual revenues of up to $ 1 billion and large corporations with revenues of $ 1 billion or more. But the number of accounts of the organization has influenced the choice of fraudsters. Companies whose cash flows were split into a larger number of current accounts (100 or more) were attacked much less frequently.
Data Association for Financial Professionals
The main areas of online fraud activities are e-commerce (according to a forecast by Juniper Research, by 2020 the volume of illegal operations in e-commerce will reach 16.6 billion dollars), banking operations (6.9 billion dollars by 2020 ) and tourism ($ 1.5 billion).
Business Email Compromise
BEC attack
Атака, получившая название BEC (Business Email Compromise — «компрометация деловой переписки»), нацелена на самые разные компании по всему миру — от крупных корпораций до малого бизнеса и некоммерческих организаций.
Злоумышленники, предварительно собрав всевозможную информацию о жертве и ее партнерских связях, имитируют переписку партнеров по бизнесу. В сообщении, представляясь финансовыми или генеральными директорами, мошенники сообщают о смене банка и номера счета для платежных переводов. По словам экспертов, фальшивки выглядят очень правдоподобно. С 2013 года общая сумма ущерба уже превысила $2,3 млрд.
Злоумышленники, предварительно собрав всевозможную информацию о жертве и ее партнерских связях, имитируют переписку партнеров по бизнесу. В сообщении, представляясь финансовыми или генеральными директорами, мошенники сообщают о смене банка и номера счета для платежных переводов. По словам экспертов, фальшивки выглядят очень правдоподобно. С 2013 года общая сумма ущерба уже превысила $2,3 млрд.
BEC is a relatively new type of fraud for financial companies. Despite the fact that financial security specialists are well aware of email-phishing and are doing everything possible to prevent theft, more and more companies are suffering from the hands of BEC scammers. According to the FBI, from October 2013 to February 2016, more than 17.5 thousand companies from 79 countries of the world applied to law enforcement agencies for theft of funds. The company's average losses from a successful attack range from $ 25,000 to $ 75,000. The total amount of damage for the entire period exceeded $ 2.3 billion. And the total number of incidents has increased by 270% since January last year.
A significant increase in the number of successful BEC attacks may indicate that preventing this type of fraud is much more difficult than previously thought, because the main tool of a fraudster in this case is information about the victim company, often public, which is freely available. At the same time, only 45% of organizations around the world are confident that their information security systems are able to counteract modern cyber threats.
In 2015, the majority of finance professionals (64%) reported that they had been subjected to a BEC attack. The victims of fraudsters often became large companies with an annual income of at least $ 1 billion.
Data Association for Financial Professionals
56% of companies caught on the bait, transferred funds through electronic payment systems. 29% used checks. The next most popular means of payment were credit cards and ACH (Automated Clearing House) - an electronic payment network that combines various regional electronic interbank systems, designed for mutual settlements between individuals, enterprises, financial institutions and government organizations.
Data Association for Financial Professionals
