What are the biggest fraud challenges to emerge during the COVID-19 era? According to a new report from Feedzai, card cloning tops the list of major indicators for fraud in both financial services and e-commerce.
With card cloning, criminals copy stolen credit or debit card information and transfer it to a new card. Also known as “skimming,” card cloning is a big business on the dark web, where fraudsters – “carders” – buy and sell stolen payment card data.
But card cloning is not the only danger highlighted in the report. High speed ordering with bot attacks that move quickly and can last for hours is another fraud threat in financial services, as is what Feedzai refers to as “High risk merchant category code (MCC).” Businesses that earn this designation from their bank are typically those with above average chargebacks, as well as a higher risk of fraud potential.
Within ecommerce, the report found that in addition to card cloning, both account takeover (ATO) and suspicious email are among the top three indicators for fraud. With an ATO attack, the criminal uses bots to access an unsuspecting individual’s bank or e-commerce account. This enables a bad actor to access that account and make fraudulent and unauthorized transactions from it. Suspicious email is a broader category that includes common but effective tactics like phishing, and as well as fake emails and email domains.
“It wasn’t just consumers who met the call to digitally transform,” Feedzai’s Quarterly Financial Crime Report reads. “Fraudsters, ever technologically savvy and opportunistic, made the most of the shift.”
Feedzai’s report on financial crime puts current trends in the context of a society that is embracing digital channels at a rapid pace. It notes significant increases in the dollar amounts and value, as well as the number of ecommerce transactions processed between May and September of 2020 compared to the same period last year. Unfortunately, the report also noted a dramatic increase in network fraud this year. “The realignment of holiday shopping trends was also an early gift for fraudsters,” the report reads.
What can financial institutions do to help fight financial crime?
Monitor Card Behavior: Multiple transactions in a short period of time, unusually high dollar amounts per transaction, and a sizable number of merchant codes within a relatively short period time are all potentially indicative of payment card fraud. Leveraging machine learning and AI-powered algorithms to accurately identify these patterns is an optimal way for businesses to keep up pace with the speed and complexity of this kind of fraud.
Track Suspicious Email Domains: High-risk domains, invalid emails, and unconfirmed email addresses are all potential sources of fraudulent activity. Companies can use both software and the services of security specialists who maintain up-to-date information on domains and email addresses that may be used by fraudsters.
Know Your Customer: Knowing what “normal” looks like is the first step to identifying abnormal behavior. By developing an accurate customer profile that takes into account such factors as a customer’s typical log-in times, devices, and time spent on different platforms, businesses can more readily spot behavior that is exceptional, and take further steps to determine whether or not that fraudulent activity is taking place. Feedzai refers to these as “hypergranular risk profiles.”
“COVID has created a big disruption in the banking, payments, and e-commerce sectors with multiple impacts all over the world,” Feedzai Senior Director of Global Data Science Jaime Ferreira said. “Feedzai is in a good position to add clarity to this debate and help financial institutions to understand these complex shifts and how to better protect their customers.”
Feedzai’s Quarterly Financial Crime Report for Q4 2020 leverages Feedzai’s data from more than four billion global transactions from March 20 through September of this year. The report also features information from consumer research surveys of “nearly 2,200 account-holding U.S. consumers.”