Cybertonica September FraudTech Digest just landed!
We follow and discuss internally and with customers the most potent and insightful cases of fraud each month to share with the community and to analyse for new product futures. We also follow the dark web and monitor threats for our customers and partners.
Here are the latest headlines in payments and fraud simplified to keep you up to date:
❗ Fraud in the UK at a “national security threat” level
✖️ MPs grill social media giants over fraud
🛡️ £32m of financial fraud stopped in H1 of 2021 – but how much was missed?
🎯 Facebook Marketplace is targeted by scammers
🏦 PISP access via Monzo accounts costs Barclays customer’s millions
⚔️ Amazon is competing with the fraud services of the industry
📞 New hotline: ‘999 for fraud’ in the UK
🛒 Adobe taps PayPal for eCommerce payments
September FraudTech Digest #1
The main banking body UK Finance is demanding that the government take action to tackle fraud. It has announced that the fraud level in the UK is at national security level with £754m stolen from bank customers during the first half of 2021 showing a 30% rise on the same period year ago. This suggests that more than £1 billion will be lost for the year for the first time.
It was reported that cybercriminals targeted children as young as 14 on social media. They also focused their activity on authorised payment fraud (known as push payments), investment fraud and impersonation (social engineering) scams.
Numbers are shocking: bank transfer scams jumped by 71% to £355m loss during the first half of 2021 making it nearly to £2m a day. It was reported a total of 106,164 cases of such fraud, equivalent to 12 people falling prey to fraud every half an hour.
UK Finance indicates that a lot of cyberattacks were happening outside the banking systems and prompted the big tech businesses to take an action in order to lower the fraud rates on their platforms (full article here Via the Guardian).
Cybertonica’s take: the ever-higher level of banking transfer fraud arises from new players and methods entering open banking and payments including push payments, PISP, and ever higher numbers of mobile wallets and neobank cards. Only by controlling multiple channels can we hope to cope.
September FraudTech Digest #2
According to UK Finance, the Police worked with banks, Post Offices, and building societies to prevent £32m of fraud losses in the first half of this year (via International Investment).
This is a big jump (65% up compared to the same period last year) in cybercrime against savers during the Covid-19. What is important to realise is that reported fraud in this area probably captures only 1 in 3 fraud events and 1 in 7 fraud attempts.
The ‘Banking Protocol’ introduced in 2016 has now helped stop £174m of fraud. It showed that branch staff used the protocol 4,782 times (between January – June 2021), saving potential victims an average of £6,672 each.
The figures also showed that the scheme helped to arrest more than 90 suspected criminals totalling 934 arrests since the protocol began.
According to Which? UK consumers have lost around £2.3bn in online scams and many of these came through social media. Researchers also said that another big figure lost – £535m – came from the online investment scams.
UK Finance is calling for more responsibility from social media platforms, while the Treasury Select Committee wants to go further and make these providers accountable for cybercrime that occurs through paid ads. It was said that Silicon Valley shouldn’t be making money from such fraudulent activities and there should be consequences if they do so.
Earlier this year it was revealed that the regulator pays Google £600,000-a-year to post fraud warnings.
In response, Amanda Storey, the UK’s director of trust and safety at Google, wrote in City A.M. that “a problem of this scale requires cross-industry collaboration”. She also suggested that companies should only take advertising money from FCA-accredited customers.
September FraudTech Digest #4
Facebook launched it’s Marketplace back in 2016. This year Facebook’s ecommerce platform hit the milestone of 1bn active users. Naturally, it came under the fraudster radar.
ProPublica’s investigation showed that one Marketplace user’s account was hacked to post around 100 scam listings for mobile phones and cars.
According to the investigation, these scams included fake and suspicious accounts and listings that violate Facebook’s eCommerce policies. Facebook has published a guide to help its users avoid scams online and claims that its combination of human reviews and automated systems protects its users. However, ProPublica says that the firm’s confidence may be misguided. (Via Techradar).
Facebook’s huge outage on Monday 4th of October has shaken the giant to the core. It is NOT believed to be a hack or a cyberthreat incident but rather a misconfigured security and server interface inside the gigantic infrastructure of Facebook and its properties Instagram and WhatsApp. More than £70bn was taken out of the equity value of the company as of Tuesday morning (via Business Standard).
Cybertonica’s take: here are several types of fraud, but most often linked to diverted traffic and fake shops collecting money that should have gone to legitimate online sellers. The real root problem is the inability of checking millions of constantly changing shopfronts automatically. And therefore allowing fraudsters to move from one shop to another or create their own to capture details or divert ad spend or payments for purchases to mule accounts off the platform.
September FraudTech Digest #5
According to Insider, Amazon is set to compete with the likes of the industry and is working on the point-of-sale (POS) solution through Project Santos.
Project Santos was launched in 2020 aiming to work on ideas to compete against its rival the Canadian multi-billion eCommerce platform Shopify.
Amazon’s new solution will enable third-party retailers to process transactions both online and in-store. It will also offer different technological capabilities such as data analytics around inventory. It will also be designed for Prime services, Flex delivery, palm identification system and offer Amazon checkout options (via Finextra).
September FraudTech Digest #6
New initiative to counter threat!: A group of banks and telephone firms in the UK have agreed to launch a new hotline for people who have been victims of fraud.
The new line – 159 – will enable those defrauded to instantly speak to their bank about suspected fraudulent activity and help block it. The hotline will be trialled by Stop Scams UK for the 12 month pilot programme.
Customers of Barclays, Halifax, Bank of Scotland, NatWest, Royal Bank of Scotland, Ulster Bank, Starling Bank and Santander are now able to access ‘159’ number. This represents 70% of current account holders.
Telephone companies taking part in the trial are BT, EE, Plusnet, Gamma, O2, giffgaff, TalkTalk, Three, Sky and Virgin Media. They represent 80% of UK mobile phones and landlines (Read more via Mirror).
However, the customers of four major banks: HSBC, Virgin Money, Nationwide and Monzo, are not included because the initiative is using keypad options and there was a limit on numbers. This leaves over 34m UK customers waiting till the next year – read more here via The Times.
The aim of the Adobe unified platform is to provide customers with a seamless user experience as merchants will be able to accept popular payment methods, will no longer have to use multiple logins, manage reports from different systems etc.
The Payment Services will be first enrolled in the U.S. by the end of 2021. Merchants will be able to access it using Magento Open Source. Adobe said it plans to expand further internationally to territories such as Australia, Canada and Western Europe in 2022.
We also send monthly news via our newsletter. Don’t miss out – sign up here.
While you are here why not look at the previous months’ news: