There are five key factors currently making people and organisations more vulnerable to large-scale cyber fraud.
1. A wealth of stolen data available to fraudsters. Wholesale data theft is one of the fastest growing crimes facing people and organisations today, with hundreds of millions of digital identities compromised every year. Fraudsters are increasingly targeting on-line credentials over previously preferred data, such as credit cards.
2. The exponential growth of malware. After data breaches, malware is the criminal’s key method of obtaining digital identities. From mobile applications to traditional desktop platforms, malware manifests itself in many different forms and its volume is ever increasing. Fraudsters are targeting both end users and enterprises to acquire these valuable credentials for use in sophisticated frauds.
3. The frequent username and password reuse by consumers. Experian’s research revealed that the majority of internet users consistently use a small set of usernames and passwords to secure multiple different accounts; including social media, email and online shopping sites. More specifically, people have on average up to 26 online accounts protected by only five different passwords. This greatly increases the risk that fraudsters can use data stolen from one source to successfully access other accounts held by the same user.
4. An increase of multi-channel interaction between customers and business. People now have access to multiple digital and physical channels, enabling them to interact with businesses, manage accounts and make transactions. However, this diverse channel environment also facilitates the work of cybercriminals as each open channel is an opportunity to commit fraud and securing these channels is a significant challenge for enterprises.
5. The trade-off between security and user experience. As companies consider the necessary steps required to increase online account security, they are conscious that they cannot risk adversely affecting the customer experience. Customers making transactions online today expect a seamless journey and are likely to be put off by onerous visible security procedures.
Fraud today is a complex cycle that starts with data theft and proceeds through a set of discrete staging points, ending with a fraudulent transaction. Rather than being instantaneous, the fraud process can span weeks or even months often with different criminal organisations involved and data changing hands.
The very nature of this cycle, however, means that there are systems that can be put in place to detect and stop such fraud early and before it causes losses that are significant in scale.