2016 Has the Markings of a Perfect Storm for Fraud

2016 Has the Markings of a Perfect Storm for Fraud

2016 Has the Markings of a Perfect Storm for Fraud2016 Has the Markings of a Perfect Storm for Fraud

Mobile apps are up against advanced adversaries, and the growth of e-commerce functionality added to social media has attracted the attention of cyber-criminals.

Social and E-Commerce Will BlendSocial and E-Commerce Will Blend

To help monetize their user bases and increase stickiness, social networking sites like Pinterest, Facebook and Twitter plan to add “buy” buttons to their platforms. Adding e-commerce functionality to social media will continue in 2016, but it will attract fraudsters.

RecommendationRecommendation

If you have a social property with e-commerce features, consider adding security that can detect both social fraud (fake likes, fake reviews and spam) and financial fraud (for transactions, identity theft and promotion abuse).

EMV Cards and Digital WalletsEMV Cards and Digital Wallets

Card-Not-Present fraud will grow from $10 billion in 2014 to $19 billion in 2018, spurred by the increasing adoption of EMV cards and new digital wallet solutions. These technologies are expected to reduce point-of-sale system fraud and counterfeit credit cards, but fraudsters will monetize fake and stolen credit cards online anyway.

A Perfect Fraud StormA Perfect Fraud Storm

Three trends will power a perfect storm resulting in high levels of fraudulent transactions: Significant increase in e-commerce websites and mobile apps. Increased comfort among consumers to purchase online. Adoption of EMV cards and digital wallets

Global Online-to-Offline WarGlobal Online-to-Offline War

This year online-to-offline (O2O) companies, like Uber and Didi, invested billions to attract new drivers and users through promotions. That is leading to massive user acquisition fraud—drivers make money on subsidies by registering multiple accounts and conducting fake rides.

RecommendationRecommendation

As O2O companies consider global expansion, they should incorporate online fraud detection in their plans so that they can grow fast without being fleeced.

Account Takeovers to RiseAccount Takeovers to Rise

Cyber-criminals will try to monetize stolen user credentials and credit cards via fraudulent credit card attacks in 2016. Worse, they could launch account takeover campaigns and identity theft to drain bank accounts and buy fake goods.

RecommendationRecommendation

Online merchants and consumers should be on high alert for anomalous purchases and account takeover activity to try to prevent breaches rather than react to them.

Cyber-Attackers to Move to CloudCyber-Attackers to Move to Cloud

As cloud services become more pervasive and cost-effective, cyber-attacks will move to the cloud. Fraudsters are already registering huge numbers of free trial accounts and use their computation infrastructure to conduct attacks.

Dedicated/Virtual Hosting Also VulnerableDedicated/Virtual Hosting Also Vulnerable

Dedicated/virtual hosting and anonymous proxies will come increasingly common among cyber-criminals.

Why the Cloud Appeals to Cyber-CriminalsWhy the Cloud Appeals to Cyber-Criminals

The cloud enables cyber-attackers to significantly increase their attacks because of their elasticity and compute capacity. The cloud also allows fraudsters to easily hide behind legitimate network sources and remain anonymous.

RecommendationRecommendation

To protect yourself, go beyond simple IP reputation databases and rules/model space systems to detect attacks. The industry needs more advanced solutions that precisely distinguish malicious traffic emitted from the cloud.

Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Latest Articles