It's not enough to know what fraudsters are up to now. The real question is “what are fraudsters up to next?” Combatting fraud requires staying ahead of these criminals and their constant schemes. Businesses that fail to do so stand to lose a lot to online fraud alone — more than $200 billion collectively through 2024.
There are four rising fraud trends of which companies should be aware and prepared to address.
Digital ad fraud
Digital ad fraud occurs when cybercriminals use robots (bots) to artificially drive up the clicks or impressions an ad receives. Digital advertisers often operate on a pay-per-click or impression model. With digital fraud, the company ends up paying for ad activity or "eyeballs" the ad never actually received. It’s a growing problem. An estimated 36% of display ad clicks are fraudulent or invalid. Digital ad fraud is expected to cost marketers $44 billion by 2022 while technology races to catch up with the criminal sophistication.
Deepfakes use sophisticated audio and video technology to recreate a person’s appearance and voice. When executed well, deepfakes are virtually impossible for the average person to detect.1
Just two years ago there were approximately 15,000 deepfake videos on the web — an 84% increase from the previous year. Criminals have used deepfakes to create “fake news,” as well as to launch social engineering campaigns to gain sensitive financial information. In one high-profile example a deepfake successfully tricked a CEO into thinking his boss wanted him to transfer $243,000 into an account in Mexico.
Rather than cash, criminals are now demanding cryptocurrency in ransomware and account takeover incidents. The total amount ransomware victims paid increased a whopping 311% in 2020.
Synthetic identify fraud
In synthetic identity fraud, criminals combine fake information with authentic data to create a new identity that appears real. For example, they’ll use a real SSN and falsified personally identifying information to establish lines of credit for an individual who doesn't really exist. Synthetic identity fraud is unique in that it can continue for a long time because there isn’t an “authentic” consumer to expose it. The attacks are often processed as credit charge-offs.2 Synthetic identity fraud is poised to become one of the most prevalent types of fraud in the very near future, with losses of $2 billion dollars predicted by 2023.
Technology is the prescription for fraud prevention.
What can businesses do to protect themselves and their customers against emerging fraud? Continue to harness technology in new ways, remembering that every dollar invested in fraud prevention is worth twice as much should fraud occur.3
Switch to document-centric identity verification.
Thanks to numerous data breaches, traditional, self-reported identity verification that is reliant on data is no longer reliable. Businesses are instead embracing a document-centric process as a more secure approach to identify verification.
Adopt biometric authentication.
Biometrics is a very precise, specific measurement that uses physical characteristics to authenticate that a person is who they claim to be. Consumers are becoming more comfortable with using biometric screenings like fingerprint scanning, facial recognition and iris scanning as a better way to validate identity than a password-only approach.4 In fact, 86% say they are interested in using biometrics to make payments or for identification verification.
Develop a fraud-scoring model.
Use red flag indicators to score transactions on your e-commerce site or during customer onboarding. Assign points based on risk, including mismatched billing and shipping addresses, incomplete customer details, or higher-than-average order volume, for example. If multiple flags are raised, closely investigate the transaction or contact.
Automate processes that require identification.
With embedded fraud-detection tools, automation can be a powerful weapon against criminals. For example, automated accounts payable tools can match submitted invoices and purchase orders against account data on file, rejecting suspicious requests. They also make it harder for individuals to forge approvals or backdate transactions. Dual-factor authentication to prevent account takeovers is commonly available with these solutions.
Implement adaptive authentication.
Like multifactor authentication (MFA), adaptive authentication is used for identity verification. But adaptive authentication analyzes a request based on factors like geolocation, behavior, device type and risk. It automatically asks for additional information for high-risk interactions.
Adaptive authentication not only offers greater security but can also reduce friction and increase conversion. The reason is that, unlike MFA, every day or low-risk users won’t require multiple layers of authentication each time they sign in.
Obviously, this isn’t a new technology. But it is a tried and true fraud prevention strategy. Employees are either your first line of defense or a weak link in mitigating theft. Train all employees on red flags and processes to follow if they suspect fraud. Most of all, make sure they know fraud prevention is a critical element of the company culture.
Fraudsters will never run out of schemes to separate victims from their money. But companies can remain a step ahead of these criminals by keeping abreast of fraud schemes and using the latest technologies to protect themselves.
Contact Synovus Treasury and Payment Solutions, your Treasury Consultant, or Relationship Manager to see how Synovus can help.
This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.
You are about to leave the Synovus web site for a third-party site
Third-party sites aren't under our control, and we are not responsible for any of the content or additional links they contain. We don't endorse to guarantee the goods or information provided by third-party sites, and we're not responsible for any failures or inaccuracies. Third-party sites may contain less security and may have different privacy policies from ours.