- Digital fraud attacks rise during the holidays
- Many attacks are automated
- "Credential stuffing" takes advantage of the growth of digital accounts
While fraud is, unfortunately, a year-round activity not bound to any particular season, the holidays present fraudsters with what could be called a "rich target field."
Digital Transactions cites a report from Arkose Labs that reports "digital fraud, while nothing new for merchants and payment processors, continues to gain momentum and is predicted to surge even higher during the upcoming a holiday season." In fact, Arkose reports that fraud attacks have increased 15% over last quarter and are predicting an estimated 8 million attacks daily during the holiday season.
Types of Digital Fraud
It is important that we understand the types of attacks that are reported. According to Digital Transactions, primary varieties of digital fraud include:
Bot attacks, which use automated Web requests to manipulate, defraud, or disrupt a Web site or application, have increased steadily during 2021, with automation making up 88% of all attacks in the third quarter, the report says. Arkose expects this figure to continue to hold steady and even increase before the end of the year. In 2020, more than 2 million bot attacks occurred between October and December, Arkose says.
Fake-account creation using stolen or synthetically created identities have also been on the rise. During the third quarter of 2021, fake-account registrations increased nearly fourfold from the first quarter of the year and contributed to about two-thirds of all fraud attacks for the quarter. Fake-account creation has become the leading type of fraud attack, the report says. Arkose Labs detected 560 million malicious attempts on registration flows during the third quarter. “Fake accounts open the doors to downstream fraud that directly impacts the bottom line of e-commerce firms” the report says.
Credential stuffing, which accounted for 17% of all fraud attacks during third quarter, continues to grow as criminals aim to capitalize on the growth in digital accounts. During the past year, Arkose stopped 3 billion credential-stuffing attacks, nearly double the number in the previous 12 months. In 2020, digital businesses saw 90% higher volume of such attacks during the final quarter of the year, over the holiday shopping period, the report says.
In addition, the Federal Bureau of Investigations (FBI) warns about two other prevalent scams during the holiday shopping season:
The two most prevalent of these holiday scams are non-delivery and non-payment crimes. In a non-delivery scam, a buyer pays for goods or services they find online, but those items are never received. Conversely, a non-payment scam involves goods or services being shipped, but the seller is never paid.
According to the Internet Crime Complaint Center’s (IC3) 2020 report, non-payment or non-delivery scams cost people more than $265 million. Credit card fraud accounted for another $129 million in losses.
The Supply Chain Issues Causing More Problems
In an article from Rochester First, the news station reports on how the COVID-19 pandemic and the supply chain issues have made it easier for scammers.
“As we get closer to the holidays, we know there’s a microchip shortage, there are supply chain issues, and scammers are going to take advantage of that,” she says.
Referencing the Better Business Bureau (BBB), the article notes that because many individuals are continuing to shop online rather than physical stores, along with the supplies of the holiday's hottest items being limited by the supply chain issues, some of the individuals may be victimized by scammers. And, if you think that the most common victim is the less tech-savvy individual, you are wrong.
When hot items trend over Christmas, —-and experts are saying we might be seeing a big shortage—- the phony websites and offers pop up...
...And those most prone to fall for these hoaxes? Shoppers ages 18 to 24. “They grew up with the Internet, they don’t think about you know, scam websites,” she says.
Safeguarding Your Customers and Payment Channels
While keeping your customer base informed of these types of scams is something all banks should be doing, there are more sophisticated methods for protecting not only your customers, but also your payment channels. Deploying AI technology to help monitor your customers transactions this holiday transactions will be critical, helping ensure that the vendors that they are purchasing from are legitimate.
Furthermore, it is critical that banks not forget to safeguard other payment channels like checks. During the holiday season, it's common for individuals to look for ways to earn some extra holiday cash -- which gives "secret shopper" scams (see example below) and charity fraud the opening they need.
When it comes to scams involving checks -- whether on-us or deposit fraud -- banks need to stay vigilant while also deploying AI and machine learning technologies leveraging image-forensics to complement transactional-based systems, ensuring that customers and the bank are catching fraud attempts before any losses.