Jet Infosystems has published an expert assessment of annual losses from fraud for three spheres of domestic business - telecom operators, credit and financial and retail companies.
And what is happening in Russia? Experts from Jet did not begin to be original and quoted Karamzin's words for the journalists who gathered for the presentation of the study: "As usual ... They steal, sir ...".
But this was not a revelation, because at the beginning of the year, their analysts predicted about the same level of growth in banking (and not only) fraud, losses from insiders, as well as fraud due to the exploitation of the specifics of business processes. The latter, as it turned out, has a high level of "localization". And not always Western vendors offering their products to combat this phenomenon imagined that such a phenomenon could be encountered in Russia.
1. Russian specificity is invincible
2. Insiders come to the fore
3. Retail: the dark side of the moon
4. Conclusions
Russian specificity is invincible
For example, Europeans and Americans are accustomed to living in debt, and the income they receive is usually used to pay interest and payments on loans. And it would not occur to them to go to the bank and declare that they "lost" money from their plastic card. Usually, in such a situation, the alleged damage is compensated there without any special formalities.
But if suddenly a random check reveals the fact of fraud, then such a person will start serious problems. No, of course, they won't run after him with an iron and a soldering iron. But they can make it so that no bank in this country will work with such a client anymore. And in conditions when cash circulation there is limited to the purchase of ice cream and tickets for transport, this means only one thing - such a person is very unlucky.
In Russia, this and many others are not the case. Let's turn to the diagram below - it shows the losses from the most common fraud schemes in the banking sector in the Russian Federation in 2019 and 2020. All figures are presented in rubles, dynamics in percent.
Bankers in the Russian Federation have to record a two- and almost three-fold increase in damage in just one 2015, and mainly when working with individuals. Moreover, citizens with their cunning plans themselves become victims of professional fraudsters. They are caught using phishing sites (a loss of 612 million rubles), skimming (486 million rubles), as well as “account hijacking” due to the shortcomings of simple authentication technology using only logins and passwords.
If the corporate sector has learned at least to deal with the last point, then in the case of individuals there is a boom in attacks. In addition to the banal theft and compromise of accounts, social engineering "fired". People who are distrustful when visiting legal bank branches easily share anything with scammers in telephone conversations and on social networks.
Insiders came to the fore
Insiders don't lag behind either. Seeing the speed with which banks in the Russian Federation are deprived of their licenses, the personnel who have not yet been reduced are actively preparing a "safety cushion". They carry out unauthorized transactions with customer cards, thereby causing damage to banks for a billion rubles. Experts from Jet Infosystems found a little less than half a billion losses in the illegal issuance of additional account management tools. As a result, only these two points brought 17% losses to the piggy bank with almost 90% growth in relation to 2019.
But that's not all: bank employees losing loyalty to their employer set an absolute record for the increase in damage - the illegal actions of those who falsify production indicators increased by 208% (324 million). How else to get a bonus and bonuses if the flow of clients in banks has sharply decreased, and managers do not want to notice changes in the economic situation.
Alexey Sizov, head of the anti-fraud division of the Information Security Center of Jet Infosystems, noted: “Losses from internal fraud in the banking sector of the Russian Federation exceeded 1.85 billion rubles in 2020. It was here that the most frightening growth tendency (almost 2 times) became apparent”.
All in all, the banks' losses will reach 9 billion rubles with an increase of 26.8%. However, according to the anti-fraud team, this figure can be safely multiplied by three. And the point here is not that analysts with a name in the market cannot count without a calculator, but that the existing legislation does not encourage financial institutions to open all information, allowing them to hide facts in accounting entries. This primarily concerns the shortage of large sums in the corporate segment.
Retail: the dark side of the moon
If bankers try to hire people with higher profile education and maintain long-term labor relations with them, then in trade everything is not so. The average service life of, for example, a cashier in an electronics supermarket does not exceed 9 months. During this time, people, to paraphrase Maxim Gorky, “go through universities”, learning from their colleagues at the neighboring box office.
As already noted, the developers of Western anti-fraud systems could not have imagined such sophisticated fraud schemes. Taking advantage of the fact that during the short period of their work at the checkout it is unlikely that anyone will be able to reveal the facts of fraud, people show wonders of ingenuity.
Loyalty programs have become a real Klondike for them, especially when a client pays in cash, which is far from uncommon in Russia even when buying cars. The cashier makes a fictitious return of goods, pulls out from under the counter a whole set of coupons and bonuses unknown to the customer upon purchase, and voila - he becomes the proud owner of winter studded tires, a trip to warm lands or just money. And a year later, when the results of loyalty promotion campaigns are summed up, this employee works in a different place.
Dealing with such things is extremely difficult. The reason, again, lies in Russian specifics. The official salary of the cashiers-consultants, especially in the cell phone stores, is low. In the best years, employers preferred to turn a blind eye to the "small pranks" of the staff, but now the crisis has come - and it becomes a difficult task to recruit personnel in a company where IT systems to combat fraud are implemented and operate. People simply have no "left income"!
There are a great many other schemes for trading scams. But in order not to become a tutorial for scammers, let us dwell on this and cite the figures of losses in retail: the grocery segment - 6.5 billion rubles (16.2% growth), electronics sales - 7 billion rubles (11.9% growth), clothing trade - 5.1 billion rubles (decline 3.4%). The numbers are impressive!
Telecom showed the maximum amount of losses: 21.8 billion rubles (an increase of 6.8%). However, experts say that telecom operators have long been concerned about this problem. A huge number of security IT and cybersecurity solutions have been implemented, there is a global cooperation of telecom operators to combat fraud. Huge experience has been accumulated. And yet…
An increase in the level of fraud is recorded in the dealer channel and when using e-wallets. Illegal termination showed an increase of 8%, including due to a significant increase in fraud through IT services.
Conclusions
“There is nothing extraordinary in the figures presented, moreover, they were predicted earlier. The main reason is the difficult economic situation in the country: the reduction of business expenses, the intensification of competition, as well as the growth of crime in the country, "said Alexey Grishin, Director of the Information Security Center of Jet Infosystems.
But there are also positive aspects. Andrey Yankin, the head of consulting of this company, spoke about them. According to him, the status of DLP systems in business has changed. From a horror story for staff and an analogue of a mail archive, they are rapidly becoming elements of business processes. The reason is described in detail in the “Insiders” section in the “Banks” section.
Consulting in the field of information security is experiencing a real boom, the growth in the number of personnel here at Jet has grown by 30% over the year. Other players on the market have similar figures. The main tasks of the consultants are in the field of optimization of the information security infrastructure taking into account the crisis. For example, there is an urgent need to reduce the cost of its components without losing functionality, for example, IdM solutions. "Shot" and the topic of Security Operations Centers (SOC). Suddenly, protection of industrial process control systems and penetration tests into information systems were needed.
Surprising but true. Against the backdrop of a fall in the IT market, the information security sector seems to be expected to grow by 10-15% in 2020. So far, the question remains: does this concern only one company on the market or there will be a majority of them. Let's wait for the official results of 2020.
