Modern technologies such as EMV, 3D-Secure, fingerprint scanning were designed to secure payments and, if not eliminate, then significantly reduce the number of illegal card transactions. But, as research shows, these measures provide only temporary “relief”, because scammers quickly find new ways to deceive. For example, while aggressive efforts to implement fraud detection and countermeasures (FDP) at some major airlines resulted in significant reductions in fraudulent transactions, criminals immediately turned their attention to other weaknesses in the system. A similar situation is observed in almost all areas. Despite the introduction of new standards and the efforts of information security services, reports of theft of funds appear regularly, and, according to experts, the situation will not change in the coming years. On the contrary, Juniper Research analysts predict an increase in the volume of online fraud, which, according to their estimates, will reach $25.6 billion by 2025.
73% of financial companies report that they were attacked or became victims of card fraud in 2015. Over the past 10 years, such a large percentage has been observed only once, in 2009. Since then, the proportion of organizations suffering from fraudsters has gradually decreased. But in 2015 there was a sharp jump, and the number of those deceived immediately increased by 9%, to 73%.
We at PayOnline, being a processing company, are proud that the percentage of fraudulent transactions we have over the last 6 months is as follows:
- by number of transactions: less than 0.05%
- by amount: less than 0.1%
And this despite the fact that the conversion payment throughput remains consistently high.
The amount of stolen funds also increased every year. Thus, just 5 years ago, losses from card fraud worldwide barely reached $10 billion, but already in 2014 the amount exceeded $16 billion.
At the same time, the size of the company did not matter much; they attacked medium-sized companies with an annual income of up to $1 billion, as well as large corporations with income of $1 billion or more. But the number of current accounts of an organization influenced the choice of fraudsters. Companies whose cash flows were divided into a larger number of current accounts (100 or more) were attacked significantly less often.
The main areas of activity of online fraudsters are e-commerce (according to Juniper Research, by 2020 the volume of illegal transactions in e-commerce will reach $16.6 billion), banking transactions ($6.9 billion by 2020 ) and tourism ($1.5 billion).
BEC attack
The attack, called BEC (Business Email Compromise), targets a variety of companies around the world - from large corporations to small businesses and non-profit organizations.
The attackers, having previously collected all kinds of information about the victim and her partnerships, imitate the correspondence of business partners. In the message, posing as financial or general directors, the scammers report a change of bank and account number for payment transfers. According to experts, the fakes look very believable. Since 2013, the total amount of damage has already exceeded $2.3 billion.
BEC is a relatively new type of fraud for financial services companies. Although financial security professionals are familiar with email phishing and do everything they can to prevent theft, more and more companies are falling victim to BEC scammers. According to the FBI, from October 2013 to February 2016, more than 17.5 thousand companies from 79 countries of the world contacted law enforcement agencies regarding the theft of funds. The average loss of a company from a successful attack ranges from $25 thousand to $75 thousand. The total amount of damage for the entire period exceeded $2.3 billion. And the total number of incidents since January last year has increased by 270%.
A significant increase in the number of successful BEC attacks may indicate that preventing this type of fraud is much more difficult than previously thought, because the fraudster’s main tool in this case is information about the victim company, often public and freely available. At the same time, only 45% of organizations around the world are confident that their information security systems are able to counter modern cyber threats.
In 2015, the majority of finance professionals (64%) reported that they had been subjected to a BEC attack. Large companies with annual revenues of at least $1 billion were more often victims of fraudsters.
56% of companies that fell for the bait transferred funds through electronic payment systems. 29% used checks. The next most popular means of payment were credit cards and ACH (Automated Clearing House) - an electronic payment network that unites various regional electronic interbank systems, designed for mutual settlements between individuals, enterprises, financial institutions and government organizations.
73% of financial companies report that they were attacked or became victims of card fraud in 2015. Over the past 10 years, such a large percentage has been observed only once, in 2009. Since then, the proportion of organizations suffering from fraudsters has gradually decreased. But in 2015 there was a sharp jump, and the number of those deceived immediately increased by 9%, to 73%.
We at PayOnline, being a processing company, are proud that the percentage of fraudulent transactions we have over the last 6 months is as follows:
- by number of transactions: less than 0.05%
- by amount: less than 0.1%
And this despite the fact that the conversion payment throughput remains consistently high.
The amount of stolen funds also increased every year. Thus, just 5 years ago, losses from card fraud worldwide barely reached $10 billion, but already in 2014 the amount exceeded $16 billion.
At the same time, the size of the company did not matter much; they attacked medium-sized companies with an annual income of up to $1 billion, as well as large corporations with income of $1 billion or more. But the number of current accounts of an organization influenced the choice of fraudsters. Companies whose cash flows were divided into a larger number of current accounts (100 or more) were attacked significantly less often.
The main areas of activity of online fraudsters are e-commerce (according to Juniper Research, by 2020 the volume of illegal transactions in e-commerce will reach $16.6 billion), banking transactions ($6.9 billion by 2020 ) and tourism ($1.5 billion).
Business Email Compromise
BEC attack
The attack, called BEC (Business Email Compromise), targets a variety of companies around the world - from large corporations to small businesses and non-profit organizations.
The attackers, having previously collected all kinds of information about the victim and her partnerships, imitate the correspondence of business partners. In the message, posing as financial or general directors, the scammers report a change of bank and account number for payment transfers. According to experts, the fakes look very believable. Since 2013, the total amount of damage has already exceeded $2.3 billion.
BEC is a relatively new type of fraud for financial services companies. Although financial security professionals are familiar with email phishing and do everything they can to prevent theft, more and more companies are falling victim to BEC scammers. According to the FBI, from October 2013 to February 2016, more than 17.5 thousand companies from 79 countries of the world contacted law enforcement agencies regarding the theft of funds. The average loss of a company from a successful attack ranges from $25 thousand to $75 thousand. The total amount of damage for the entire period exceeded $2.3 billion. And the total number of incidents since January last year has increased by 270%.
A significant increase in the number of successful BEC attacks may indicate that preventing this type of fraud is much more difficult than previously thought, because the fraudster’s main tool in this case is information about the victim company, often public and freely available. At the same time, only 45% of organizations around the world are confident that their information security systems are able to counter modern cyber threats.
In 2015, the majority of finance professionals (64%) reported that they had been subjected to a BEC attack. Large companies with annual revenues of at least $1 billion were more often victims of fraudsters.
56% of companies that fell for the bait transferred funds through electronic payment systems. 29% used checks. The next most popular means of payment were credit cards and ACH (Automated Clearing House) - an electronic payment network that unites various regional electronic interbank systems, designed for mutual settlements between individuals, enterprises, financial institutions and government organizations.
