The global impact of fraud is enormous, with merchants and banks losing over $21 billion annually.
That’s just from debit and credit card abuse.
You also have to factor in malware, data breaches and identity theft — all of which take a huge financial toll on society:
- In 2017, the U.S. reported 16.7 million victims of identity theft (resulting in $17 billion in losses).
- According to the Center for Strategic and International Studies (CSIS) and McAfee, cybercrime is a $445 billion industry worldwide.
As our society becomes increasingly interconnected, future breaches, hacks and fraudulent attacks will have even graver consequences.
Whether as a merchant or a customer, the best protection from fraudulent abuse is education. Not only should you be well-versed in current practices, but you also need to keep an eye on emerging tactics.
While it’s not possible to cover all types of abuse in an article of this length, below are the three biggest existing fraudulent strategies — followed by three of the most dangerous ones on the horizon.
1. Sleeper Fraud
With most credit card fraud, a criminal steals your payment information and begins quickly racking up charges before you have a chance to discover what’s happening.
A common variation of this is “sleeper fraud.”
With this strategy, criminals steal your credit card information or identity and lay low for a while. They may even open “legitimate” accounts in your name without spending too much. This helps to boost credibility — without raising any red flags.
Then out of nowhere, they suddenly start making major back-to-back purchases that wipe out your account and destroy your credit history.
2. Fallback Fraud
EMV credit card machines are designed to read the embedded chips that come with these more secure forms of plastic. Though most EMV terminals can also process legacy magstripe credit cards, as well. Criminals often exploit this fact by cloning legitimate cards and making them look like EMV plastic.
The embedded security chips in the fake cards don’t work, obviously, but the transaction still goes through if the cashier agrees to “fallback” to traditional swipe-and-sign authorization.
Fortunately, fallback fraud is on the decline — either because merchants are more skeptical or because thieves are less brazen. In 2017, fallback fraud accounted for 4.5 percent of all credit card abuse — but in 2018, it represented only 3.2 percent.
3. Chargeback Fraud
If an item ordered online ever arrives damaged or faulty, you’re allowed to reverse the charges with your credit card. The same is true if you see a transaction on your statement that you don’t recognize.
This “chargeback” ability is designed to protect consumers from unauthorized purchases and shady merchants.
Unfortunately, many consumers abuse the system by ordering items with the deliberate intention of initiating a chargeback once it arrives (on time and undamaged). Also known as “friendly fraud,” this type of abuse results in over $31 billion in losses for merchants and banks annually.
4. Bot Attacks
Using stolen credit card data to make fake purchases isn’t new, but the ability to automate this process is.
A criminal working anywhere in the world can unleash thousands of scripted bots that target less secure payment environments. These bots can even be programmed to focus on specific inventory — from jewelry to computers to whatever the criminal desires.
5. Synthetic ID Fraud
With traditional ID fraud, a criminal simply uses a real person’s credentials to open fake accounts. However, synthetic ID fraud is a newer and more dangerous strategy whereby thieves use a combination of real and fake credentials to get started.
What makes this new tactic so devastating is that the information is typically stolen from children — i.e., minors who have legitimate Social Security numbers but who lack the resources to monitor their credit histories regularly. As such, synthetic ID fraud can go on for decades without triggering any alarms.
Using artificial intelligence, it’s now possible to create realistic videos of people saying and doing things they never said or did. Known as a “deepfake,” this machine learning technology already exists — and will only improve with time.
Eventually, criminals could start using deepfakes to defraud or blackmail ordinary consumers. Just imagine how much more convincing a fake Amazon email becomes if it includes a personalized video from Jeff Bezos.
How to Protect Yourself from Fraud
As a merchant, there is no foolproof way to shield yourself from all types of abuse. This is true for existing fraudulent practices. It’s even truer for newer strategies that have only recently caught the attention of security experts.
However, you can dramatically reduce your exposure by taking commonsense steps — such as choosing a PCI-compliant payment processor. You can further mitigate potential risks using advanced fraud security tools including tokenization or point-to-point encryption.
If you’d like to learn more about protecting yourself from fraud, we’re here to help. To get started, schedule a free consultation with our merchant services team today.