In 2022, digital fraud experienced a significant increase compared to 2021, with the global attack rate escalating by 20% year-on-year. This escalation continues to reflect the early indications observed in 2021 as more and more economies resumed normal operations following closures caused by the pandemic..
The majority of the world was starting to envision a post-pandemic future, although many Asian countries did not lift their international travel restrictions until mid-2022. Cybercriminals were already taking advantage of the expanding opportunities, as seen in the latest LexisNexis Risk Solutions Cybercrime Report.
Fraudulent attacks experienced a surge early in the year, specifically targeting nations like Singapore that were traditionally less affected. Various scams, including conventional account takeover through phishing and sophisticated authorized push payment fraud, became regular news stories. Reports of large-scale scam centers and gangs in Asia and Eastern Europe further confirmed that scams have evolved into the latest form of organized, borderless digital crime.
As the levels and complexity of fraud escalate, our understanding of the intricate challenges presented by these attacks also grows. Stephen Topliss, vice president of fraud and identity strategy for LexisNexis® Risk Solutions, emphasizes that it is now more crucial than ever to categorize fraud into distinct types.
Topliss highlighted the surge of new, specific types of fraud attacks during the pandemic, such as those targeting pandemic-related financial assistance. Simultaneously, many more traditional forms of fraud noticeably dropped.
“We believe that the reason behind this trend was that many fraudsters themselves were impacted or distracted like non-fraudulent individuals were during the pandemic restrictions,”
said Topliss.
“For instance, if I had been conducting these attacks from home, I might suddenly have had my family around me all the time. This situation would make it more challenging for me to engage in the same activities as before when I have people watching over my shoulder.”
Topliss also attributed the recent proliferation of scam centers, particularly in the Asia Pacific region, to the period after the pandemic ended when such activities were no longer restricted or prohibited.
“All of these factors contributed to a decrease in fraud levels during the pandemic,” he summarized. “However, as economies reopened and restrictions eased worldwide, we witnessed an increase in digital attack rates.”
As the rate of digital fraud continues to rise, cybercriminals have become increasingly sophisticated. This poses a significant challenge for many organizations, as they find themselves unprepared to deal with the unfamiliar onslaught of attacks.
“Traditionally, organizations would rely on a single fraud model to detect and prevent digital fraud,” Topliss explained. “This approach was based on the assumption that fraud was relatively simple and typically involved one or two specific types of attacks.
“As fraud becomes more sophisticated, we have recognized the need for multiple models. Each model is designed to target specific types of scams, allowing us to leverage machine learning techniques to optimize their performance,” said Topliss. “By utilizing historical data, we can train detection models to identify known patterns of fraud and also identify any anomalies that might indicate emerging fraud attacks.”
Cybercriminals take advantage of new and inexperienced digital users, as well as organizations venturing into the digital realm with new services, searching for vulnerabilities and opportunities. However, research indicates that anyone can become a victim of a well-crafted scam. Topliss emphasized that everyone involved in the value chain must enhance their efforts and actively confront fraudsters.
“An organization and the public on their own are not enough. We all need to work together as a team,” said Topliss.
He highlighted that organizations can drive education and that it can be done at the government or regulatory level to educate end users about scams. He also emphasized the importance of organizations taking more specific measures to prevent digital fraud attacks. For example, they can send targeted messages to customers, explicitly stating that as a bank, they will never ask customers to move money into a different account or share their password.
From a technology perspective, organizations should strive to go beyond their current solutions. Topliss highlighted that although authentication is effective in validating users, they can still be deceived into authenticating fraudulent transactions.
“It is crucial to have a layer of detection that examines digital intelligence since we are discussing digital channels here,” said Topliss. “By analyzing the digital intelligence surrounding a transaction, starting from the moment a user logs in to the moment they initiate a transfer or make a purchase, we can determine whether it is genuinely the customer or not.
“If their behavior appears unusual, organizations can send the customer a highly specific message during that digital interaction, rather than a generic warning message that people may start to ignore when they hear it repeatedly.”
Considering the rapid evolution of digital payments, particularly in Asia, with various methods like digital wallets and QR codes, Topliss believes that the challenge lies with organizations that swiftly introduce new digital payment methods. It is crucial for these organizations to prioritize fraud detection and incorporate digital intelligence models into these new offerings.
According to the LexisNexis Risk Solutions Cybercrime Report, mobile apps have emerged as the preferred channel for digital transactions, particularly in emerging markets like Asia. The report highlights that the LexisNexis® Digital Identity Network® analyzed approximately 80 billion digital payment transactions, with more than three-quarters of them originating from mobile channels.
Initially limited to a small number of superapps, an increasing number of organizations are now expanding their customized in-app offerings. They are building interconnected ecosystems within their apps, aiming to provide a seamless experience where customers have no need to navigate outside of the app.
Topliss countered by emphasizing the importance for organizations to consider all the various channels through which they interact with their customer base, particularly with the widespread adoption of mobile apps or mobile usage in general. He stressed the need for organizations to establish a standardized fraud detection approach across these different channels.
“From an organizational standpoint, having multiple channels and touchpoints available to your clients, it is essential to maintain a 360-degree view of your customers from a digital perspective. This enables you to track potential attacks and intervene effectively, ensuring that the attack does not harm the customer,”
Topliss explained.
Given the broad and expanding landscape of such attacks, the classification of different types of digital fraud becomes crucial. By effectively identifying and distinguishing trusted customers, organizations can streamline their analysis and focus on the remaining events to determine which ones are potential attacks. This approach helps prioritize fraud detection efforts and enhances the ability to identify and respond to fraudulent activities.
This level of trusted ‘teamwork’ with customers is particularly high in the financial services field, according to data analysed by the Digital Identity Network®. Additionally, analysis of fraud classifications by region reveals substantial disparities. For example, third-party account takeovers were the most prevalent fraud classification in the Asia Pacific region, while third-party chargebacks were prominent in Latin America and identity theft was a major concern in North America.
Topliss pointed out that organizations in the UK had already implemented fraud detection measures, digital intelligence and layered multiple factors of authentication. This proactive approach compelled fraudsters to concentrate their efforts on a specific type of scam, namely the authorized push payments scam.
“As a result, many of those authentication layers could be bypassed since the victim themselves were authenticating the transaction. That’s why authorized payments scams have become the predominant attacks we observe in the UK and EMEA today,”
he said.
“If we contrast that with Asia, we can see a distinct difference in the approach. Many Asian organizations have traditionally relied more on authentication methods, with less emphasis on utilizing digital intelligence for fraud detection. Consequently, scams that allow fraudsters to take over customer accounts can still be highly successful, even as authorized fraud also continues to increase,”
said Topliss.
The Cybercrime Report also noted an increased prevalence of mule accounts. These accounts serve to receive stolen funds and facilitate the swift transfer of those funds across different banks and borders.
As digital fraud scams and attacks continue to proliferate, the usage of mule accounts also increases, sometimes even involving account owners who are unaware that their accounts are being used for fraudulent activities. However, with the advanced capabilities of the Digital Identity Network, organizations can see patterns of mule account networks in multiple dimensions. For instance, these networks can be examined based on linked payment flows or digital identities.
“We can observe a single digital identity that has access to multiple accounts, which provides a more comprehensive method of identifying mule networks rather than solely following money flows,” said Topliss. “This capability is built upon existing fraud prevention capabilities. Therefore, we are now able to develop mule detection strategies that enhance fraud prevention efforts.”
According to Topliss, the concept of the Digital Identity Network is to combine data-driven event analysis, fraud prevention and global digital intelligence. It achieves this by dynamically creating digital identities that evolve and adapt.
“Over time, we can observe that risky digital identities may be associated with multiple events, which can raise the risk level in both your fraud model and your mule model,” said Topliss.
“This demonstrates that one-model-doesn’t-fit-all. You need to have flexible systems where you can build multiple models, using this global anonymized digital intelligence -– focusing on different types of fraud, but also focusing on new detection,” said Topliss.
LexisNexis Risk Solutions will be hosting a webinar on August 15th, during which Stephen Topliss will delve into the key findings of the Cybercrime Report. Please take a moment to register for this free webinar by clicking here.
To learn more about the Digital Identity Network’s findings, along with detailed insights and solutions on global fraud, patterns and risks of attacks across a range of critical touchpoints, download the full LexisNexis Risk Solutions Cybercrime Report 2022.