Account takeover fraud continues to rise relentlessly
The hijacking of an existing bank, credit card or other account by a third party is something all individuals fear. But this type of fraud is quickly becoming one of the most prevalent fraud threats to individuals and organisations, as new figures from CIFAS – the UK’s Fraud Prevention Service reveal. For example:
* During the first four months of 2012, facility (or account) takeover fraud surged by an astonishing 82% compared with the same period in 2011
* The takeover of plastic card accounts (typically credit cards) has almost doubled since the first four months of 2011, and now constitutes over 40% of all account takeovers
* The internet, which is the channel most favoured by fraudsters, was used to commit 71% of all account takeovers between January to April 2012.
Rise in account takeover
The takeover of existing accounts by third parties can take numerous guises: from one-off hijacks in order to pay for goods, to the complete emptying of an account (such as cancelling existing cards or contracts and ordering replacements to be delivered to the fraudster’s address). In order to commit such frauds, the fraudster has to be able to circumvent the security processes of the organisation that holds the account: and this involves knowing the answers to security questions, passwords, PINs and so on.
CIFAS Communications Manager, Richard Hurley, comments: “Whether it is by computer hacking, social engineering through popular websites (to con personal details from victims), interception of postal details or poor security awareness of individuals, fraudsters who hijack an account can only so do with the right information. This type of fraud increased by 18% in 2011, so to see such a staggering increase in 2012 so far is a real cause for concern. Individuals must, above all things, immediately review their own habits regarding security and passwords, while businesses equally must see these figures as a serious warning that the fraud threat they face is bigger than ever.”
The internet – the fraudster’s channel of choice
The convenience of the internet is something that most consumers would not do without. The same applies to the fraudster. An astonishing 71% of all takeover frauds were carried out online in the first four months of 2012 (compared with 54% in the same period of 2011), with the figures even more alarming for plastic card (e.g. credit card) accounts: where nearly 9 of every 10 account takeovers were committed online.
Richard Hurley notes: “The internet did not create fraud, but the convenience and ease it offers honest individuals is also available to fraudsters. Furthermore, with so many accounts now operated online (and frauds committed in the same way) it is likely that the internet is the channel being used by criminals to obtain the data required to commit these frauds. "
The challenge ahead for consumers and businesses
Richard Hurley concludes: “The takeover of an account requires data: from a password and username, through to PINs or security answers. The availability of data is something that society is coming to terms with, but individuals and businesses must see the clear dangers in these figures: showing how fraudsters are able to exploit habits or systems to acquire such data.
”Regular changes of passwords, using strong passwords with a mix of cases, symbols and digits, a full internet security package and not using unsecured public connections to carry out transactions: these are the minimum standards that consumers must adhere to, in order to minimise the potential of becoming a victim of financial crime.”
CIFAS Chief Executive Peter Hurst concludes: “Businesses that manage to combine convenience with strong security protocols are those that will both prosper and come to be trusted by their customers. Internet security has the potential to become a key factor in the way that consumers choose who to transact with.”