Records are meant to be broken, but… is this one included?
Crime is infiltrating cyberspace at a pace never imagined possible, thanks to the pandemic and adoption of digital life. At the end of 2021, cybercrime will reportedly cause damages worth USD 6 Trillion, making its size equivalent to the third-largest economy in the world.
The virtual world has become as much a bane as it was a boon a decade ago. From CXOs of large companies to the commoner, everyone has been left stumped at the level of sophistication of cyberattacks. And they show no signs of slowing down.
While we debate the need for better security systems at a company and personal level, here are four top cyber fraud trends that are likely to catch on in the coming years.
#4: Account Takeover Frauds (ATO)
Account takeovers continue to be a nightmare for both financial institutions and the general public. 89% of financial institution executives said that ATOs are the most common digital fraud for them. This type of fraud happens when unauthorised third parties can break into your online bank account, steal information and make fraudulent transactions.
Criminals, in this case, can obtain the login credentials through well-known routes such as malware and phishing attacks. However, they might make inroads through simple cold-calling. Individuals are sometimes unaware of the kind of data they are not supposed to disclose to random people or are brainwashed into doing so. For example, hackers can pose as bank agents and ask for information to gain access to accounts. Or people who befriend strangers on the internet may give away details and be outsmarted.
If losing control of your account wasn’t bad enough, cybercriminals have become smarter with their ATOs so that you never realise what has happened. Large sums of money won’t be transferred to random accounts. Instead, actions will be to the tune of small transactions, password changes, new credit card approvals, etc., to stay under the radar.
The best ATO-prevention technique in recent times has been to implement multi-factor authentication (MFA). This ensures that even if login details are compromised, the added steps such as OTPs, biometrics, and others make it harder for hackers to gain control.
#3: Fraudulent App Downloads
If you take a moment to look around, you will find many people with eyes glued to their phone screens. Wondering what exactly they’re looking at? The chances are high that they’re surfing an app.
Downloads from the App Store or Play Store are not a guarantee of legitimacy. Fraudulent or copycat apps are placed strategically to trap users. They are made to look so accurate that it is impossible to pass them off as being fake.
A recent report stated that a series of such apps on the App and Play Store garnered over 2.4 Million downloads. Furthermore, they earned $500,000 in revenue and were even endorsed by some influencers. These numbers are enough to give you an idea of the extent of this problem.
So how exactly do these fake apps work? First, you are lured into downloading them with some attractive visuals or rewards. Next, you are bombarded with ads, some of which you might click, leading to malware installed on your phone. Or worse, the app could itself contain malware and steal personal data and passwords. And once they’re gone, they’re truly gone.
Given the pace at which smartphone adoption is taking place globally, fraudulent apps are becoming the go-to for cyber fraud. Even going so far as to check the reviews and downloads does not seem enough.
#2: Card Not Present (CNP) Fraud
With the growth and expansion of digital wallets, most transactions do not require you to carry a physical card. Instead, you may just need the card number and CVV or your UPI code to make a payment. However, this leaves you vulnerable because many other sensitive data can be leaked once this information is stolen.
It is hard even to track when a fraud has taken place. After all, you are still in possession of your physical cards. Therefore, even banks may not notice any illegal activity happening from your account.
CNP frauds can take different forms. Your phone or PC might be hacked, especially if you have been using any public WiFi. In other cases, you might click on a spam advertisement or website which can steal your passwords. If you regularly give your card for payments, people may save your card data before returning it to you.
CNP frauds are undoubtedly on the rise, thanks to the booming e-commerce world. The ease with which you place orders is the same ease at which cyber fraud can take place. As a result, you are 81% more likely to face such a fraud than a card-present one.
#1: Bot Attacks
Chatbots are trendy and cool, but they are also here to stay. As businesses look at automating and streamlining their processes, chatbots seem to be at the centre of their strategy. These bots mimic human conversations and save not only money but also time.
Since many businesses, both small and large, are deploying chatbots, they are becoming an increasingly attractive target for criminals. These bots can be compromised in a few different ways.
The first is if the company website and bot are attacked and the information being shared goes straight into the hands of hackers. Another way is if the attacker puts himself between the user and the bot, called a man-in-the-middle (MIM) fraud. Here, you may be redirected to a legitimate-looking website where the attacker presents himself as a bot and steals your data. You may also be lured into clicking malicious links.
The last and quite concerning way is how the average individual can hack and ruin a chatbot. Many chatbots get more competent as they interact with more users because they learn behaviour and responses. However, if manipulated data is fed to them on purpose, it heavily compromises the chatbot’s functionality.
Despite all the talk and statistics around cybersecurity, we are shockingly underprepared. Therefore, as individuals, companies and nations, we can’t defend ourselves and remain in control of our data.
While the pandemic has caught us off-guard and accelerated the need for better safety systems, the race will be lost if the magnitude of cyber fraud is not understood right away.