New report shows savvier scammers emerging in payments space | #ransomware | #cybercrime

Consumers using payment features for speed and convenience are increasingly targeted by scammers, who rely on heightened emotions to create fraud opportunities.

That’s according to a couple of recent survey releases from Visa.

While the number of individual scam reports from June to December decreased, the payments company said noting one set of findings, total money lost increased. That shows scammers are targeting victims with more effective – and costly – plots.

According to another recent Visa survey, more than one-third of adults surveyed decided not to report scams committed against them, suggesting the losses are higher than reported.

Also apparent: fraudsters are using innovation to swindle unknowing consumers.

“With the use of Generative AI and other emerging technologies, scams are more convincing than ever, leading to unprecedented losses for consumers,” said Paul Fabara, chief risk and client services officer, at Visa, in a release. Read more from Visa’s Spring Threats report.

Top consumer scams highlighted

  • “Pig butchering” scams: Capitalizing on holidays like Valentine’s Day and New Year’s Eve through social media and dating sites, scammers lure victims into online relationships and convince them to invest in fake cryptocurrency trading platforms. Leveraging AI to create more convincing campaigns, pig butchering scams have led to billions of dollars of losses for consumers. Per Visa’s study, 10% of surveyed adults have been targeted in a pig butchering scam.
  • Inheritance scams: Victims are notified about an inheritance left by a long-lost relative, often coming from a seemingly legitimate law firm or other professional entity. Red flags include secrecy, urgency, requests for personal information and the need for an initial payment to secure future gains. And 15% of U.S. adults surveyed by Visa have been targeted in inheritance scams.
  • Humanitarian relief scams: Capitalizing on tragic current events, these scams exploit calls for donations across social media to defraud unsuspecting donors.
  • Triangulation fraud: Threat actors create illegitimate online storefronts offering in-demand products at a low cost to collect payment information. Legitimate merchants fulfill the online order, but payment information is already compromised. Triangulation scams cost merchants up to $1 billion in a single month.

In addition to cardholders, threat actors are continually probing organizations and networks for complex weaknesses, leveraging new technologies to exploit vulnerabilities with far-reaching impacts.

Organizational fraud trends impacting the ecosystem

  • Supply chains and third-party services are increasingly targeted with campaigns designed to maximize the impact of a single breach.
  • Artificial Intelligence (AI) has been increasingly adopted by fraudsters, allowing them to identify vulnerabilities within fraud controls implemented by banks.
  • Purchase Return Authorization (PRA) fraud attacks increased 83% over the previous five-month period, with each successful attack leading to approximately $115,000 in potential fraud losses to banks.
  • Ransomware cases increased 300 percent from June to December 2023 when compared to the same period in 2022. Visa forecasts that ransomware threat actors will continue to target critical infrastructure, including financial organizations.
  • Token-provisioning fraud, which exploits the process of adding a card to a digital wallet, especially on first-day use, was also called out in the report. Fraudsters bypass traditional authentication processes meant to filter out criminals by tricking call-center personnel or using spoofed phone numbers to intercept one-time passwords.
  • So-called enumeration attacks are also on the rise, Visa finds, for which scammers use software to guess the account number, expiration date and three-digit code on the back of cards, building on partial account data they’ve stolen or purchased on the dark web.

Read more at on smart fraud prevention practices.

Rachel Koning Beals is Senior Editor at BAI.

Source link


National Cyber Security