Uncategorised

TIme is running out to attend the Fraud Prevention Summit
By:

Can you join 60 of your peers as a delegate at the Fraud Prevention Summit on the 6th November 2024 in London? Places are running out fast!

Attendance to the is completely FREE and includes meetings with top suppliers, inspiration and knowledge sharing from our educational speakers, opportunities to network with your peers, lunch and refreshments throughout, and much more!

This event in unlike a traditional trade show with NO hard sell!

Places are limited and going quickly! – Book your place here or please contact us here if you’d like more info.

Should the SFO be scrapped? The IEA thinks so
By:

The Institute of Economic Affairs has published a paper asserting the Serious Fraud Office (SFO) should be replaced with a new body dedicated to combating economic crime with greater emphasis on prevention.

In the paper, the IEA says the SFO has been plagued by a series of high-profile failures, ‘including ethical misconduct and incompetence’. In cites examples, including from 2021 when a high-profile bribery conviction of a former Unaoil executive was overturned due to the SFO’s failure to disclose key material relating to its director’s ‘inappropriate’ communications with a Unaoil advisor during the prosecution.

Economic crime academics Professor Mark Button, Dr Branislav Hock, and Dr David Shepherd are now calling for the SFO to be abolished and the establishment of a Serious Economic Crimes Office (SECO).

The new body would keep powers to prosecute serious fraud, but would also have new responsibilities to deter fraud before it occurs. The office would be expected to develop good practice advice on prevention in closer collaboration with the private sector. 

According to the report authors, the criminal justice system is incapable of addressing the intricate, technical and complex nature of cases involving serious fraud. This is leading to costly delays and, often, failed prosecutions.

The SECO would instead be encouraged to embrace alternative justice mechanisms, including Deferred Prosecution Agreements and using larger fines. There would also be expanded powers to set standards and impose regulatory sanctions. This would include ‘Ethics orders’, which would require corporations to implement ethics and compliance programmes.

The authors also envisage the creation of a register of serious economic crime offenders, modelled on HMRC’s list of individual and company tax defaulters. A spot on the register could result in prohibition from being a company director or selling financial products.

The report suggests enhancing collaboration with private investigators specialising in economic crime. This could involve staff exchanges or outsourcing partial or full investigations to experienced firms such as Kroll, KPMG, or EY.

The paper says that the SFO’s focus on high-profile prosecutions has diverted resources away from other important areas, such as crime prevention and the support of small and medium-sized enterprises that are increasingly susceptible to fraud. 

The proposed SECO would address these gaps by prioritising a more balanced approach, combining enforcement with preventative measures. 

Professor Mark Button, Co-Founder and Co-Director of the Centre for Cybercrime and Economic Crime at the University of Portsmouth, said: “Serious economic crime is at record level and set to continue to rise. The existing structures and approaches are failing to have a significant impact and this report sets out a wide range of innovative reforms and actions to cope with this increasing challenge.”

Dr Branislav Hock, Co-Editor in Chief of the Journal of Economic Criminology, said: “Segregated serious economic crime policing structure in the UK requires new enforcement authority that operates above the surface of institutional and procedural complexities.”

Dr David Shepherd, economic crime researcher and Senior Lecturer at the University of Portsmouth, said: “The SFO is hamstrung by its focus on criminal justice and courts that are not fit-for-purpose. Breaking these constraints with a revitalised agency, a new identity and a broader range of regulatory-style powers would better serve the public good.”

ANTI-FRAUD MONTH: Behavioural biometrics is a powerful tool – but how does it work?
By:

Behavioural biometrics, a subset of biometric technology, analyses individual user behaviours to verify identity. Unlike traditional biometrics like fingerprints or facial recognition, behavioural biometrics focus on how users interact with devices, making them more difficult to spoof. Here’s a handy cheat sheet…

How BEHAVIOURAL Biometrics Works

Behavioral biometrics tracks various user behaviors, including:

  • Typing patterns: The rhythm, speed, and pressure applied to keys.
  • Mouse movements: The way a user moves the mouse cursor.
  • Keystroke dynamics: The timing and rhythm of keystrokes.
  • Voice patterns: Unique voice characteristics, such as pitch, tone, and cadence.

By analyzing these patterns, behavioral biometrics can create a unique profile for each user. When a user attempts to log in, their behavior is compared to their profile. If there are significant deviations, it could indicate a potential fraudulent attempt.

Applications in E-commerce, Payments, and Financial Services

Behavioral biometrics is increasingly being adopted in the e-commerce, payments, and financial services sectors to enhance security and reduce fraud. Some common applications include:

  • Account Login: Replacing traditional passwords with behavioral authentication for stronger security.
  • Transaction Authorization: Verifying user identity before authorizing payments or sensitive transactions.
  • Fraud Detection: Identifying suspicious activity by detecting deviations from normal user behavior patterns.
  • Risk Assessment: Evaluating the risk level of a transaction based on user behaviour.

Benefits of BEHAVIOURAL Biometrics

  • Enhanced Security: Behavioral biometrics are more difficult to spoof than traditional biometrics, making them a stronger security measure.
  • Improved User Experience: Behavioral authentication can eliminate the need for passwords, simplifying the login process.
  • Reduced Fraud: By detecting fraudulent activity early, behavioral biometrics can help prevent financial losses.
  • Scalability: Behavioral biometrics can be easily integrated into existing systems and scaled to accommodate large user bases.

Challenges and Considerations

  • Data Privacy: Collecting and analyzing user behavior data raises privacy concerns. Organizations must ensure compliance with data protection regulations.
  • Accuracy: The accuracy of behavioral biometrics can be affected by factors like user fatigue, stress, or illness.
  • User Acceptance: Some users may find behavioural authentication intrusive or inconvenient.

Despite these challenges, behavioural biometrics offer a promising solution for enhancing security in the e-commerce, payments, and financial services sectors. As technology continues to advance, we can expect to see even more sophisticated and effective applications of behavioural biometrics in the future.

Are you looking for Anti-Fraud solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Evgeniy Alyoshin on Unsplash

If you specialise in AI for Fraud Prevention we want to hear from you!
By:

Each month on Fraud Prevention Briefing we’re shining the spotlight on a different part of the market – and in September we’ll be focussing on AI for Fraud Prevention.

It’s all part of our ‘Recommended’ editorial feature, designed to help industry buyers find the best products and services available today.

So, if you specialise in AI for Fraud and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jennie Lane on 01992 374 098 | j.lane@forumevents.co.uk.

Sep – AI for Fraud
Oct – Chargebacks
Nov – Biometrics for Fraud prevention
Dec – Mobile Fraud Prevention
Jan – Digital Identity Verification
Feb – Fraud Prevention Solutions
Mar – Risk Prevention & Compliance
Apr – Financial Crime
May – Multi-factor Authentication
Jun – Digital Identity Verification
Jul – Fraud Detection Tools
Aug – Anti Fraud Platforms

The Holy Grail: Secure, seamless user authentication in payments
By:

Consumers seek a smooth, frictionless user authentication process. Merchants must ensure that online payment methods and transactions are safe from fraud. Feedzai, an AI fraud prevention platform for Acquirers, explains how businesses and merchants can deliver an online payment experience that achieves both.

Security – the right controls at the right time based on the transaction’s risk level – can remove unnecessary hurdles during checkout.

Extra security checks, such as two-factor authentication (2FA), are necessary when buying products from a new website and where the shipping address is different from the billing address on the payment method.

Active authentication methods such as 2FA (user has to input a username and password or code) often receive negative press. A consumer forgetting the password they have set up on 3D Secure with their bank or not receiving the text message containing the code makes it challenging for them to complete their transaction. Passive methods reduce friction and improve convenience for consumers. These methods observe user behaviour on a device, for example, a phone to confirm the user’s identity.

In Europe, where Strong Customer Authentication (SCA) is mandatory, and a joint EBA-ECB report found that SCA is effective in reducing card payment fraud, merchants or their acquirers can actively request Transaction Risk Analysis (TRA) exemptions to 2FA. These exemptions eliminate the need for 2FA on low-risk transactions, streamlining the process for such purchases.

The latest UK Finance Fraud Report revealed that Remote Purchase Fraud (Card Not Present / CNP Fraud) has continued to fall since the UK rolled out SCA, with losses at their lowest level since 2014.  

Fraud is omnipresent. Remote Purchase Fraud still represents a significant value of fraud within the UK ecosystem, at £360M. Fraud is also migrating to other channels, such as Card ID Theft, which increased 53% in the last year.

To be a useful fraud prevention measure, 2FA should be combined with other components to create an effective fraud strategy. The balance is the right mix of enhanced security and strong user authentication for a smoother consumer experience in online payments.

ANTI-FRAUD MONTH: Identifying core and specialist solutions for retail and financial services
By:

The retail and financial services sectors are prime targets for fraudsters. For senior anti-fraud professionals, understanding and deploying the right anti-fraud solutions is crucial. Here are the key solutions in demand among delegates at the Fraud Prevention Summit…

Core Anti-Fraud Solutions

  • Fraud Prevention Systems: These systems use algorithms and machine learning to identify suspicious transactions in real-time.
  • Identity Verification Tools: Verify customer identity through various methods, such as biometric authentication,document verification, and address verification.
  • Device Fingerprinting: Detects and analyzes device characteristics to identify potential fraudsters.
  • Behavioral Biometrics: Analyzes user behavior patterns to identify anomalies indicative of fraudulent activity.
  • Chargeback Management Solutions: Helps manage and dispute fraudulent chargebacks.

Specialized Anti-Fraud Solutions

  • Payment Fraud Prevention: Specifically designed to detect and prevent payment card fraud, including card-not-present (CNP) fraud.
  • Account Takeover Prevention: Protects customer accounts from unauthorized access.
  • Fraud Investigation Tools: Provides tools for investigating fraudulent activity and gathering evidence.
  • Customer Education Tools: Helps customers understand fraud risks and prevention measures.
  • Cybersecurity Solutions: Protects the overall IT infrastructure from cyberattacks that can lead to fraud.

Key Considerations for Anti-Fraud Solution Selection

  • False Positive Rates: Evaluate the solution’s accuracy in identifying genuine transactions and minimizing customer inconvenience.
  • Integration Capabilities: Ensure seamless integration with existing systems and data sources.
  • Scalability: Choose a solution that can adapt to changing fraud trends and business growth.
  • Cost-Benefit Analysis: Assess the return on investment for each solution, considering both cost and potential fraud losses.
  • Data Privacy: Ensure compliance with data protection regulations when handling customer information.

By carefully selecting and implementing the appropriate anti-fraud solutions, senior anti-fraud professionals can significantly reduce the risk of financial loss and protect the reputation of their organizations.

Are you looking for Anti-Fraud solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Towfiqu barbhuiya on Unsplash

AI-enhanced malicious attacks and soft ransomware targets front of mind for risk execs
By:

Concern about artificial intelligence (AI)-enhanced malicious attacks have again topped Gartner’s emerging risk rankings in the second quarter of 2024, while new concerns regarding soft ransomware targets are also coming to the forefront of enterprise risks.

“Similar to AI-enhanced malicious attacks, soft ransomware targets require minimal experience and cost to cause significant financial and reputational damage,” said Gamika Takkar, director, research in the Gartner Risk & Audit Practice.

During the second quarter of 2024, Gartner surveyed 274 senior risk executives and managers to document and compare emerging risks, which are those that hold higher uncertainty because their evolution is rapid, nonlinear, or both.

Three of the top five most cited emerging risks are in the technology category (see Table 1) and new concern regarding soft ransomware targets enter the tracker for the first time. Escalating political polarization, which first entered the tracker in 4Q23, held steady as the third most cited concern, while misaligned organizational talent profile moved up from the fifth to fourth most cited risk.

Table 1: Top Five Most Commonly Cited Emerging Risks in Q2 2024
[Image Alt Text for SEO]

Source: Gartner (JULY, 2024)

Causes of Soft Ransomware Targets

Soft ransomware targets include the types of systems that may be especially vulnerable to ransomware due to underinvestment or technical debt, leading to longer disruptions in business operations when attacks occur. The ease of carrying out such attacks, via what’s known as ransomware-as-a-service (RaaS), allows cybercriminals with even minimal experience and technical skill to deploy attacks at low cost.

“Ransomware-as-a-service lowers the barrier to entry for inexperienced cybercriminals who know just enough about how to attack and disrupt business operations, creating worse impacts than usual when attacks occur,” said Takkar.

Potential Consequences to Mitigate

The potential impacts of soft ransomware targets range from operational disruptions and delay of services, to increased exposure to multi-extortion (e.g., ransom demand follows threats of selling, publishing or permanently deleting data), to increased financial burden in the form of direct and indirect costs. Direct costs include ransoms, remediation, litigation, and public relations, while indirect costs, such as reputational damage and loss of intellectual property, also create burden on the organization.

“While operational disruption and increased costs are dire consequences of soft ransomware targets, the exposure to extortion can impact not just the organization itself, but any and all associated third-parties as well, further underscoring the importance of understanding and preventing such risk,” said Takkar.

Research points to Business Email Compromise as new frontier in AI-powered fraud
By:

A report has highlighted the ingenuity of cyber criminals in using AI to evade detection and maliciously scam individuals and enterprises, analysing 1.8 billion emails globally and detecting 226.45 million spam emails and 16.91 million malicious URLs to identify the email threat trends that impact enterprises the most. 

VIPRE Security Group’s Q2 2024 Email Threat Trends Report says BEC remains a major scourge. Nearly half (49%) of all detected spam emails are attributed to BEC scams, with the CEO, followed by HR and IT, being the most common targets. It takes on a more sinister complexion when a full 40% of the BEC emails uncovered were AI-generated, and in some instances, AI likely created the entire message. 

Q2 2024 saw twice as many evasive malicious attachments compared to the previous year, underlining the sophistication of modern email exploits. Entities without measures to detect these advanced threats could find themselves in hot water, facing double the risk compared to 12 months ago.

The research identified 16.91 million malicious URLs, a 74% rise from the previous year. This surge highlights the growing use of advanced evasion techniques by attackers.

Emerging trends in phishing and malspam 

Phishing remains a dominant threat with attackers favouring URL redirection and cloud-hosting services. Cloudflare Turnstile was the most commonly used technique (51%) in phishing emails. Cloudflare Turnstile is a free service designed to protect websites from malicious traffic and functions as an advanced CAPTCHA alternative. 

A significant shift in malspam tactics is observed. 86% of malspam emails used malicious links and only 14% contained attachments – a reverse of the Q1 2024 trend, where 78% of malspam emails contained malicious attachments, while only 22% used malicious links. This swing may be due to the increasing difficulty in detecting malicious links leading to seemingly legitimate websites that harbor infected links. 

Threat actors increasingly targeted the manufacturing sector with 25% of email attacks, followed by retail (which was absent from 2023’s targets) at 20% and real estate at 11%. Attackers appear to be focusing on industries perceived as lacking advanced cybersecurity measures. In 2023, finance led the way with 25% of email attacks, and manufacturing surged to 43% in Q1 2024, a top position the sector continues to hold. 

Regional spam sources 

The US continues to be the top contender when it comes to sending and receiving spam (receiving nearly half of all phishing emails), most likely thanks to its vast data center infrastructure. Consistent with last quarter, the UK was the second-largest source of spam, followed by Canada, Sweden, and Iceland; three countries that failed to make the list either last quarter or this time last year. 

“As AI technology advances, the potential for BEC attacks grows exponentially. Malefactors are now leveraging sophisticated AI algorithms to craft compelling phishing emails, mimicking the tone and style of legitimate communications,” Usman Choudhary, Chief Product and Technology Officer, VIPRE Security Group, says. “The next wave of BEC attacks could see attackers using AI to dynamically analyse and exploit real-time information, creating tailored and contextually accurate scams nearly indistinguishable from genuine correspondence. Enterprises must stay ahead by adopting robust AI-driven defenses and continuously educating their workforce on emerging threats.”

To read the full report, click here: VIPRE’s Email Threat Trends Report: Q2 2024.

HSBC, John Lewis, Sky and more will be attending the Fraud Prevention Summit – Will your organisation be joining them?
By:

The Fraud Prevention Summit enables you to network with peers, meet with leading suppliers & enjoy a series of seminar sessions – delegate places are going fast, so secure yours today to avoid disappointment!

Wednesday, 6th November 2024 | Hilton London Canary Wharf

As a fraud professional, you can attend for FREE – Secure your place here

Add your name to the guest list HERE, where you’ll be joining peers representing the likes of:

  • AS EU Ltd
  • Aspers Casino
  • Baxi Heating UK Ltd
  • Citi
  • Domestic & General
  • HSBC
  • John Lewis Partnership Plc
  • KFC
  • London Borough of Lambeth
  • PWC
  • Senior Plc
  • Sky
  • Tesco Mobile
  • Vanguard
  • Vanquis Bank
  • Virgin Atlantic Airways
  • Vitality
  • Which?

….And many more!

BOOK YOUR FREE PLACE!

As well as multiple opportunities to network with other industry professionals, your pass will also include:

Your own itinerary of 1-2-1 meetings with suppliers, access to our educational seminar programme presented by top industry speakers, lunch and refreshments throughout, personalised attendance options to suit your schedule, and more! – See what you can expect at the event >>>
 

To find out more, please get in touch with me and I will be happy to provide more information.

Cross-border payments boom due to speed and reliability
By:

Cross-border payments are becoming increasingly important to international economies, with around 63% of global consumers using international real-time payments (RTPs) services to send money to family and friends, while 51% use them only to pay for goods and services.

That’s according to the 2024 Financial Services Consumer Survey conducted by GlobalData, which says the G20 roadmap for enhanced cross-border payments aims to improve the speed, access, transparency, and cost of international payments by 2030. In its most recent update in October 2023, the Financial Stability Board reports there is a shortfall against G20 targets in the proportion of retail services that make funds available to the consumer in an hour (42% vs target of 75%) and in one business day (76% vs target of 100%).

Benjamin Hatton, Banking and Payments Analyst at GlobalData, said: “Real-time payments have become commonplace among domestic payment services. Not only are they considered superior to traditional methods because of their speed, but these services are typically available 24/7, reduce transaction costs, and ease liquidity management for businesses. They also represent the next major step for cross-border payment services, as the volume of cross-border payments also ramps up over the coming years.”

GlobalData estimates that the total volume of cross-border transactions in Europe alone will increase by 58% between 2023 and 2028. A number of international initiatives, such as ‘Immediate Cross-Border Payments’ developed by The Clearing House in the US, EBA Clearing in Europe, and SWIFT, to create a 24/7 USD-EUR payments corridor, are in development to improve cross-border payments.

Hatton continued: “As these developments and initiatives continue, the tradeoff between the ease of creating multilateral channels and the scalability of a truly global system will get harder to overcome. The failure of pan-Nordic initiative P27 illustrates the challenge of collaborating on and executing the vision of a cross-border settlement scheme across jurisdictions. The push for digitalization of consumer payment methods will be key in driving down costs and improving transfer speeds.

“Simplicity and speed of the transfer process is the most important factors for consumers when choosing a cross-border payment provider. While progress has been tangible, there is clearly scope to improve these measures and further reap the rewards from delivering these services.”

GlobalData’s 2024 Financial Services Consumer Survey was conducted in Q2 2024 and had 61,000 respondents across 41 countries.

Photo by Clay Banks on Unsplash