Published: November 3, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
As the appearance and methodology of identity fraud continues to evolve, those at Javelin Strategy & Research have been studying the changes since 2003. Their 2020 Identity Fraud Study is a window into identity fraud trends and how they morph and improve over time. With the continuing advent of new technologies, our response to these changes must include hindering identity fraud now and in the future. The goal of Javelin’s study is to inform consumers, businesses, and financial institutions of the latest fraud detection techniques, including prevention and resolution. Javelin, like other cybersecurity enterprises, believes the better consumers understand identity fraud, the more equipped they are to protect themselves.
The study finds a 5.1% decline in consumer fraud was due to a drop in card fraud. However, there’s a resurgence of high-impact fraud that overshadows the decline. According to the report, the three most prevalent categories of card fraud, listed from the least to the most serious are: Existing card accounts, existing non-card accounts, and new accounts created using a victim’s PII (personally identifiable information).
As cybercriminals see primary targets bolster their security defenses, their response is to target new organizations with their improved schemes. These new targets are caught between an increase in attacks and the limitations due to a lack of investment in their security. They come up short with the ability to stop these attacks due to inefficient technology and the lack of qualified personnel to prevent, detect, and resolve fraudulent attacks.
Since anyone with a Social Security number can be the target of identity fraud, Javelin’s report includes recommendations to help impede identity theft.
IDENTITY FRAUD MITIGATION
Move away from familiar authentication systems such as SMS (text) one-time passwords (OTPs). With a steady increase in mobile phone takeovers (380,000 in 2017 to 679,000 in 2018), SMS OTPs now pose little resistance to determined fraudsters. New authentication avenues like push notifications and biometrics should be used as a deterrent, since the current systems provide few obstacles to fraud.
Use multi-channel alerts. Since SMS OTPs are vulnerable to interception, setting multiple alerts through different channels is recommended. Additional alerts to suspicious and high-risk activity can be setup with financial institutions, payment card companies, and merchants.
Non-bank authentication improvements. Outside of financial services as easy targets, merchants, rewards programs, and other online accounts often lack robust authentication processes. Passwords, security questions, and SMS OTPs are easy targets for fraudsters and need bolstering with additional identity measures.
Remember, those who regularly check for the warning signs of identity theft are less likely to be compromised. Among the biggest clues of identity theft are strange credit card charges and new accounts opened in your name and without your consent. Should you notice these signs, immediately contact your financial institution, the credit bureaus, and the Federal Trade Commission to begin the identity fraud recovery process.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org