It is no longer a question of if financial institutions will become victims of payment fraud – it is now all about “when, from where, at what scale, and for how long” fraud attacks take place, according to digital trust and safety company Sift in its most recent report.
The Sift Q1 2023 Digital Trust & Safety Index highlights the ease at which consumers can engage in payment fraud. In its own survey, it found that 16 per cent of consumers have admitted to, or know someone who has, taking an opportunity to steal online.
A further 17 per cent of consumers had encountered offers online to commit fraud, regardless of whether they accepted or not. The findings paint a worrying picture of the future for businesses, as Sift recognises the beginning of a new era: the democratisation of fraud.
As online fraud has become more accessible to anyone with an internet connection, a growing upward trend of fraud seems unlikely to stop soon. Veteran online fraudsters have begun to recruit customers through open web channels including Telegram forums and TikTok. This has led to these fraudsters being able to scale both their networks and activity, with a fraud-as-a-service model that profits from the expansion of fraud and reaps the rewards from successful attacks.
In some cases, a fraudster steals credit card credentials either by hacking or using malware or a phishing attack. This fraudster uses groups on a deep web forum to obtain a following. They may then advertise the stolen credit card information to buyers.
Sift’s network, which analyses over one trillion events annually, found that payment fraud attacks in fintech jumped 13 per cent between 2021 and 2022. Within fintech, buy now, pay later (BNPL) merchants faced a 211 per cent increase, and crypto exchanges saw an increase of 45 per cent. A 27 per cent increase in payment fraud also hit digital goods and service providers.
‘Implementing a digital trust and safety strategy’
The findings of the Sift report are worrying for businesses and consumers alike. Twenty per cent of payment fraud victims are unaware of what happened to their information after it was exposed. These people do not have any knowledge of who has their personal data or how much of it they have accessed. They are also unaware of how the stolen data is being leveraged against businesses and other consumers.
Jane Lee, trust and safety architect at Sift, discussed the report’s findings. Lee said: “The rapid democratisation of fraud presents even more opportunities for motivated criminals to expand their reach by ‘productising’ their offerings and selling their services to commit fraud against businesses.
“As online fraud continues seeping into everyday internet culture, trust and safety operations have become the single point of failure or success for businesses. Now is the time for companies to ensure they are leveraging the right technology and implementing a digital trust and safety strategy to successfully stop payment fraud while fueling growth with every transaction.”