Online banking fraud losses topped over £60 million in the UK last year (up from £40.9 million in 2013). Michelle Parkes of the Fraud Women’s Network asks what can be done to stop this upward trend.
Payment fraud can be defined as any fraud that falsely creates or diverts payments. These tricksy fraudsters always seem one step ahead, so how exactly are they managing to perpetuate such large fraud losses?
One of the lessor known, and taking up a smaller portion of the payments fraud marketplace, is the incongruously named ‘friendly fraud’.
There is certainly a change in tactics, from previous attacking of payments technology and systems, to an increase in social engineering scams. These can include your basic phishing scams, where the fraudsters send through emails purporting to be from your bank, social media account etc, and they may be aiming to direct individuals to a fake website which will try and elicit as much personal information as they can. Building on this, with a relatively new term, is vishing. This covers the basics of phishing but undertaken over the phone. Usually the fraudster will claim to be from a financial institution or the police and use very clever and sophisticated social engineering techniques to gain as much personal information as possible from, date of birth to Pin number.
Payments fraud can also include access abuse, where usually someone known to the individual or the corporation, abuses their knowledge of their bank details. This could be little Joey who ‘borrows’ mummy’s credit card to buy himself the latest video game, or that quiet looking one in your finance department who is using the corporate account to pay for his online gambling habit.
One of the lessor known, and taking up a smaller portion of the payments fraud marketplace, is the incongruously named ‘friendly fraud’. This fraud occurs when the account holder purchases an item, but will then ask for a refund as they will fraudulently state that the item has not arrived.
To give an illustration how payment fraud can be undertaken, a recent operation by the Dedicated Card and Payment Crime Unit bought to justice a nine-strong gang who stole £22,000 through unauthorised standing orders in a well-known bank. The insider in the bank targeted elderly banking customers and he would access customer accounts to review ‘healthy’ balances and provide details of the customer signature. The gang would then arrange for standing orders to go to mule accounts who would quickly withdraw the funds from an ATM. Luckily the gang was stopped, in part due to the internal controls within the bank, and they are now serving prison sentences.
So what can financial institutions do to help stem the tide of payment and online banking fraud? At the heart of it is education of their customers. Whether these are the employees of a large corporation or Joe public, they need to understand what they can do to protect their vital information, and be more cautious with the information that they share. If consumers can start being more careful, it can only make it harder for fraudsters to do their ‘job’.
If you wish to read up more on payment fraud, you can visit Financial Action Fraud UK which is responsible for leading the collective fight against financial fraud on behalf of the UK payments industry. Action Fraud is the UK’s national reporting centre for fraud and internet crime and the people to call if you have been scammed, defrauded or experienced cybercrime.