Credit, debit, and prepaid card fraud shows no signs of retreat, finds the Sixth Annual Fraud Report from IDology, an Atlanta-based identity-verification company. Sixty-seven percent of executive respondents to an IDology survey said card-based fraud is most prevalent among their industries. That compares to 65% in 2017.
Other fraud types increased, with phishing rising to 48% from 29% and synthetic-identity fraud, when a fictional yet-legitimate-appearing identity is created, increased to 42% from 28%.
“While [phishing] is not a new fraud technique, it continues to be an effective one; 93% of security breaches last year can be linked to phishing,” IDology notes in the report, citing Verizon’s 2018 Data Breach Investigation Report. “This year’s rise in the prevalence of phishing is probably driven not only by how widespread it is, but also by increased awareness among risk professionals of the causal link between phishing and breaches.”
Mobile-device attack increased to 39% from 18%, and automated clearing house/wire fraud rose from 22% in 2017 to 38% this year. Only account takeovers held steady at 49%.
And though the perception of the threat from account takeovers was steady, the threat was not lessened, IDology said. They remain one of the most common fraud types and are a growing problem in mobile channels.
Mobile fraud is especially problematic because there are so many forms it can take, and consumers are increasingly reliant on their mobile devices.
This year, more respondents—33%—said caller-ID spoofing was a problem, up from 19% last year. Porting, when a criminal uses social engineering to get a carrier to transfer ownership of a consumer’s device, jumped to 27% from 16%.
“Americans rely heavily on their mobile devices to manage their lives and conduct business, and thus criminals are increasingly probing and exploiting mobile vulnerabilities,” the report said.
Twenty-five percent of respondents said they felt their industry was least prepared to detect and prevent account takeovers this year, compared with 19% last year. Other contenders for vulnerability were mobile-device attacks, 32%; synthetic-identity fraud, 32%; intellectual-property theft, 22%; payment card fraud, 18%; and phishing, 17%.
In August and September, IDology conducted an online survey of executives in industries including financial services, fintech, health care, insurance, e-commerce, and others, which generated 263 responses.