There is now more personally identifiable data, being transmitted on the internet leaving it much more vulnerable for the owner. The days of imitating someone in person are starting to dwindle away. Today, businesses and people need to grapple with proving and validating identities that are hidden behind a computer.
Whilst cybercrime in some respects is relatively new, in some cases, the acts committed from cybercrime aren’t that sophisticated or innovative. From impersonations of companies, or viruses through to hacking of data and account cloning. The more we conduct our lives online, the more vigilant we need to be and the smarter a business needs to be at prevention and detection.
Less is more when it comes to fraud
In 2016 Cybercrime was at an all-time high, making it the fastest growing area of fraud. The number of cyber-attacks targeting UK-based businesses increased by more than half in the second quarter of 2017 according to a new report.[1] This surge in attack may be due to hackers and fraudsters assuming small businesses have lower defences (and resources) in comparison to larger corporations. 1.4 million cyber-attacks and 600,000 crimes involving unauthorised access to personal information (such as hacking of emails, social media or other online accounts), the problem is vast. October 2016 saw a spike in detected loan fraud – caused by a large scale attack affecting a couple of high profile organisations. Statistically, people are 20 times more likely to be a victim of fraud than of a robbery.
The full extent of the problem is still largely misunderstood and reports from the Office for National Statistics (ONS), have only recently started to ask people about their cybercrime experiences in their annual Crime Survey (covering England and Wales). Before the ONS started including cybercrime within its measure fraud was showing a decline. This amplifies the growing problem and it is an area of huge threat for many businesses, and more importantly people and consumers.
In the UK, online fraud is particularly prevalent in bank account fraud (largely through phishing emails). In addition, computer viruses from ransomware cost £1.3m, and hacking £681k.[2]
Research houses including KPMG recently reported that last year there was more than £1 billion pounds of fraudulent activity- a 55% increase compared to 2015. A large proportion of this is cybercrime orientated – with trends seeing criminals attacking less, but targeting larger sums of money such as pensions (costing more than £1m last year).
Tackling the fraud challenge
The UK government announced plans to invest £1.9 billion in cybersecurity over five years with a view to automating and enhancing the country’s cybersecurity defences.
Whilst the government takes time to understand the problem, it’s important businesses don’t sit back and do nothing in waiting. Instead, understand what constitutes cybercrime and where the main risks lie.
Experian’s recent figures show a growth in detected attacks, too. Third party fraud peaked in 2015 and has remained a fairly static in the months since. The younger generation – ‘the Millennials’ – is one of the most vulnerable age groups, with a growth of third party fraud seen among 25-29 year olds last year. Men typically lose three times more money to fraud than women and in 2016 accounted for 65% of fraud losses. Mosaic categories: Transient Renters and Aspiring Home Makers, perhaps the less well-off groups are evidencing the biggest growth of third party fraud. And, for the savvy savers, it is important to identify the trends in attack because fraud is growing in savings accounts, although most targeted is current accounts.
In order to start to solve the problem, it is important to understand it. Whether it’s tracking and monitoring trends, or identifying weaknesses in your systems that are more vulnerable to attack – patterns in fraud can help you better prioritise your efforts and fraud controls.
To summarise the key areas of focus:
- Monitoring device will help in the mobile era
- Online, digital identity verification processes are essential
- Monitoring fraud against products will help identify any areas of particular threat
- Agility is key. Any fraud control should be agile and adaptable to change. API based technology can help to streamline controls and offer an agile framework to build upon.
[1] https://www.energyvoice.com/other-news/143879/cyber-attacks-uk-businesses-increase-52-percent-q2/
[2] ONS June 2016 report