Fraud costs increase for a second year – global survey

Cybersource, the Merchant Risk Council (MRC), and Verif recently presented the results of the 2022 Global Fraud and Payments Survey.

The report is based on a survey of merchants from around the globe, who were interviewed about their eCommerce fraud and payments experience.

The survey results provide the merchant community with the latest industry fraud data and fraud management methods used by their peers, along with a set of performance benchmarks that merchants can use to help optimise their fraud management and prevention practices.

Some highlights from the study

Globally, fraud costs have increased for a second consecutive year, yet most merchants did not increase the share of revenue they spend to manage fraud. According to the study, only merchants in North America increased their fraud management spending, likely due, in part, to the significant upticks they registered in costs.

Phishing or pharming, card testing, identity theft, and first-party misuse remain the most prevalent fraud attacks, each affecting more than 3 in 10 merchants globally.

ALSO READ: Phishing alert: Don’t fall for these scams

At least 9-in-10 merchants have experienced at least one fraud management challenge and merchants are struggling to overcome three challenges, on average. The most pervasive and impactful challenges are identifying and responding to fraud attacks, changing business models because of Covid-19 and expanding into new sales channels.

The top priority driving fraud management strategies changed over the past year: More merchants now prioritise reducing fraud and chargebacks as their primary imperative, versus optimising the customer experience, which was the main goal for most in 2021.

Most eCommerce merchants accept payments via digital wallets, direct debit, payment cards, and eCommerce mobile payments. The vast majority encourage customers to pay via these preferred methods, mainly to minimise risk of payment fraud.

How to guard against being a victim of fraud

According to Microsoft.com, the best protection is awareness and education. Don’t open attachments or links in unsolicited emails, even if the emails came from a recognised source. If the email is unexpected, be wary about opening the attachment and verify the URL.

Meanwhile, Absa offers a further understanding of the different types of internet scams that could lead to fraud:

Phishing: The bank explained that phishing as the instance where one might receive an email from a high profiled person, that looks legitimate and requests personal information. The bank advised that if the email is riddled with poor spelling or incorrect grammar, know that it is fake.

Vishing: Vishing is a telephonic fraud tactic that works similar to phishing. The fraudster will call a person, pretending to be a bank representative or other authoritative person, who requires information such as an ID number, banking details and logon credentials for an online banking profile, to solve a problem or prevent the account from being closed. Vishing is difficult to trace, especially now that fraudsters can mask their numbers, leading a victim to believe that the call is from a legitimate source, or by diverting their number to a legitimate number.

SMiShing: “You receive a text message asking you to respond to an allegedly important and official request relating to the security or unblocking of your account.The link will ask you for information like your account number, PIN, password and cellphone number. If the SMS looks legitimate enough and you’re caught off guard, you could end up giving your personal information to a fraudster and fall victim to a SMiShing scam,” the bank warned.

SIM swap, porting and twinning:  If a fraudster has a false copy of a person’s ID, they can use it to do a SIM swap with the network provider and they will have full control and access to that person’s information. They will also receive banking notifications and approval SMSs that the person’s bank sends to them when doing a transaction. Once a hacker has this clear view of the person’s banking activity, it becomes much easier for them to gain access to transfer money without the victim knowing.

419 scams: You receive a letter, email or SMS telling you that you’re going to be sent a large sum of money from the lottery, job offer, or even an inheritance. All you have to do to get this money is provide your account details for the deposit, and send a certain amount of money to ensure that the transfer goes through. The bank advises that in reality, a stranger wouldn’t send you a lump sum randomly, nor would there be any need for you to first part with money to receive money. Unfortunately, many people send thousands before they realise that they’ve been scammed.

ALSO READ: FNB scam alert: Here’s how to stay ahead of online scammers

FNB advises businesses and suppliers to take the extra time and conduct a thorough independent verification before making a payment.

This could be done by ensuring the company has an up-to-date social media presence, or by searching for the company’s address on Google or Google Maps.

Verify if the supplier’s phone numbers and email address is active, and use forums such as Hello Peter or the review section of the company’s Facebook page to search for customer complaints.

Nedbank directed its customers to send emails they suspected might be fraudulent to phishing@nedbank.co.za to verifty whether it was legit or not. It also advised its customers to always read Approve-it messages carefully before accepting them.