As 2016 comes to a close, what are some the frauds that investigators and security professionals are preparing for in the new year? Cybercrime, banking fraud and anything online rank high on the list. And as many corporations have learned the hard way, protecting data afrom hackers and fraudsters is of the utmost importance.
Using personal identifying information (PII) and stolen credit card numbers, for example, hackers will continue to rack up millions in fraudulent credit card charges. Some online merchants still don't require a CVV validation code to complete an online transaction, making it all the easier for fraudsters to use reams of stolen card numbers to make illicit purchases. At a time when the physical cards have become more secure (chip and pin in Europe, chip in the U.S.), banking by credit card is in many ways less secure than it was just a few years ago.
Beware of the Bots
Even without stolen credit card information, fraudsters can still commit costly schemes. New technology can randomly generate countless credit card numbers, testing and attempting to match them randomly generated CVV validation codes. When they find a match, fraud happens -- without an actual card ever being found, nor the occurrence of a security breach. To make things worse, fraudsters who find a match will place a slew of online orders at once, causing potentially high dollar loss before victims have any idea what is happening.
The Business Email Scam
There has been a troubling increase in a scam known as the "business email compromise" -- hackers generate an email to a company's accounting department, for example, posing as a CEO or similar high-ranking executive, request a high-dollar payment to a "vendor," usually on an urgent basis. The email appears to come straight from the executive's computer. Accounts payable (or whoever has access to payment details) then makes an electronic payment or a transfer into a dummy account set up by fraudsters. Millions have been lost to this scheme, usually committed by overseas fraudsters who live little trace and a slim chance for prosecution.
Fraud will only continue increase in 2017, and changing technology simply provides more ways for criminals to develop schemes and try to stay ahead of investigators. In this climate, it is critical for companies to be prepared and have robust due diligence and internal controls in place so that they have a better chance of preventing and detecting fraud.
The stakes for every organization around the world are high. Assets, reputation and your clients' trust all depend on protecting against data breaches and fraud. In most cases, fraudsters still look for the path of least resistance. So by being better protected than your competitors, you company will look less appealing to online hackers and crooks who are simply looking for easy prey.