Fraudsters are changing with the times, and Feedzai SVP of product management Andy Renshaw recently shared his thoughts on how they will behave in 2022.
For starters, they’ll be more patient, Renshaw believes. Many online security measures are serving their purpose and eliminating the low-hanging fruit. That has caused the smarter scammers to think bigger in order to maximize their monetization opportunities.
“Instead of quick ‘smash and grab’ attempts that involve breaching an account and quickly transferring money, they will patiently observe a victim’s financial patterns,” Renshaw explained. “This includes details like when their paycheck is deposited and where they shop online.
“With this understanding, they will know when victims receive their pay and when they have the highest amount of money. By conducting layered research using social engineering or personal information obtained from phishing or malware attacks, fraudsters can carefully hone their message to make scams more convincing.”
It’s not only Fintechs that are becoming hyperpersonalized, so are the scammers, Renshaw said. Should they access a potential victim’s financial records, they could infer details of their lives from purchase patterns, and use those guesses to pull money out of them, such as by claiming a previous payment did not get properly processed.
“Because the fraudster uses such specific details, their scams have a better chance of working,” Renshaw said. “Some fraudsters will craft a portfolio of narratives for a wide range of scenarios.”
One thing that has stayed the same is fraudsters taking advantage of greed by offering “get rich quick” schemes. Playing up the FOMO, they craft messages for different demographics in the hopes of landing some fish. Should they get a foot in the door, the operatives turn on the pressure to get them to spend. Cryptocurrencies, given their inherent volatility, are perfect cover stories for fraudsters.
Real-time B2B payments are on the way, and in order to protect stakeholders from fraud operators could look to real-time consumer payments for help, Renshaw said.
“Businesses need to prepare for how this enhanced speed of payments leaves them vulnerable to fraud,” Renshaw said. “If a business loses money in real-time to fraud, the organization will struggle to trust banks that facilitate the transfer. Instant B2B payments opens new opportunities for fraudsters to defraud businesses quickly.”
The Internet of Things and connected commerce also provide unique fraud opportunities, Renshaw said. Whereas in the past consumers had a few accounts from which they conducted their financial activities, they now have those plus PayPal, Venmo, and other accounts. Alexa can even do some banking, as can social media sites.
“If all this sounds like a dream come true for fraudsters, it is,” Renshaw said. “In a connected commerce ecosystem, we expect to see a spike in attacks on IoT-connected devices and social engineering attacks. A disparate arrangement of finances calls for a new approach for banks to manage their customers’ financial risks.”
Challenger banks also face, um, challenges. They need to attract customers, so they simplify onboarding. They also want young customers so they market on social media. Fraudsters take advantage of the lack of physical infrastructure by developing fake personas and other strategies that take advantage of the lack of face-to-face contact between bank and customer.
Millennials and Generation Z are susceptible because they are less familiar with digital banking, Renshaw said. Yes, younger generations are tech savvy but fraudsters have developed several strategies that continually deceive this group. Gen Z falls for fake check scams as often as senior citizens. One in five millennials experienced online fraud last holiday shopping season.
“Fraudsters will also scour these users’ social media accounts for social engineering purposes,” Renshaw concluded.