Greater connectivity means greater opportunities — not just for businesses and consumers, but also for fraudsters. A recent study released by Forrester Consulting and digital identity provider ID.me speaks to the growing risk of identity fraud and its detrimental effect on consumer confidence.
In the study, the organizations found that the number of identity fraud victims had risen to 15.4 million in the U.S. in 2016, losing a combined $16 billion — just over $1,400 per victim, on average. This latest number represents a 32.7 percent increase in identity fraud victims since 2011, when 11.6 million were affected, according to the study.
The study also surveyed consumer sentiment on the safety of their personal identifying information. Some 90 percent noted feeling concerned in that regard; likewise, more than half of consumers reported they don’t feel in full control of their personal data. Only 16 percent felt they had complete control over their personal data.
“Identity fraud not only costs consumers and businesses money, but also erodes consumer confidence in the institutions that serve them,” Blake Hall, CEO and Co-Founder of ID.me. “When consumers can’t open a bank account or access government services online without feeling anxiety, we’ve got a problem.”
This consumer concern translates to a decrease in confidence in large organizations—which is then exacerbated by data breaches and other security events. The study found that, all told, U.S. businesses lose an estimated $50 billion each year due to identity fraud incidents.
Here are other top cybersecurity stories that made headlines this past week:
One Million Gmail Users Affected By Google Docs Phishing Scam
Late last week, approximately one million Gmail users (or about 0.1 percent of total users) were affected by an email phishing scam. Users received an email in which it appeared a contact had shared a document with them via Google Docs.
If they opened the document, users were brought to a real Google page that required a login and permissions to access email account data. When prompted to continue to Google Docs, users were actually granting permissions to a malicious third-party web app that had been named “Google Docs.”
O2 Confirms Hack Emptied Some Customers’ Bank Accounts
Strong identity authentication measures are only as strong as the network they live on. Digital communications company O2 recently confirmed it was the target of a hack that allowed cybercriminals to intercept and reroute two-factor verification codes.
A number of German customers had their bank accounts emptied after falling victim to a phishing scam that stole their usernames, passwords, phone numbers and bank account details. With this information, the attackers leveraged a weakness in the protocol that connects the back ends of telecom networks to intercept and redirect mobile transaction authentication numbers. This allowed them to overcome the strong authentication measures and withdraw funds from unsuspecting customers.
Simple Cyberattacks Greatest Threat To SMEs
Small and medium-sized enterprises are some of the largest targets for cyber attackers — and analysts warn the attacks don’t have to be big to make a significant impact. Research from eSentire recently found that “rudimentary” cyberattacks on SMEs — including intrusion attempts, policy violations, and information gathering — are some of the most dangerous. Analysts say these strategies comprised some 63 percent of the cybersecurity threats that hit SMEs in 2016.
FBI Sees Wire Fraud Via Email Grow In 2016
From October 2013 through December 2016, a new report from the FBI suggests cybercriminals used business email compromise (BEC) scams to try and steal some $5.3 billion across organizations. A significant number of these attempts came in the last seven months of 2016.
The number of BEC attacks in which hackers asked for transfers via emails that appeared to be from senior-level executives or business suppliers nearly doubled between May 2016 to December 2016, rising from 22,143 to 40,203 in that period. Robert Holmes, a security professional for Proofpoint Inc., told Reuters that the FBI report covered just 20 percent of the total and that the losses could be double.
ATM Skimming On The Rise, Still Rare
Here’s a bit of reassuring news. The National ATM Council recently released the results of its 2017 ATM Skimming Survey, which found that while the number of ATM companies who reported skimming incidents reported had risen to 6 over 2 in 2016, it’s still a rather rare occurrence overall. Nine out of 10 survey respondents reported they had never encountered a skimming device on their ATM routes.