In 2022, when it comes to phishing, application and payments fraud — and all the scams that aim to part us from our money — expect more of what we’ve seen over the last two years of the pandemic, Robin Love, vice president, product management at Early Warning Service, LLC, told PYMNTS.
In what seems to be an inexorable rising tide, account opening transactions have moved from in-person to digital channels. Much of that shift, of course, has been due to COVID.
Although the continued expansion and improvements in the customer experience within digital channels are good things, Love noted that “the shift has opened the doors further” for fraudsters, who now have 24/7 access across multiple points of entry.
Where pre-pandemic fraudsters may have been a bit more careful about trying to compromise face-to-face transactions, the relative anonymity of the internet has given them a bit more cover.
Along the way, application fraud using synthetic identities has proliferated. We’re seeing lenders ending their “forbearance programs” — and, as Love noted, many fraudsters have been lurking in the wings, taking out debt with synthetic IDs (or using stolen identities) and avoiding detection simply because lenders were extending payment periods and taking a longer approach to collection.
Key Attack Avenues
Another key avenue for an attack has been phishing, where an attacker — posing as a trustworthy source — lures a victim into revealing sensitive information they can then use to steal money.
Phishing attacks, she said, “are going to continue as one of the top challenges that the [financial services] industry is going to face in 2022.”
Recent statistics bear this out. Love noted that phishing attacks are responsible for a majority of reported security incidents, and she added that she doesn’t see any of this going away.
In another example, fraudsters are also fashioning organized attacks via bots as consumers’ online account openings increased.
“The bots were just hammering banks’ systems,” she said, “hammering the digital channel to open up accounts using synthetic identity information or real identity information.”
There are avenues through which the financial institutions (FIs) and the consumers can protect themselves.
See also: Digital DNA Helps Online Lenders Make New Account Fraud an Old Problem
Love added that for consumers, there is enough information through the regulatory and consumer protection entities to ensure that individuals who’ve become victims can initiate disputes with companies and various credit rating agencies. However, the pressure has mounted for FIs to detect fraud attempts when onboarding customers.
And yet, introducing new security measures into the mix presents a quandary, Love said, adding, “The FIs cannot slow down the process for good consumers.”
That pressure will be especially acute as payments get faster and faster.
As Love noted, when an individual establishes their account, which is going to ultimately transact with Zelle® (for example, which is owned and operated by Early Warning), the FI “really has to balance security with that customer experience.”
Against that backdrop, a multi-layered approach to account opening is critical, as Love noted. FIs should leverage authentication and identity fraud solutions to ensure that consumers trying to conduct a transaction or open an account are who they say they are.
As FIs grapple with the continued attacks in the new year, she told PYMNTS, “They must continue to ensure that synthetic fraud and identity fraud is not getting in the door.”
Related: FBI Warns of QR Code Cybercrimes
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More