Fraud is an adversarial game, and today’s fraudsters are exhibiting a level of organization that mirrors legitimate businesses.
They follow schedules, deploy sophisticated technology, and coordinate attacks to exploit security loopholes.
Take, for example, a network botnet discovered in February and made up of an estimated 30,000 webcams and video recorders. It has been attacking communications service providers and gaming hosting infrastructure businesses.
The threat environment is not solely made up of tens-of-thousands-strong botnets straight out of a science fiction movie, however. Fraudsters are using the old-fashioned postal service for some of their scams. By using stolen personally identifiable information (PII) pilfered from some of 2024’s record data breaches, criminal groups are now sending select high-ranking executives fraudulent snail mail.
Physical paper scam letters claim to be from the BianLian ransomware group and state that the recipient’s corporate IT network has been compromised and that sensitive data has been stolen, Guide Point security reported March 4. They warn that a ransom of $250,000 to $350,000 must be paid, in bitcoin, or the data will be released.
It’s a stark reminder that among the growing array of sophisticated technological tools in a fraudster’s toolkit, one of the most impactful attack vectors remains the human element.
Read also: Business Infrastructure Under Siege as Cybercriminals Target Data Transfer Points
Fraud is on the upswing. The PYMNTS Intelligence report “How Faster Payments Providers Are Reducing Fraud Risks” found that the percentage of financial institutions experiencing increased fraud-related dollar losses rose from 29% to 40% year over year in 2024. Data also showed that 75% of clients would switch providers if they perceived that their banks’ fraud protections were inadequate.
This means that banks must step up their fraud game, and one of the most effective defenses against industrialized fraud is using a broad and dynamic data network.
In April, Intellicheck CEO Bryan Lewis advocated for the development of consortiums and data sharing to bolster identity verification. By pooling resources and sharing verified data, consortiums can establish a robust framework for identity validation, improving trust and confidence in financial transactions.
“If I am dealing with someone in a consortium, I know that they’ve received a stamp of approval,” Lewis said, stressing that security of information and personal details should be a paramount consideration.
Featurespace founder David Excell and Gasan Awad, senior vice president of enterprise fraud product management at PNC, told PYMNTS last week that successful defenses depend on pattern recognition, expanding the channels through which banks communicate with one another to keep abreast of emerging attack vectors, and educating customers. The right data, rendered in real time and scrutinized with behavioral analytics, can pull a payment right when the request is being made, protecting all stakeholders.
The convergence of technological advancements and cybersecurity challenges is reshaping how transactions are conducted globally, as well as redefining the operational ecosystem across which businesses interact with one another.
See also: What B2B Firms Can Learn From Big Tech’s Cybersecurity Initiatives
At the same time, the adversarial nature of fraud means that criminals aren’t standing still. The wide availability of selfies on social media has helped fuel artificial intelligence-powered scams where scammers use the data to craft deepfakes that let them get around digital verification systems and know your customer (KYC) measures.
The latest findings from the Federal Trade Commission showed that consumers reported more than $12.5 billion in fraud losses last year. That’s a 25% uptick over 2023, driven not by a rise in the number of reports but an increase in people who reported losing money to a fraud or scam.
PYMNTS examined these sorts of threats last month in an interview with Mzukisi Rusi, vice president for product development: authentication products at Entersekt.
“Every new technology brings new risks,” Rusi said, adding it’s incumbent on financial institutions “to stay one step ahead and constantly evolve their defenses.”
The marketplace is responding with both innovative and effective solutions. Visa, for example, announced Tuesday (March 11) that its new anti-fraud disruption department saved potential victims $350 million last year. The scam disruption group works under the umbrella of Visa’s Payment Ecosystem Risk and Control (PERC), which itself blocked $40 billion in attempted fraud in 2024.
At the same time, B2B cyber audits can help organizations assess their security posture, identify vulnerabilities and build trust with partners and clients. For C-suite leaders, these audits are not just about compliance but about safeguarding their enterprise’s long-term stability, resilience and trust.
