The holiday season is upon us, and you are probably making plans to travel, shop, and spend time with your families. Planning a holiday has become easier than ever, with the digital world providing avenues for everyone to make all bookings online. On your mobile phone, everything is at your fingertips, and all you need is connectivity, a website, or a web app and your debit/credit card. However, did you know that this moment of bliss can turn to tragedy in seconds?
Online scams happen every second, and we as consumers need to keep ourselves on top of the different types of risks that are around us and their implications on our daily lives. Identity theft is one such risk that can result in a massive financial loss. In reality, these fraudsters strike even more during the holiday season, when you least expect it. For this reason, it is unsurprising that December is the month for National Identity Theft Prevention and Awareness. As per the 2019 Identity Fraud report from Javelin Strategy & Research, the number of victims of identity fraud fell from 16.7 million in 2017 to 14.4 million in 2018. However, don’t let the numbers fool you. Though there has been a quantitative decrease in the number of victims, they incurred a more substantial financial loss. Victims affected by Identity fraud had lost close to $1.7 billion, more than double the value during 2016.
With personal information readily available for fraudsters, here are some of the risks that you need to be aware of and some steps you can take to be vigilant in detecting these frauds and avoiding losses.
- Card Skimming:This is a type of credit/debit card theft where a fraudster uses a small device to steal the card information in an otherwise legitimate transaction like in a restaurant or while shopping. This fraud is usually carried by a fraudulent employee, who uses a fraudulent card scanner to steal the data. When someone swipes a credit or debit card through a skimmer, the device captures and stores all the details like cardholder name, card number, and the expiry date stored in the card’s magnetic strip. The fraudster then uses this stolen data to make fraudulent charges either online or with a counterfeit credit card.
- Identity theft through Account takeovers:89% of digital fraud losses that occur are due to account takeover where a fraudster gains access to your account and misuses that information for nefarious means. In some instances, fraudsters also use fake websites, fake emails, and fake mobile apps for users to trick unsuspecting users into granting them access to personal information
- SIM swap:In SIM swap fraud, a fraudster gets access to your mobile number to steal your financial transaction passwords. How do they do this? Once he/she has your number, the fraudster calls the customer care to notify that you have lost your phone. When prompted, the fraudster provides a validation (to prove that he/she is actually the customer) basis personal parameters like name, date of birth, email address, all of which are readily available on social media or a fraudster can obtain these through social engineering methods. The operator then blocks your sim card as mandated. The fraudster then buys a new sim card from your operator, “on your behalf” and get access to your all personal information. The SIM swap fraud impacts not just the consumer financially but also the telecom operator and the bank equally. A noteworthy fact is that in many countries, due to non-adherence to consumer interests and protection, both the entities (the telco and the bank) are legally liable to compensate the victim for his/her financial losses.
- Vishing/Phishing:Fraudsters send an email hoping to trick you into clicking on a link that might give the fraudster access to your personal information. Also, in some cases, fraudsters pose as bank customer care personnel to get access to your OTP to carry out a fraudulent activity
Now that we have looked into some of the Identity frauds out there, let’s move to some tips to bolster online security and reduce the risk of identity fraud:
- Ensure you have turned on two-factor authentication wherever possible. If that’s not available, use strong passwords or a password manager to secure accounts
- Do not share details like date of birth, residence address, and other personal information on social media to prevent account takeovers
- Secure your online and mobile devices by using a screen lock
- Encrypting data stored on the devices
- Avoid public Wi-Fi especially if you intend to do a financial transaction or access your bank details, or use a virtual private network (VPN) and install best in class anti-malware software
- Sign up for transaction alerts from banks, credit card issuers and other service providers to receive notifications and keep an eye out for suspicious activities
- Do not authenticate any transaction on a phone call as no service provider would ever call you to ask for a password, OTP, and more.
Most businesses do have some form of fraud management system in place to detect and prevent fraudulent activities. These systems can monitor the transactions for anomalies such as high usage, payments or purchases at an odd time of the day, fake identities, and take necessary actions to avert fraud losses to the consumers. However, as mentioned earlier it is also the consumer’s responsibility to pay attention to suspicious transactions this holiday season and secure personal information to avoid financial losses.
Wish you all Happy and a Secure holiday season!
If you are interested to learn how AI /ML techniques can help you combat Identity Fraud
Originally published at https://www.subex.com on December 20, 2019.