#DISummit19: Online Fraud Becoming More Complex & Sophisticated
“Fraud has become much, much more complex,” he said, pointing to a particular rise in “networked fraud,” which consists of cross-border fraud, omi-channel fraud and cross-industry fraud.
“With cross-border fraud, attackers are using VPN and proxies to hide where they are originating from.
“We’re also seeing omni-channel fraud, so while in the past an attack might have focused specifically on an online banking channel, fraudsters are getting much more sophisticated and are using channels to investigate and learn more about a target or their account.”
Then there’s cross-industry fraud, Topliss added, which involves fraud attacks that first target one industry and then become stepping stones to target other industries.
There have also been recent rises in the amount of social engineering being used in fraud attacks, Topliss said. “It’s really becoming the new norm; in the financial sector, the early years of fraud really focused on third party fraud, but now there are so many layers of defense that are actually working quite well, so fraudsters have figured out that the human is the weakest link.”
Then there’s the rise in bot activity, with bots continuing to be a bigger and bigger problem within the fraud threat landscape. “It’s not just the sheer volume of them,” Topliss explained, “they are becoming more sophisticated and they’re invading traditional layers of defense. By doing that, they’re really able to do credential testing.”
Some emerging fraud opportunities have also come to light, Topliss said. “What’s interesting on the emerging fraud side of things is that we’re seeing both completely new types of fraud that are associated with new types of industries,” such as the ride-sharing industry, and fraud that targets established industries offering services “that historically were not susceptible to fraud or not targeted by fraudsters, but are suddenly becoming really, really interesting.”
Source: Information Security Magazine