Digital fraud is a constant menace for businesses and individuals, with merchants across the globe expecting to lose more than $20 billion to fraud in 2021 alone. Phishing is a particularly dangerous threat, resulting in data breaches that cost businesses an average of $4.24 million per incident. In the past year, nearly 75% of businesses fell victim to phishing attacks.
Merchants are deploying several defensive measures to keep phishing at bay. One of the best ways to protect companies is rigorous training for employees, including identifying suspicious emails, enabling multifactor authentication and never giving usernames, passwords or other information to anyone who asks for it. This training can be augmented by technological solutions such as browser extensions that access databases of known fraudulent websites and block employee access.
In the October edition of the Digital Fraud Tracker®, PYMNTS explores the latest in the world of fraud prevention, including the latest phishing tactics leveraged by bad actors to steal funds and data, the countermeasures that merchants are deploying to protect themselves and their customers, and other fraud threats such as impersonation schemes and social engineering.
Developments From the Digital Fraud Space
Businesses in the United Kingdom are also facing massive waves of phishing attacks. A survey found that 73% of businesses in the U.K. suffered data breaches due to phishing in the past year, with bad actors tricking employees into forfeiting login data that the fraudsters then used to breach corporate systems. Data breaches also stemmed from other attack vectors, with 74% of businesses saying that employees broke data security rules and allowed company data to be leaked.
Phishing is not the only fraud technique running rampant in Europe. The U.K., for instance, saw 96.6 million pounds (about $132 million) lost to fraudsters impersonating police officers, while 53.7 million pounds (about $73.8 million) was lost to other types of impersonation scams, including an incident where a fraud ring impersonated Royal Mail workers to scam customers. After the U.K., the most affected countries were Ireland, Denmark, France and Luxembourg.
Businesses are deploying several different defenses to keep these fraud threats at bay. A survey found that one-third of financial institutions (FIs) have accelerated their artificial intelligence (AI) and machine learning (ML) programs, for example, as the ongoing pandemic leaves new digital entry points for bad actors. Anti-money laundering (AML) is a particular focus for these programs, with 57% of these FIs saying they have added AI and ML to their AML programs or are planning to do so within the next 12 to 18 months.
For more on these and other digital fraud news items, download this month’s Tracker.
Fighting Phishing Through Employee Training and Siloed Access
Phishing is a perennial threat to businesses of all types, and bad actors are growing increasingly sophisticated in their techniques with social media scraping and automated attempts. No single defensive layer is enough to counter the threat, but a combination of employee training and siloed access to corporate systems could go a long way.
In this month’s Feature Story, PYMNTS talked with Chuck Brooks, adjunct professor of cybersecurity risk management at Georgetown University, about why legacy methods of phishing recognition must be phased out in favor of identifying new phishing tells.
Deep Dive: The Dangers of Phishing and How Companies Can Fight It
Experiencing a data breach is one of the worst fears of any organization, with millions of dollars spent to contain the damage of private customer records and credentials leaked into cyberspace. Companies looking to reduce the risk of a breach are working to stop its most common cause: phishing.
In this month’s Deep Dive, PYMNTS explores how fraudsters deploy phishing schemes to gain access to employee login credentials and how these fraudsters can be stopped through vigilant employee training and fraud prevention software.
About the Tracker