Feedzai has published its Quarterly Financial Crime Report. The report analysed financial crime indicators and consumer trends while drawing spending comparisons during one of the most complex shifts in consumer behaviour – the COVID-19 pandemic. The report also identified the top 3 Global Fraud Contributors in 2020 with card cloning, high-speed ordering/spending, and high-risk merchant category code taking the lead.
Fraudsters also seized opportunities provided by the shift to online transactions causing networks’ fraud rates to increase by 60%. Not only was there more fraud attempted, the dollar value of each attempted fraudulent transaction was 5.5% higher than it had been the six months preceding the pandemic.
The digital-first revolution brought on by the pandemic has shown that criminals – who already revealed technical sophistication – quickly adjusted to the new reality and that consumers adapted their shopping habits to the realities of lockdowns and social distancing requirements. In both cases, they’re not likely to switch back. In fact, 30% of consumers opened new accounts during the pandemic, and 75% of customers plan to maintain digital banking habits. A further 56% cited trust as the reason they opened new accounts with their current financial institution.
30% Increase in Card Not Present (CNP) Transactions
The radical shift to online commerce and banking produced a 30% rise in CNP transactions from April through August as compared to Q1 2020. As expected, the move away from in-person transactions realized a 22% drop in April for card-present (CP) transactions. However, and most surprisingly, by June, CP transactions, which dramatically decreased in April, recovered.
COVID cancels Black Friday but gives Cyber Month a big push
The company also stated in the report that Black Friday as we know it is canceled for the year, due to major retailers limiting crowds and extending their deals beyond one day to help stop the spread of coronavirus. Consumers are now opting for Cyber Monday, which will morph into Cyber Month. It’s a necessary step to both ensure robust retail figures and also meet new realities ushered in by COVID, which has delivered previously unseen and unheard-of digital results: holiday season shopping levels in spring and summer. The dollar amount processed in May 2020 was higher than 2019’s holiday season. Additionally, the dollar amount increases over the previous year’s holiday season were sustained through the summer and early fall.
- Monetary Value
- 26% increase in the dollar amount processed in May 2020 compared to the 2019 holiday season
- 13% increase in dollar value June-Sept. 2020 over the 2019 holiday season
- Number of Transactions
- 30% increase per month in number of transactions from June-Sep 2020 compared to Sep 2019
“We’ve analyzed over 4 billion global transactions across all major industries to produce what we believe to be a comprehensive snapshot of the latest fraud and consumer trends,” said Jaime Ferreira, Senior Director of Global Data Science at Feedzai. “COVID has created a big disruption in the banking, payments, and e-commerce sectors with multiple impacts all over the world. Feedzai is in a good position to add clarity to this debate and help financial institutions to understand these complex shifts and how to better protect their customers.”
When it comes to the top most common global fraud contributors, Feedzai found that card cloning, high speed ordering/spending and suspicious merchant category codes were the biggest fraud offenders. Other types of significant fraudulent activities were Account Take Over (ATO) and suspicious emails.
Breakdown of top three global fraud threats:
Card cloning – Card cloning, or “skimming,” is copying stolen credit or debit card information to a new card. In card cloning schemes, “carders” buy and sell stolen payment cards on the dark web and often use bots to commit crime. Feedzai’s report showed there has been a 34% increase in the card cloning fraud across industries.
High speed ordering / spending – Armed with speed and velocity, fraudsters use BOT attacks to complete “add to carts” five times faster than humans. BOTs can strike hundreds of times in minutes, and some bot attacks can last as long as several hours. With e-commerce set to skyrocket this festive period due to the pandemic, this type of attack will impact online retailers and their customers as it can act as a DDoS attack and make legitimate orders impossible to transact.
High risk merchant category code (MCC) – An MCC is a four-digit number that designates categories for merchants based on their primary business. A bank’s underwriting guidelines determine a merchant’s risk. The more likely a merchant is to have a high number of chargebacks, the riskier they are deemed. Upon analysis of fraud patterns, Feedzai found that some of the most common high risk MCCs are gambling, dating services, and the travel industry.
In addition, account takeover (ATO) fraud was prevalent and involves a fraudster accessing any online customer accounts, such as a bank, e-commerce or email account. Finally, suspicious emails also make up a large number of fraud schemes, so it is always worth reminding consumers to think before they click; and banks and e-commerce sites should monitor for fraudsters setting up rogue domains to trade on their good brand names.
Actions Financial Institutions can take to combat common fraud contributors
Feedzai recommends the following ways in which FIs can act now to limit fraud over their networks:
Thwart “carders” with card-not-present fraud-fighting techniques: Understand the user patterns associated with carding, such as picking up when the same card is used for multiple transactions in a short period of time; if the dollar amount per transaction is above a certain threshold; or if the number of merchant codes in a specified period of time exceeds a threshold. An advanced machine learning algorithm can allow organisations to manage complex conditions to detect and prevent crime with greater accuracy.
Monitor suspicious email domains: Flag any transaction originating from a suspicious email domain which can include high-risk domains, invalid emails, or unconfirmed email addresses.
Develop hypergranular risk profiles to detect ATO fraud: Understand your customers by looking at multiple data points when creating customer risk profiles. For example, collect the time of day a customer usually logs into their account, the mobile devices they typically use, how much time they spend on a site or online platform, and how they typically transact. Understanding what normal behaviour looks like allows teams to detect and prevent fraud when the customer’s account behaves abnormally.
Top tips for consumers to fight fraud this festive shopping season
Feedzai is urging consumers to stay aware and be vigilant. Fraudsters will use emails, phone calls, rogue mobile apps, and websites or pretend to be legitimate businesses to deceive their targets and obtain their personal information. If fraudsters don’t have access to personal information, it’s very unlikely they are able to commit any type of fraud. For this reason, users should exercise caution when clicking on any links or responding to any messages they receive. Any communication that requires the recipient to disclose any kind of personal information should be treated with suspicion and validated -it’s better to take a little longer to access a shopping deal than to give up personal data to fraudsters!
Users should also be on the lookout for Account Take Over (ATO) instances, which leverage the habit of reusing passwords across different online accounts. Criminals will attempt to log into legitimate user accounts with stolen credentials, and this is among the most common type of fraud. In fact, each month, one in three fraud attempts against the world’s top merchants is ATO. Scam fraud has notably risen in the UK market, where losses reached £456 million last year.
“Consumers and businesses need to pay close attention to fraud techniques that have become common,” said Andy Renshaw, VP of payments strategy & solutions at Feedzai. “Well-known shopping events such as Black Friday and Cyber Monday can produce unwanted consequences if safety measures are not understood and adopted. There are patterns and suspicious behaviours that can be spotted in real-time and prevent people from becoming part of the statistics.”
Access Feedzai’s Quarterly Financial Crime Report to learn more about the latest fraud and consumer trends.