As we are in the midst of the largest online holiday shopping phenomena ecommerce has ever experienced, it’s pretty safe to assume that fraudsters are looking for new and even more ways to put a little jingle in their wallets this season and beyond. So in a year where we are seeing data from various sources indicating financial fraud is climbing faster than Santa can slide down your chimney, we have pulled out our crystal ball to make some 2014 Financial Fraud Predictions here at Easy Solutions to help you stay head of the game in the coming year. While these are just predictions, they are based off of some very real trends and data we are seeing here at Easy Solutions:
Mobile fraud will evolve faster than defenses for at least another year. In the last month, the four major US mobile carriers announced that they will begin blocking premium or paid SMS charges, otherwise known as cramming. Around 75% of all existing mobile malware uses this method to monetize mobile fraud. Cutting off this revenue source for fraudsters will accelerate innovation of mobile malware and take more advanced techniques like SMS OOB interception into the mainstream.
Attacks against small and medium businesses will experience a marked increase. Account takeover of these accounts can be especially lucrative and fraud patterns in the online channel are harder to spot due to higher account activity and larger transactions.
The use of Proxy AutoConfig (PAC) attacks will expand. Proxy Autoconfig functionality is a feature of every modern web browser. It was first exploited against online banking users in Latin America as a more sophisticated and flexible variant of a pharming attack. PAC attacks allow fraudsters to dynamically redirect users to proxy servers when they attempt to navigate to specific web sites. This redirection allows fraudsters to launch successful man-in-the-middle attacks against victims.
New fraud vectors will emerge from diverse environments globally. Historically, new attack vectors have emerged from Latin America and there is reason to believe that this will continue. However, with the adoption of online/mobile banking accelerated globally, we can expect the emergence of new threats from certain regions to propagate globally faster than before. Additionally, there isn’t much incentive for fraudsters going into 2014 to spend time and resources to invent new attack vectors since the current attacks are still highly effective and profitable.
Agree or disagree? What predictions do you have? We would like to hear your thoughts on these or others out there.
Wishing you a safe and enjoyable holiday season.