At the end of 2013, our CTO Dan Ingevaldson made some predictions about how fraud trends would look in 2014. Now that the year is almost one-quarter over, we can already see how the highly dynamic risk landscape has confirmed some of Dan’s worst fears and then some, in addition to providing new threats appearing through novel attack vectors.
Here is a list of some fraud trends we are seeing that are currently impacting electronic transactions in a big way, and that we expect to see continue throughout the rest of 2014:
In the wake of the most recent FFIEC guidance published in 2011, many financial institutions and service providers have undertaken very expensive and time-consuming projects to replace the traditional challenge questions and answers that they previously used as a security measure. One of the more popular solutions suggested as an alternative was to provide out-of-band authentication via a second independent device. Mobile phones were the natural fit as that independent device, since the typical consumer’s high usage of SMS texting would make it easy to incorporate into their banking routine.
Late last year, AT&T, Sprint and T-Mobile together announced that they will no longer offer or support Premium SMS services (with Verizon following shortly after). Premium SMS supports things like ordering ring-tones, checking horoscopes and all sorts of other things I have never done. It also supports legions of spammers, shady SMS aggregators and 3rd parties who try to bill people a few dollars here and there and hope they get away with it. This service has been around for a long time and carriers love(d) it because they received a cut of each transaction. Lookout did a great blog post on how the whole process works (https://blog.lookout.com/blog/2012/10/03/avoid-premium-sms-scams/).
As we are in the midst of the largest online holiday shopping phenomena ecommerce has ever experienced, it’s pretty safe to assume that fraudsters are looking for new and even more ways to put a little jingle in their wallets this season and beyond. So in a year where we are seeing data from various sources indicating financial fraud is climbing faster than Santa can slide down your chimney, we have pulled out our crystal ball to make some 2014 Financial Fraud Predictions here at Easy Solutions to help you stay head of the game in the coming year. While these are just predictions, they are based off of some very real trends and data we are seeing here at Easy Solutions:
Mobile fraud will evolve faster than defenses for at least another year. In the last month, the four major US mobile carriers announced that they will begin blocking premium or paid SMS charges, otherwise known as cramming. Around 75% of all existing mobile malware uses this method to monetize mobile fraud. Cutting off this revenue source for fraudsters will accelerate innovation of mobile malware and take more advanced techniques like SMS OOB interception into the mainstream.
Mobile banking presents an attractive way for banks to improve their relationships with their customer, serving them wherever they go. But with major security breaches and fraud incidents making headlines, financial institutions are taking steps to address the growing problems of advanced persistent threats and fraud in online and mobile banking channel. Read more
Sunrise, FL – July 15, 2013 – Easy Solutions, the Total Fraud Protection® company, today released Detect Safe Browsing (DSB) version 4.0. With DSB 4.0, financial institution can provide an important additional layer of fraud prevention to the end-user, to better protect against malware and other sophisticated threats such as, pharming, man-in-the-middle (MITM) and man-in-the browser (MITB) attacks. With DSB 4.0, Easy Solutions now extends this support to the two most popular mobile platforms: Android and iOS, ensuring that over 90% of mobile users can securely access their mobile banking accounts. More