Online payment fraud losses will reach $48 billion annually by 2023, up from the $22 billion in losses projected for 2018, a new study from Juniper Research has found.
Juniper’s new research claims that a critical driver behind losses from eCommerce, airline ticketing, money transfer and banking services will be “the continued high level of data breaches resulting in the theft of sensitive personal information.”
Synthetic identity fraud is on the rise, researchers found. Fraudsters are using fragments of real data gleaned from breaches to create new, synthetic identities, as they slowly move away from pure identity theft. Synthetic-identity fraud is one the fastest-growing forms of identity theft in the United States, according to the Department of Justice. R. Sean McCleskey, a retired United States Secret Service agent who supervised an identity-theft task force for more than a decade explains to the CNBC why synthetic identity fraud is so prolific:
“When criminals use a blend of different people’s data, as well as some entirely made up information, it becomes harder for law-enforcement officials to both realize the crime and then locate the culprit,” he is quoted as saying.
Juniper forecasts that money transfer will be a particularly vulnerable area, with the global rise in instant payment schemes and a focus on transactional rather than behavioral risk. Fraud losses are projected to increase by over 20% per annum to $10 billion in 2023.
“Synthetic identity is currently the low-hanging fruit because, even though it takes time for fraudsters to establish, many of their targets are not set up to detect the behavioral giveaways that indicate this type of fraud,” said research author Steffen Sorrell.
Techniques practiced by the Magecart and Fin7 groups will become more common as fraudsters seek to create products from their knowledge, Juniper predicts, The two gangs typically use a combination of malware and cross-channel approaches to facilitate their criminal gain, resulting in more common instances of complex fraud as the a ‘fraud-as-a-service’ economy emerges.
The report recommends a holistic approach to fraud prevention, one that includes a strategy to assess and mititgate risk from a cybersecurity perspective.