GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

Non-payment mobile options popular this holiday season

Patti Murphy

News

Industry Update

Holiday season brings tidings of CNP fraud

Tripwire, Verizon advocate cyber-readiness

California vote bumps pot toward legitimatization

Vantiv growth plans to include Moneris USA

Features

2016 ISV study

Smartphone ecommerce on the rise

Daria Rippingale

Views

Payments are live

Dale S. Laszig
DSL Direct LLC

Biometrics hot at Money20/20

Peggy Bekavac Olson
Strategic Marketing

Education

Street SmartsSM:
Sales as a healing profession

John Tucker
1st Capital Loans LLC

Gateways rising

Adam Atlas
Attorney at Law

The friendly fraudster: Your merchants' worst frenemy

Evi Triantafyllides
PAAY LLC

Expand your time

Steven Feldshuh
Merchants' Choice Solution East

Company Profile

Digitzs Solutions Inc.

New Products

Personalized, mobile, in-store shopping

Contextual Commerce Platform
OmnyPay Inc.

EMV-certified reader for smartphones, tablets, PCs

Walker C2X
AnywhereCommerce

Inspiration

Boundless creativity

Departments

Letter from the editors

Readers Speak

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

November 28, 2016  •  Issue 16:11:02

previous next

Holiday season brings tidings of CNP fraud

Shoppers, retailers and cybercriminals no longer wait for Black Friday and Cyber Monday to get into the holiday spirit. Security analysts saw a spike in legitimate and fraudulent retail transactions throughout the third quarter of 2016, a traditionally quiet period. Felonious attacks are becoming more frequent and sophisticated, experts warned. Chief among their concerns is the use of artificial intelligence and social engineering to mimic legitimate customers.

"The challenge for businesses is that if fraudsters behave more and more like genuine customers, and automated bot attacks are testing identity credentials on a mass scale, what hope is there of detecting the genuine good transactions from the sea of bad ones?" wrote Alisdair Faulkner, Chief Products Officer at ThreatMetrix. The ThreatMetrix Cybercrime Report: Q3 2016, published Nov. 1, 2016, found a 40 percent increase in card-not-present (CNP) crime between July and September 2016, compared with the same period in 2015. The analysis was based on close to 5 billion transactions and 130 million blocked intrusions, the company noted.

Cybercriminals have graduated from brute attacks to more advanced, nuanced methodologies, according to Vanita Pandey, Vice President of Strategy and Product Marketing at ThreatMetrix. "Attacks have evolved from being one-dimensional with a singular purpose to being a Frankenstein's monster of attack vectors, using bots, social engineering and remote access stealth in various combinations," she said.

Physical, virtual fraud

"True fraud exponentially rises during the holiday season," said Srii Srinivasan, co-founder and Chief Executive Officer of ChargebackGurus. "Many criminals hack into retail networks earlier in the year, planning attacks well in advance of peak retail season. Some of their most insidious strategies involve mimicking legitimate customers."

Pandey and Srinivasan urged retailers to plan ahead for high-volume transactions and implement real-time detection strategies. "Fraud prevention is no longer simply about timely detection but about getting under the skin of evolving attack patterns to better thwart the rise of cybercrime," Pandey said. Srinivasan cited a number of reasons for increased chargebacks around the holidays. "Fulfillment centers may ship the wrong product or duplicate an order, and there is more physical theft during holiday season, because thieves know high ticket items are being ordered," she said.

Top industries, retailers targeted

Security experts are especially concerned for big-box retailers, which they claim will be primary targets throughout the holiday shopping season and immediately thereafter. There could be as many as 50 million attacks to ecommerce sites in the peak shopping week alone, they warned.

ThreatMetrix has been stopping an average of one fraudulent new account creation every 10 seconds and sees a widespread use of stolen identity credentials. Pandey called these attacks "multifaceted, global and ever-evolving," as criminals strive to steal, validate and sell stolen identities. Increasing crime levels necessitate staying a step ahead "with innovative approaches that derail fraudsters and strike the right balance between protecting businesses and minimizing friction for users."

Srinivasan added that many retailers hire temporary workers to help manage shipments, returns and inquiries. Merchants need to combine preventive tools and strategies with human oversight to protect against fraud, and information technology departments need to plan for excessive network traffic, she stated.

Following are at-risk categories cited in the ThreatMetrix report:

Changing consumer, fraudster behavior

Mobile and in-app payments have created a new frontier for fraudsters, according to the ThreatMetrix study. "As digital transactions have grown, so have the attacks," the authors wrote. "This quarter saw the highest number of attacks on ecommerce with more than 76 million blocked transactions, a 60 percent increase over 2015." Fraudsters are targeting mobile and online accounts where consumer credentials are stored, the authors noted. They expect these login attacks to continue through the 2016 holiday season as cybercriminals use a combination of techniques to break into ecommerce sites and steal identity and payment card data.

ChargebackGurus has seen an increase in "friendly fraud"; its analysts are working with payment card brands to evaluate this trend. Some consumers have bragged about friendly fraud on social media, claiming to have received free goods by disputing charges, according to recent reports. Overall chargeback volumes in 2015 were 30 percent friendly fraud and 70 percent true fraud; these numbers reversed in 2016 to 70 percent friendly fraud and 30 percent true fraud, the company stated.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM