Top 10 Fraud Trends

Many CUs continue to be burdened by data breaches.

July 15, 2011

Top 10 Fraud Trends

Skimming, data breaches, and social engineering are three of the biggest threats credit unions will face in 2011, according to “Top 10 Fraud Trends of 2011,” a white paper from Card Services for Credit Unions (CSCU).

CSCU reports the biggest fraud trends credit unions face are:

1. Card not present fraud. While large online merchants have standard fraud checks in place—address verification, card security verification, and credit card authentication—others don’t, leaving the onus of fraud prevention and detection on issuers.

2. Skimming. Recent attacks have ranged from traditional ATM skimming and incidents at merchant point-of-sale systems to skimming devices installed at gas station pumps.

3. Data breaches. Many credit unions continue to be burdened by the aftermath of the Heartland data breach. Credit unions should explore any data compromise solutions or services their card processor offers.

4. Social engineering schemes. Text phishing and voice over Internet protocol (VoIP) phishing (smishing and vishing, respectively) are newer forms of social engineering using the mobile and VoIP channels.

5. Fraud as a service. Criminal organizations are creating and selling fraud schemes as a “service,” essentially commoditizing and managing fraud as a for-profit business.

6. Social networking. The correlation between fraud and social networking is nothing to take lightly. Research has found that people using social networking for five or more years are twice as likely as newer users to suffer identity fraud (6.9% versus 3.2%).

7. Mobile malware. Software flaws within common mobile browser platforms provide the first credible opening for widespread mobile malware in the U.S. The security technology company McAfee noted a 46% increase in the amount of malware created for mobile devices from 2009 to 2010.

8. ATM malware. ATM malware aims to capture account numbers and personal identification numbers from the machine’s transaction application and deliver it to the perpetrator on a receipt printed from the machine in an encrypted format, or to a data storage device hidden in the card reader.

9. First-party fraud. First-party, or “friendly fraud,” typically involves a member obtaining a credit card with no intention of repayment. In some cases, first-party fraud perpetrators may mask their true identities.

10. Unknown future. Fraudsters may turn to credit unions and other smaller financial institutions in response to tougher antifraud measures by large providers.

Visit the CSCU website for more information.