For many consumers, the pandemic led to lifestyle changes, which have impacted fraud trends. Here are four trends merchants should look out for.
In organizations where remote working has been in place since it was first recommended, some individuals may not have had any in-person meetings or interactions with their managers and directors.
Fraudsters may look to exploit this situation by impersonating C-level and other senior managers—by phone or email—in order to persuade unwitting employees to provide access to sensitive data. This may lead to a rise in data breaches, which could herald an increase in account takeover attempts and other attacks down the line.
To help avert the risk of employees falling prey to C-level impersonators, organizations should:
- Ensure that emails received from outside the organization are clearly labelled with a warning
- Educate employees on the latest social engineering and phishing trends
Businesses may also wish to prepare by deploying a solution designed to protect against account takeover fraud.
Migration away from the city may change fraud hotspots
Some organizations have embraced homeworking—they may have given employees the choice to continue working from home, or may have shifted to a fully remote operating model. For employees, it's an opportunity to re-evaluate where and how they live—and some are choosing to leave the city for a more relaxed or rural environment.
As with any change in consumer lifestyle or behavior, a change in fraudster behavior inevitable follows. So businesses may notice a change in fraud hotspots. The rate of fraud may dip in some urban locations traditionally flagged as hotspots, while new hotspots emerge in line with the city exodus.
To keep up to date with emerging hotspots, you should track risky locations using custom lists based on the ZIP or post codes with the highest fraud ratios over the previous 90 days. This will help you to keep your fraud screening rules up to date as people—and fraud—continue to migrate.
Economic turmoil may lead to a rise in mule recruitment
As in any period of economic turmoil, people who've seen a drop in income since the onset of the pandemic may be tempted by "work from home" offers that pay them to receive and reship packages. Many of these so-called "mules" will see this as a legitimate source of income and will be unaware that they're supporting fraud rings.
To help identify new mules, we recommend that merchants who use Cybersource Decision Manager take advantage of the Identity Behavior Analysis feature. Leveraging cross-merchant data and machine learning (ML), this feature analyzes good, bad and unfamiliar identity behaviors to distinguish new bad actors from legitimate new customers and track changes over time.
Virtual cards pose new fraud screening challenges
Over the past year or so, we've seen a dramatic increase in the popularity of virtual cards. A unique virtual number is generated for each online purchase, which allows the consumer to place orders without disclosing any physical card data. Cardholders doubtless see this as a way to limit the potential for their details to be compromised.
When it comes to fraud screening, however, virtual cards pose several challenges. They can:
- Erroneously trigger identity morphing rules
- Lead to genuine transactions being rejected by reviewers who mistake them for card testing attempts
- Allow fraudsters to bypass negative or product-specific velocity rules in fraud screening solutions
Given many consumers' heightened interest in data privacy, it seems likely that virtual cards are here to stay. We recommend you provide additional training for your review teams and data scientists on the implications of virtual cards. Merchants who work with Cybersource can benefit from the expertise of our Managed Risk Analysts on this hot topic.
