Last year, two percent of transactions in e-banking and online retail were carried out by fraudsters and 16% of transactions were suspicious and required further investigation, according to analysis of events identified by Kaspersky Fraud Prevention. The most common malicious activity found was the use of malware or remote access tools. In e-commerce in particular, fraudsters often leveraged tools that automatically perform programmed actions.
Digital financial services and e-commerce simplify people’s lives, allowing them to order goods or manage their finances wherever it is convenient for them. Moreover, with the ongoing coronavirus lockdown measures in place, the importance of online services has grown even more. With people heavily relying on these services, the Kaspersky Fraud Prevention report has revealed why it is so important to protect these businesses from fraudsters.
According to anonymized statistics of events detected by Kaspersky’s anti-fraud solution from January to December 2019, the most common case of fraud (63%) was attempts to access personal accounts using malware or legitimate remote control software. These tools, such as AnyDesk, TeamViewer, AirDroid and AhMyth, are intended for remote working and troubleshooting. Cybercriminals can impersonate someone from a banking service’s support team and ask the intended victim to install of the aforementioned applications. That way, they obtain access to victims’ devices, allowing them to reveal the user’s pin, one-time password, withdraw money, or even submit loan applications.
Misuse of remote control software is followed by occasions when fraudsters takeover their victim’s account, or incidents when attackers use a legitimate user’s compromised credentials to steal money or loyalty program bonuses. This was used in 34% of detected incidents.
However, fraud affects not only the financial sector, but online retail as well. As for the specific schemes in e-commerce, 44% of all cases involved the creation of fake accounts. By signing up for multiple registrations in retail loyalty programs, criminals receive welcome bonus points, which they go on to sell with a discount. As creating a large number of accounts manually can be tiresome, fraudsters often use bots, or special tools programmed to perform the required actions automatically.
“It can be hard to detect fraudsters as they often use legitimate tools and are good at mimicking genuine user behavior. For example, remote access tools are not always malicious, so they will not be detected by an anti-virus solution. There is also nothing wrong with registering a new account in a loyalty program, however, it is suspicious when a large number of users come from a single IP address or have similar mouse tracings. That is why we continually examine how fraudulent schemes are evolving in order to optimize our solution,” comments Claire Hatcher, Head of Business Development, Kaspersky Fraud Prevention.
To stay protected from ever-changing fraud techniques, Kaspersky recommends services and retailers adopt the following measures:
- Limit the number of attempts to conduct a transaction. Cybercriminals may try several times to enter correct credentials or card numbers.
- Educate your customers on possible tricks malefactors may use. Regularly send them information on how to identify fraud and behave in this situation.
- Conduct annual security audits and penetration tests to find security issues in a company’s network.
- Have a dedicated fraud analysis team capable of finding and analyzing the emerging methods fraudsters are using.
- Implement multi-factor authentication to minimize chances of accounts being taken over.
- Install a fraud prevention solution that can be quickly adapted for identifying new attack schemes and methods.
To find out more about the main fraud vectors companies face, please have a look at the full Kaspersky Fraud Prevention report.