View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

6 reasons why we are losing the cybercrime battle against fraud

List: 5.8 million fraud and computer misuse incidents in the 12 months to the end of March 2016 - how can we stop that number rising?

By Ellie Burns

Fraud: A victimless crime?

Sundeep Tengur, Banking Fraud Solutions & Financial Crimes Specialist at SAS, said: “Fraud is an insidious problem that challenges all businesses in the UK and around the globe. For far too long, fraud has been viewed as a victimless crime. On the contrary, it is continually being used by criminals for monetary gain and to fund a wide spectrum of illegal activities including drug dealing, human trafficking and even the funding of terrorism. Sadly, many of the victims are among the most vulnerable members of our society.

“Fraud has evolved from simple and opportunistic modus operandi to more complex and patient scenarios. Fraudsters are becoming increasingly sophisticated and often hide within complex networks where they employ ‘mules’ to do their bidding. Those networks are often hard to detect as they contain both fraudulent activity as well as legitimate and compliant transactions.

“Also contributing to the rising velocity of fraud is the proliferation of online services and the anonymity those digital channels provide to consumers. For example, when making insurance claims, it’s easy to inflate the value of a damaged or stolen item or to add a few additional items to the claim, therefore resulting in what’s often referred to as ‘soft fraud’. 

 

Rise of a new industrial revolution

Andy Thomas, Managing Director at CSID Europe, said: “Cybercrime is going through its own industrial revolution – the barriers to entry are disappearing. Tools are automating the process and costs have plummeted: getting started in cybercrime has become child’s play. The ONS data released validates our concerns that the industry needs to up its game in terms of measures to prevent fraud, and consumers still need better education to avoid becoming victims to the most common fraud risk they now face.”

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

 

Benchmarks? What benchmarks?

Dave Webber, Commercial Strategy Director at LexisNexis® Risk Solutions UK said: “In an increasingly digital age, these figures illustrate just how vulnerable personal and corporate data is to attack. With bank and credit account scams the most common type of fraud, organisations need to swiftly strengthen their fraud prevention strategies. Today, most organisations can’t measure fraud consistently and so have no benchmark from which to measure current performance and, moreover, how advances in fraud defences are performing.  Therefore companies should align fraud prevention with their overall business strategy, enabling fraud prevention teams to adapt to volatile market conditions as well as the changing behaviour of fraudsters.

“Cyber criminals are highly organised, well-funded and continually using advanced technology to up the stakes. As such, in the same way cyber criminals seek to innovate, so should businesses use technology to monitor for fraud and protect their data. Increasingly, we are seeing organisations using sophisticated data, technology and analytic linking to determine not only whether a business is a legitimate entity, but also to link owners, employees and identify other people who have a stake in the business. Deploying this type of information must be an organisation’s first line of defence against fraud. That said, as the figures mark the first time the ONS has measured fraud and cyber crime in full, it remains to be seen whether more organisations will respond in kind over the next 12 months.” 

 

Security is fundamentally flawed and consumers like it easy

Johan Dalhert, BehavioSec said: “The nature of security as we know it is fundamentally flawed. We recently found that over 1 in 3 of us even admit to sharing our passwords and log-in details for services including social media, banking and online-shopping, while over 70% choose to stay ‘logged-in’ when possible. “Convenience” proved to be a key driving force of this behaviour.

“Quite simply, security is no longer a consumer’s number one priority when operating online. Today we prioritise convenience – meaning laborious tasks such as multiple authentication processes are often side-stepped. A password is only as secure as a user’s desire to safeguard it and for this reason we need to lift the burden for consumers. If digital platforms are selling consumers convenience and always-on availability, then they need to take on the bulk of the security burden themselves and implement security measures that accurately authenticate users without forcing them through frustrating, inefficient authentication barriers.”

 

Passwords of old

Brian Spector, CEO at MIRACL, said: “These figures suggest that nearly one in ten of us fell victim to online fraud in the last year. This is hardly surprising, given how laid back most people are about the potential risks of data theft and identity fraud. When it comes to banking fraud, most people still consider this to be their bank’s problem, and assume that they will be reimbursed no matter what. But considering the huge volume of personal and financial data that most people place online, it’s vital that consumers become more vigilant about protecting their digital footprints. Identity fraud is a multi-billion dollar business, so this trend is unlikely to reverse any time soon.

“In almost all cases of online fraud, the problem can be traced back to that relic from a bygone age: the password. The username and password system is old technology that simply cannot secure the deep information and private services that we all store and access online today. Passwords don’t scale for users, they don’t protect individual services and they are vulnerable to a myriad of attacks. By contrast, new, secure methods of two-factor authentication can eliminate password risk and at the same time be user-friendly. It’s time for online services to contribute to the restoration of trust on the Internet by removing the password from their systems altogether.” 

 

The evolving hacker

Piers Wilson, head of product management at Huntsman Security, said: "For the majority of organisations, the main two lessons to take from these statistics are the rapid evolution of cyber-crime, and the number of threats that any individual or organisation will face.

"With attackers able to constantly modify their attacks for a particular target, or come up with entirely new ways to steal data or commit fraud, organisations cannot simply assume that they will be able to spot known attacks before they can cause damage. Instead, organisations need to be alert for the signs of completely unknown or insider attacks that could have already breached their defences, and react before they can cause significant damage."

 

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU