Cloud

2/1/2017
08:05 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Identity Fraud Rose 16% In 2016

Javelin report finds that fraud increased to 15.4 million consumers in the US - the highest ever.

Identity fraudsters had a banner year in 2016, underscoring the need for consumers to consider protection services, stronger forms of authentication, and increased vigilance on security issues.

The number of identity fraud victims increased 16% in 2016, rising to 15.4 million consumers in the US, according to Javelin Strategy & Research's 2017 Identity Fraud Study, conducted on behalf of LifeLock. That's a record high since Javelin began tracking identity fraud in 2004.

Al Pascual, senior vice president, research director and head of fraud and security at Javelin, says the study also found that the criminals adapted to all the latest prevention techniques to net 2 million more victims in 2016 – an increase of $1 billion, to $16 billion. The rise of available information via data breaches has been a boon to the criminals, he says.

"To successfully fight the fraudsters, the industry needs to close security gaps, continue to improve, and consumers must be more proactive," he notes.

Randy Vanderhoof, executive director of the Smart Card Alliance, agrees that consumers must become more vigilant than think about changing their habits.

"What I tell people is to dedicate a credit card for online shopping and a credit card for purchases at physical stores. It’s much easier to track the fraud that way," Vanderhoof explains. "People also need to be aware that if they use a debit card in the store, there is more of a risk because if they are subject to fraud, the money comes right out of their checking account. With credit cards, there are some more protections."

The report, which was based on address-based surveys of 5,028 US consumers, also found:

  • Card not present (CNP) fraud rose significantly. EMV chip and pin cards have closed off opportunities for point-of-sale fraud, so the criminals have moved online. CNP fraud increased by 40% last year. In fact, 3.42% of all consumers had their cards abused by this type of fraud.
  • Account takeover bounces back. After reaching a low point in 2014, both account takeover incidents (where a criminal takes control of an account) and losses rose notably last year. Total account takeover losses increased 61%, to $2.3 billion, and incidents were up 31%. During 2016, victims paid an average of $263 in out-of-pocket costs and spent 20.7 million hours to resolve this type of fraud - 6 million more hours than in 2015.
  • Account takeover on mobile phone became nearly twice as prevalent in only one year. Mobile phone accounts represented 12% of all takeovers in 2016, up from 7% in 2015. Cybercriminals sought to monetize mobile accounts and leverage them to compromise the mobile-based alerting and authentication solutions that financial institutions, issuers, and other businesses rely on to prevent fraud. 
  • New account fraud (NAF) continues unabated. In NAF, a fraudster takes a person’s information and opens up a new account in the victim’s name. NAF increased from 0.62% in 2015, to 0.74% of consumers last year. Fraudulent credit cards proved most attractive, rising 21% for new fraudulent accounts opened in 2015, to 30% last year.

"New account fraud is often the most damaging type of fraud because the criminals get your social security numbers and other personal information and open up accounts in your name," says Stephen Coggeshall, chief analytics and science officer at ID Analytics and LifeLock. "Very often the victim is not aware that the fraud took place for several days."

According to the study, NAF was detected 17 days more slowly in 2016 than it was the year before. Most victims find out either when they check their credit report or when a creditor or collector contacts them. By the time the account has gone delinquent, the fraud has matured and the fraudster has more the likely gone on to another scheme.

The report also distinguishes between different types of consumers. For example, consumers with little online presence face less risk, but can take more than 40 days to detect fraud and incur higher fraud amounts than most other fraud victims.

On the other hand, while e-commerce shoppers experience the highest amount of fraud, they also tend to catch it very quickly, minimizing the impact. A full 78% of ecommerce fraud victims detected fraud inside of one week.   

Related Content:

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
8 Security Tips for a Hassle-Free Summer Vacation
Steve Zurier, Freelance Writer,  6/23/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11446
PUBLISHED: 2018-06-25
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tr...
CVE-2018-12062
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka t...
CVE-2018-12063
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPri...
CVE-2018-12067
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka t...
CVE-2018-12068
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka ...