Account takeover continues to be a problem for the CNP payments industry, although fraudsters have shifted targets in the past year, according to a report from antifraud technology provider Forter. While direct ATO attacks against individual merchant accounts have decreased somewhat from 2015 to 2016, takeovers of online payment accounts (e.g., PayPal, Apple Pay, Amazon Payments) increased 131 percent in 2016 compared to the year before.
“This may reflect increased general usage of such alternative payment options,” the authors wrote in the report, “and certainly it is understandable from the fraudster perspective since breaking into the payment method itself increases the scale and range of theft available to them.”
The report found the overall fraud attack rate increased 8.9 percent in 2016, suggesting online merchants may have weathered the worst of the “tsunami” of fraud attacks expected after the U.S. conversion to EMV and now must contend with a moderate, but steady, increase in fraud as the number of online transactions increases and EMV continues to roll out.
But, while the overall attack rate moderated, several merchant verticals saw significant increases. Apparel led the way with a 70 percent increase in the rate of fraud attacks. Attack rates also rose significantly for food and beverage retailers (49.8 percent). The frequency of attack on digital goods providers and the travel and hospitality industry actually saw sizeable decreases.
“The most notable growth in fraud attack rate is within the apparel industry,” said Michael Reitblat, CEO of Forter. “This may be related to the new fraudsters who’ve joined the online criminal community following EMV adoption in the U.S. and are perhaps sticking to a vertical they understand. It may also reflect the increased comfort of genuine shoppers with the idea of buying fashion items online and returning as necessary.”
Identifying and Preventing ATOs and New Account Creation Fraud
Friendly? I Don’t Think So
- Fighting Fraud with Duct Tape and Bailing Wire