U.K. Businesses Lose £1 Billion in Online Fraud, ‘Mandate Fraud’ on the Rise
June 16, 2016
U.K. businesses lost £1.1 billion ($1.6 billion) in the 12 months ending March 2016, according to a report from government fraud reporting agency Action Fraud and fraud prevention initiative Get Safe Online. The number of cybercrimes reported to Action Fraud increased 22 percent during that time. While many of the crimes are phishing scams or internal fraud perpetrated by employees, a pernicious cousin of account takeover has become especially “worrying,” officials said. Subscription businesses and their customers are increasingly falling victim to “mandate fraud.”
Mandate fraud occurs when a fraudster contacts the customer of a subscription business and gets them to change a direct debit or other recurring payment and send that payment to a new destination—an account controlled by the thief. All the customer knows is that the product never arrives the next month or a membership has been canceled. All the retailer knows is that the customer stopped payment. While there is no direct loss from a chargeback perspective, the stream of revenue is interrupted, perhaps permanently. Reported cases of this form of fraud rose 66 percent in the period under examination compared to the year before, according to Action Fraud.
“These latest figures show the enormous, and quite frankly daunting impact online crime can have on a business, its reputation, its employees and even its continued operation,” said Tony Neate, CEO of Get Safe Online. “It also highlights the abundance of ways a business can be targeted, both externally, and from within. To tackle this issue head on, businesses need to review their own skills and knowledge, determine if they need outside help, and then create measures to prevent, detect and respond to potential security threats.”