Veriff
LibraryFraud centerFraud NewsExploring the risk terrain: Four key trends in online Fraud for 2024

Exploring the risk terrain: Four key trends in online Fraud for 2024

Online crime is growing fast. We examine the trends around the world and consider the dangers—and opportunities—of new technology.

AI brain illustration with network lines, identity verification failure, and fraud alert.
Author
Iryna Bondar
Senior Fraud Group Manager
May 15, 2024
Fraud
Share:
On this page
1. Deepfakes, AI and Phishing
2. Synthetic identity fraud
3. Account takeover fraud
4. Social engineering
5. How Veriff can help?

The Veriff Identity Fraud Report 2024 exposed a harsh reality: online fraud is surging, rising by 20% in just one year. Unfortunately, as technological advancements are achieved by the good guys, they are also sought after by the bad guys. 

The report – based on Veriff’s analysis of fraud trends from the frontline of the battle against identity fraud – showed that 6% of all verification attempts we tracked in 2023 were fraudulent. These results were underscored by our Fraud Index 2024, which found that almost half of users (47.8%) had encountered some form of online fraud in the 12 months from January 2023. 

Fraud attacks are a serious business – and growing all the time. According to February 2024 data from the Federal Trade Commission (FTC), consumers reported losing more than $10 billion in 2023, the first time it had reached that level and a 14% increase over reported losses in 2022. Samuel Levine, director of the FTC’s Bureau of Consumer Protection, specifically highlighted the impact of digital tools, warning they are “making it easier than ever to target hard-working Americans”. 

In recent years, there has been a serious increase in the number and severity of digital and online fraud instances, and it’s clearly getting worse. The explosion in digital channels, computational power, and advanced technology such as AI are all significant influences. Social media is also one area highly targeted by cybercriminals.

This shows just how important it is for companies to monitor their digital security systems to protect themselves and their customers´ experiences. 

Here is Veriff’s overview of four key trends that are happening in online fraud right now:

1. Deepfakes, AI and phishing

We have now become used to warnings about deepfakes and AI, and the impact these threats can have on our online safety and even our democratic systems. Indeed, according to the World Economic Forum’s Global Risks Report 2024, misinformation and disinformation is the number one threat faced by the world over the next two years. 
Deepfakes are synthetic media whereby an image or video of a person is replaced with the likeness of someone else. Faking content in this way isn’t new, but the technology used to create it has become very complex. Techniques are being leveraged from generative AI and machine learning to create high-quality audio and visual content that is very successful in deceiving people.

Scammers use this technology to bypass and overcome facial recognition or voice biometric protocols put in place by financial institutions and other organizations. This adds new dangers to older threats, such as phishing. 

Traditionally, phishing has involved a fraudster recreating a legitimate-looking website or email domain of a trusted company and then sending links to malware via email, which unsuspecting people are tricked into downloading. More recently, phishing has evolved, and it now takes place via SMS (smishing), or by voicemail (vishing) when the Interactive Voice Response (IVR) system of a renowned company is copied and recreated.

There is also a significantly increased danger of AI-based phishing. The threat is recognised at the highest levels. For example, the deepfake danger was the focus of a recent information sheet from the US government, including the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA). This noted that deepfakes are a particularly concerning type of synthetic media, and highlighted the danger in phishing: "Phishing using deepfakes will be an even harder challenge than it is today, and organizations should proactively prepare to identify and counter it.”

Kaarel Kotkas, the Founder & CEO of Veriff, has emphasized the limitations of current AI technologies, stating, "We do not have a general AI, and self-supervision is not at a level where we can leave machines to manage themselves." He highlights the necessity of human oversight in AI decision-making to ensure the models are improved iteratively, keeping users' well-being and ethical considerations at the forefront. Furthermore, Kotkas advocates for developing mechanisms to identify and mitigate harmful biases in AI, involving human intervention in critical areas.

A human needs to review all of an AI system’s decisions and use the data to iteratively improve the models, keeping users’ well-being and ethical considerations in mind. A step further is to build mechanisms that identify where AI is likely to display harmful bias and involve humans in those processes

Kaarel Kotkas

2. Synthetic identity fraud

There has been a substantial rise in fraud attacks in new account fraud enabled by a sudden increase in the creation of so-called ‘synthetic identities’. These identities are either faked, stolen, modified from real data, or bought on the dark web. 

Fraudsters use these synthetic identities to create fictitious accounts and profiles on platforms that can be then used for a range of illicit purposes, often as part of a larger scheme'.

Another way these identities are used is on online marketplaces that offer promotions to new customers. The synthetic identities are combined with stolen payment cards and dozens of non-existent individuals suddenly benefit. 

This type of fraud is part of impersonation fraud, which dominated the wider area in 2023, according to Veriff analysis, making up more than 85% of all fraud. Attempts to initiate the verification process using someone else’s physical document or synthetic IDs represented 13.7% of all fraud cases in the year.  

Robust identity verification techniques are essential for companies if they are to strengthen their foundations against new account fraud. An IDV process that ensure that the person doing the verification is real and who they claim to be is essential.  Processes that ensure applicants must put their real face forward (and provide sufficient evidence that they are who they say they are) when they are first creating their account are essential. 

3. Account takeover fraud

Account takeover fraud (ATO) is on the rise. This sees fraudsters gain access to a customer’s account without their permission using a two-step process. 

First, they access the account by deploying stolen information or information they’ve bought. Second, they make non-monetary changes to the account – for example, changing the victim’s personally identifiable information, their password, or requesting a new card – to eventually make unauthorized transactions that appear legitimate. Fraudsters rely on the fact that an established and trusted relationship between a service provider and a customer may well be subject to less rigorous anti-fraud processes. 

ATOs are certainly not new but they are expanding. It is likely we will see an increase in the number of attacks and the various ways that they are carried out. It is a worrying fact that although many companies spend millions preventing other types of fraud, ATOs are not taken as seriously as they perhaps should be. 

4. Social engineering

Social engineering involves criminals attempting to deceive people in order to manipulate them into divulging their personally identifiable information (PII). There is a shift to digital scams from traditional, face-to-face approaches, with fraudsters using fraud such techniques to enhance their credibility, boosted by the capabilities offered by digital technologies. 

When they gain access to this data, the fraudsters can use it for various means: for example, by using personal information like a mother’s maiden name, they can work to trick a mobile phone carrier into transferring a telephone number to their control. 

The worrying thing about this trend is that these scam artists do not have to be expert coders or sophisticated hackers in order to fool their victims. In effect, anyone could try this type of scam, which is why we all must be vigilant.

5. How Veriff can help?

Your business must put the correct detection processes in place to prevent fraud, protect yourself from financial losses, and beat back financial crime. These processes and systems can stop fraudsters before they’re able to access a user’s account and can be used to resist all the major types of account takeover fraud.

If you want to discover more about how our class-leading solutions can help a financial services business like yours, talk to our fraud prevention experts today. We’d love to provide you with a personalized demo showing exactly how our solutions can help keep your business and customers safe. We offer a variety of plans to help you build your defenses and look to the future:

  • Veriff Fraud Protect utilizes machine learning-powered checks, advanced fraud network mitigation strategies, and our team of in-house experts to help protect your organization against fraud.
  • Fraud Intelligence - Veriff Fraud Intelligence enhances your ability to mitigate threats with enriched insights and a consolidated RiskScore to enable more effective investigation and decision-making.
  • Biometric Authentication - Authenticate users promptly and securely across all stages of the user journey, ensuring seamless and stress-free experiences while preventing unauthorized access.

Stay Ahead of Fraud with Veriff

Discover the Latest Trends in the Veriff Fraud Index

Get the latest from Veriff. Subscribe to our newsletter

Veriff will only use the information you provide to share blog updates.

You can unsubscribe at any time. Read our privacy terms.