Online fraud in the United States: How financial services can combat fraud

Phishing: A persistent threat

Phishing is one of the most prevalent forms of online fraud in the U.S. In 2023, there were nearly 299,000 phishing incidents reported to law enforcement. Phishing involves tricking individuals into revealing personal information such as login credentials, credit card numbers, or other sensitive data. Mobile phishing, in particular, is on the rise, with North America being one of the regions most affected. According to recent data, online shopping scams have seen the biggest increase over the past eight years, highlighting the importance of caution when making purchases online. A recommended way to avoid these scams is to research online retailers before purchasing to ensure their legitimacy.

Phishing simulations, where organizations test their employees' ability to recognize fraudulent emails or links, have revealed the vulnerability of various industries. In 2023, sectors such as business services, consulting, telecommunications, construction, and entertainment showed the lowest resistance rates to phishing attacks, highlighting the need for better cybersecurity awareness and training.

Business E-mail compromise (BEC)

Another highly damaging form of online fraud is Business E-mail Compromise (BEC). In 2023, more than 21,000 individuals were targeted by BEC attacks in the U.S. In these attacks, fraudsters impersonate a trusted entity, such as a CEO or vendor, and trick employees into transferring money or sensitive information. The financial losses from BEC attacks were significant, amounting to $2.94 billion in 2023, up from $2.74 billion in 2022. BEC scams can lead to severe financial damage; for instance, the largest recorded loss from a single email scam was a staggering $47 million.

Impersonation scams: Targeting brands

Impersonation scams, where fraudsters pose as well-known brands, are also on the rise. Best Buy's Geek Squad was the most impersonated brand in the U.S. in 2023, followed closely by Amazon. Microsoft was involved in 68% of online brand impersonation incidents. Impersonation scams often exploit cryptocurrency payments, and in 2023, they caused $208 million in financial losses through this payment method alone.

Seniors targeted by scams

Fraudsters often prey on the most vulnerable groups, and seniors in the U.S. are frequently targeted. In 2023, individuals aged 60 and older filed the highest number of cybercrime complaints, which included various types of online fraud. This age group also faced the highest financial losses, which totaled $3.4 billion. The most reported form of cybercrime among seniors was tech support fraud, but the most financially devastating were investment scams.

A key tip for avoiding scams like computer software service fraud is to never let someone take control of your computer unless you’re absolutely sure of their legitimacy.

Changing landscape: Social media & AI

The nature of online fraud is evolving, with social media now playing a significant role in scam encounters. Social media platforms have become the most common avenue for costly scams, with online shopping frauds being particularly prevalent. Additionally, the rise of generative AI has made it easier for fraudsters to create convincing deep fakes, further complicating the detection of online fraud.

Key tips for financial services to combat online fraud

Financial services organizations are prime targets for online fraud due to the sensitive nature of the data they handle and the high volume of transactions they process. To effectively combat the ever-evolving threat of online fraud, financial services companies must adopt a multifaceted approach that includes technological advancements, customer education, and strong security measures.

Here are some key strategies:

1. Implement Multi-Factor Authentication (MFA)

To reduce the risk of unauthorized access, financial institutions should implement Multi-Factor Authentication (MFA). MFA adds an extra layer of security by requiring users to verify their identity through multiple methods, such as a one-time code or biometric authentication. This makes it harder for fraudsters to exploit stolen credentials.

2. Leverage Artificial Intelligence (AI) and Machine Learning (ML)

Financial services can benefit greatly from AI and ML technologies. These tools analyze large datasets to detect patterns and anomalies that may indicate fraudulent activity. AI-driven systems can provide real-time alerts on suspicious transactions, making it possible to prevent fraud before significant damage occurs.

3. Enhance customer education and awareness

Fraudsters often rely on tricking individuals into sharing sensitive information. Educating customers on the latest fraud tactics, such as phishing and impersonation scams, can help prevent such attacks. Regularly share cybersecurity best practices, such as avoiding suspicious links and verifying requests for sensitive information.

4. Deploy advanced fraud detection solutions

Financial services should invest in advanced fraud detection solutions that use biometric authentication, AI, and data analytics to identify suspicious activities in real-time. These systems can monitor account activities, detect unauthorized access, and block fraudulent transactions before they occur.

5. Adopt strong data encryption and secure communication channels

Securing data and communication channels is critical in preventing fraud. Financial services must use strong encryption protocols to protect sensitive customer information during both storage and transmission. All digital platforms, including mobile apps, should employ secure HTTPS connections to safeguard against data breaches.

6. Monitor and block business e-mail compromise (BEC) attempts

Financial institutions must be vigilant against BEC attacks by implementing email verification protocols, such as DMARC (Domain-based Message Authentication, Reporting & Conformance), to prevent fraudulent emails from reaching employees. Training staff on how to spot suspicious emails and verify financial requests is crucial.

7. Strengthen vendor and partner security

As third-party vendors can introduce security risks, financial institutions should implement strict vendor management protocols. Regularly auditing the security practices of partners and requiring them to adhere to the same cybersecurity standards helps minimize potential vulnerabilities.

8. Use Identity Verification and KYC processes

By implementing strong Know Your Customer (KYC) procedures, financial services can verify the legitimacy of their customers and reduce fraud risk. Automated identity verification solutions that use biometrics and government-issued ID checks can help prevent fraudsters from creating fake accounts or engaging in unauthorized transactions.

9. Implement transaction limits and alerts

Setting transaction limits and sending real-time alerts for high-risk transactions, such as large fund transfers or payments to unfamiliar accounts, can help detect and block fraudulent activity early. Customers should be immediately notified of suspicious transactions.

10. Collaborate with law enforcement and fraud networks

Collaboration is key in the fight against online fraud. Financial institutions should work closely with law enforcement agencies and participate in fraud detection networks to share information about emerging threats and fraudulent schemes. This collective intelligence can help prevent fraud on a larger scale.

Conclusion

The online fraud landscape is constantly evolving, but financial services can significantly reduce their risk by adopting a combination of technological solutions, customer education, and internal security measures. By staying proactive, leveraging AI-powered fraud detection, and maintaining strong communication with both customers and law enforcement, financial services organizations can protect themselves and their customers from the growing threat of online fraud.

How Veriff can help fight fraud

As online fraud continues to grow, businesses need reliable solutions to protect their customers and their own operations from cybercriminals. Veriff, a leading identity verification platform, is well-equipped to help financial services and other industries in their fight against online fraud. Here’s how Veriff can provide crucial support:

1. AI-Powered Identity Verification

Veriff uses advanced artificial intelligence (AI) and machine learning (ML) technologies to verify the identity of users in real-time. By analyzing biometric data, government-issued IDs, and behavioral patterns, Veriff can quickly and accurately detect fraudulent attempts to create fake accounts or perform unauthorized transactions. This helps prevent fraud at the point of onboarding and ensures that businesses are dealing with legitimate customers.

2. Comprehensive KYC & AML Solutions

Veriff's Know Your Customer (KYC) and Anti-Money Laundering (AML) solutions help financial services comply with regulatory requirements while preventing fraud. By automating the verification process, Veriff enables businesses to identify high-risk customers and ensure that they meet compliance standards, reducing the risk of financial crimes like money laundering and fraud.

3. Fraud Detection & Prevention

With Veriff’s real-time fraud detection tools, businesses can identify suspicious activity during the verification process. Veriff's technology detects anomalies such as document forgery, synthetic identity creation, and deepfake attempts, enabling companies to flag and block fraudulent transactions before they cause harm.