While overall percentages of online fraud continue to climb, one of our partners in fighting cyber crime, Retail Decisions (ReD), reported that card payment fraud in the UK dropped an estimated 15% last year. According to the article, “ReD Estimates a 15% Drop in UK Card Payment Fraud in 2009,” the value of online, mail order and telephone order fraud dipped to GBP278 million in 2009 from GBP328 million in 2008.

Retail Decisions CEO, Carl Clump, credits innovations in fraud prevention technologies for the estimated 15% decline over the past year. This defied the trend where overall CNP (card not present) fraud losses have grown consistently over the past five years. Despite the total drop in losses, Clump was quick to point out that the current trend, which would continue well into 2010, may not be here to stay. (more…)

According to ComScore, a Virginia-based firm that tracks online shopping, consumers have already purchased over $19 billion worth of products online this holiday season. That’s an increase of 3% over last year. While that’s good news for online merchants, Mike Cronin points out in his article, ’Tis the season to be wary of online scams, that it also provides new opportunities for online scammers.

Much like online businesses, cyber criminals are working around the clock this time of year. But instead of sending out legitimate emails promoting online sales, fraudsters are sending out emails containing bogus links that closely resemble real retail websites. While their intent is to steal credit card information from unsuspecting online shoppers, the real victims in this crime will end up being online merchants. (more…)

There was a blog post recently on Wallet Pop titled “Online theft not the main cause for identity fraud.” In it, author Josh Smith does a good job calling out the differences between identity theft and identity fraud. In short, identity theft is when someone’s personal identity information has been stolen; identity fraud is when that stolen information is used to commit financial fraud or some other kind of crime. While the two are inevitably related to one another, they are not the same thing.

In the case of identity theft, it’s a common myth that malware, botnets, and other internet scams are to blame; however, Smith cites a study done by Travelers Insurance that actually shows that the majority (78%) of incidents of identity theft actually occur offline. This indicates that peoples’ fears may have been, at least in part, misplaced. Individuals would benefit from an increased awareness and vigilance in all aspects of their life, not just online.

This being said, there still remains the question of identity fraud: what happens once someone’s personal information has been compromised? This is where online businesses still need to be on high alert, because online sites (and not physical stores) will likely remain the No. 1 target of identity fraud. Here’s why:  (more…)

The BBC News has posted a report that the Serious Organized Crime Agency (SOCA), based in the UK, is warning individuals to avoid online money-making schemes that turn them into unsuspecting “money mules.” The article explains:

Fraudsters are using a variety of bogus and legitimate recruitment channels to con job-hunters into thinking they have found genuine employment. But in each case the job comes down to asking the victim to receive relatively small amounts of money into their own account and then move them onwards to another bank.

The result is that unsuspecting individuals can become liable for stolen money being funneled through their accounts and end up suffering the consequences. As an essential component of many types of fraud, money laundering is a big problem because it enables criminals to move money around without being traced to the initial theft. This not only affects online banking, but it is also a problem anywhere money changes hands—like online casinos or auction sites. (more…)

On the heels of our previous post about increased shipping fraud during the holidays, eWeek has just reported that click fraud is also anticipated to increase dramatically in the coming months:

“As we head into Q4 and the busiest season for online shopping and Internet use by those considered inexperienced users, click fraud will likely run rampant as scammers seek to tap into the increased attention, experts warned.”

Click fraud (which is when affiliate sites dishonestly increase online ad traffic in order to gain unearned revenue) is one of many types of fraud becoming more common with the use of botnets. In addition to click fraud, many other types of fraud—including spam, phishing attacks, and identity theft—are gaining in prevalence with the use of botnets. The result is that consumer PCs are under siege and individuals and businesses alike bear the cost. (more…)

Holiday shopping season is upon us; combine that with the current unemployment rate, and online fraud is likely to reach an all-time high this year. This correlation may not immediately make sense, since many people think Internet crime is only perpetrated by organized fraud rings and overseas master criminals, using botnets and committing identity theft.

But while that kind of fraud certainly does exist, there is another type of fraud that can be equally troublesome and, to some extent, even harder to combat: fraud committed by individuals using their own legitimate information. A very common example of this kind of crime is shipping fraud and it takes several different forms. Here are a few examples and tips on how companies can address this problem. (more…)

U.S. President Barak Obama has officially declared October as National Cyber Security Awareness Month and has addressed the Nation detailing the importance of our national infrastructure.

President Obama makes some important points indicating that our networks and IT infrastructure are important national assets and it is imperative to protect them. Acknowledging the growing strength of online spending, President Obama says, “The Internet and e-commerce are keys to our economic competitiveness.”

Cyber thieves are costing the U.S. and other countries billions of dollars in fraud losses every year; this is in addition to the significant impact that individuals suffer as a result of identity theft and the propagation of malware on personal computers. Obama calls on a public/private partnership to address this threat and secure our networks.

Regardless of your political leanings, providing a safe environment for online business is an important goal for our country and the rest of the world. There is no doubt that our online activities are under siege and jeopardized by an increasing cyber threat. Thwarting this threat and providing a safe environment for online businesses and individuals is a key mission for iovation and our customers.

“More than one in five people (in Australia) have fallen victim to credit card fraudsters or computer hackers.” This statistic comes from an article on Australian news site AdelaideNow, which details the findings of a recent report on credit and identity theft in the country. Apparently credit card fraud is up 23 percent from last year, and the blame is being placed on “Australia’s lapse in deploying anti-fraud technology.” (more…)

A recent report seemed to imply that recent rises in Card Not Present (CNP) fraud in the UK was correlated with their efforts to mandate CHIP and PIN technology to fight face to face fraud.

Despite widespread adoption of the new technology and expected decreases in credit card fraud, there was instead a dramatic increase in fraud recently. Creditcardsweb.co.uk reports:

“Last year the value of credit card fraud in the UK came to a massive £610 million, which reflected a rise of 43 percent in the space of just two years.

Whilst CHIP and PIN technology was brought in to provide increased protection for consumers who were using their cards on the High Street, no such protection is in place when using a card to make online or telephone transactions, and this is why fraud in these areas has risen so sharply over recent years.” (more…)

There has been some recent discussion in different articles regarding whether or not device identification (also referred to as device fingerprinting) constitutes a violation of privacy, in the context of fighting online fraud. The topic came up recently at a panel at RSA on the Benefits and Dangers of Device Fingerprinting. Device fingerprinting provides significant benefits for online businesses; it provides an additional factor for authentication, used by many online banks, and aides in the fight against fraud by identifying computers that have been used in the past for fraudulent activities and stopping future transactions from those systems.

The argument against this type of technology, however, is that the device information could be collected and sold, constituting a violation of privacy of the online user. What needs to be taken into consideration, however, is how device fingerprinting compares with existing identity-based fraud prevention techniques. Device fingerprinting solutions, such as the device reputation system offered by iovation, ideally work to reduce fraud while simultaneously protecting the privacy of the individual. iovation’s ReputationManager service, as an example, collects and requires no personal information from our customers. Our online service is completely incapable of assigning any online activity to an individual and we market it that way.

The reality is that device fingerprinting systems provide online businesses with some of the only fraud management tools that don’t rely heavily on personally identifiable information. Instead of decrying privacy violations, privacy advocates should be looking to embrace systems that achieve the purpose of reducing online fraud while still protecting the privacy of good online users.