Today’s fraud threats evolve rapidly, impacting businesses of all sizes and sectors. Modern fraud fighters must deliver the robust protection consumers expect, without sacrificing speed or a seamless user journey.
Technology and regulation shaping modern fraud defense
Rapid technological advancements continue to raise expectations for frictionless, customer-centric experiences. Global platforms now shape marketplaces and consumer interactions. Meta’s recent content moderation policy adjustments, for example, places greater responsibility on creators for maintaining consumer trust.
Fraudsters are also leveraging technological advancements to strengthen and evolve their tactics in an effort to outpace regulation. Australian government controls have significantly strengthened this year, with a focus on scam reporting and data sharing.
The recent passage of the Scams Prevention Framework Bill 2024 compels Australian Regulated Entities, banking, telecommunications firms and digital platforms to implement reasonable steps for scam prevention, detection, disruption, and intelligence sharing. Non-compliance carries substantial penalties, reaching up to $50 million. The rollout of Tranche 2 of AML/CTF reforms will further push business towards proactive accountability.
Collaboration and collective effort are key
Greater global cooperation is emerging through initiatives like the UK's Economic Crime Plan 2 and Singapore's COSMIC platform, facilitating information sharing among financial institutions on potentially high-risk customers.
The traditional reluctance of businesses to collaborate on fraud prevention, often due to competitive or privacy concerns, is yielding to the practical necessity of pooling information to collectively identify and deter criminal activities that may otherwise go undetected.
Fraud trends demanding business vigilance
Key takeaways:
- Non-credit application fraud is on the rise
- Document fraud, whereby one or more elements of documentation is falsified, is increasing in volume and sophistication
- Deepfakes make social engineering attacks more convincing
- Higher-value fraud attempts and synthetic identity fraud persist
- Personal fraud may rise due to financial pressures.
Non-credit application fraud is on the rise
Equifax insights highlight several evolving fraud trends that necessitate a proactive approach. Among these, the substantial rise of non-credit application fraud stands out. By the second quarter of 2024, non-credit application accounts, including transaction accounts, telco, insurance and commercial rental, represented 57.8% of all fraud listings. This marked a 3.1% year-over-year increase.
The non-credit application account category has experienced significant growth in fraud volume, with a 22.5% increase in the year leading up to the end of Q2 2024 and more than tripling in the past four years.
Increase in volume of fraud listings, Equifax Fraud Index Report 2024
Document fraud, whereby one or more elements of documentation is falsified, is increasing in volume and sophistication
Equifax fraud intelligence also points to a marked escalation in document fraud, both in reported instances and in observations from our client engagements. Document fraud involves the falsification of application documentation and/or identity details by either the applicant (first-party) or an intermediary like a broker, agent, or dealer (third-party). The accessibility of advanced yet affordable technology facilitates the creation of highly convincing fraudulent documents, significantly complicating visual authentication.
Deepfakes make social engineering attacks more convincing
Expect the proliferation of increasingly realistic deepfakes across voice, video and even text. Deepfake technology, also known as ‘artificial intelligence-generated synthetic media’, leverages sophisticated machine learning algorithms. The rise of generative AI and user-friendly tools now enables widespread creation of deepfakes, enabling fraudsters to impersonate individuals with greater ease for social engineering attacks, such as CEO fraud and romance scams.
The personalisation and sophistication of these attacks, combined with the ability to mask individual traits and writing styles, makes phishing considerably harder to identify. By tailoring messages and mimicking voices, malicious actors can more effectively impersonate trusted individuals, gaining unauthorised access to financial accounts or sensitive commercial data. Deep fake videos featuring executives could also disseminate misinformation, potentially impacting stock prices or damaging corporate reputations.
Higher-value fraud attempts and synthetic identity fraud persist
We anticipate a continuation of higher-value fraud attempts as fraudsters increasingly target substantial transactions to maximise illicit gains. Fraud listings for high-value assets like auto finance and mortgages have nearly doubled since early 2022.
Synthetic identity fraud, particularly ‘sleeper fraud’, involving fraudulently obtained loans serviced by illicit funds from organised criminal activity, remains a critical concern. This method requires minimal genuine personal information to fabricate a false profile or replica identity. With no legitimate victim to flag unusual account activity, this form of identity theft can persist undetected for extended periods, allowing criminals to siphon or launder substantial sums.
Personal fraud may rise due to financial pressures
Additionally, we foresee a potential rise in first-party fraud, also termed personal or ‘friendly fraud’, as individuals may resort to fraudulent activities driven by financial pressures or other motivations. This type of fraud typically involves providing false information on credit applications or using counterfeit documents.
What to Do: Modern fraud fighting strategies
To be a modern fraud fighter, businesses should consider prioritising the following:
- Integrate your defenses: Eliminate the inefficiencies of disparate systems by consolidating fraud prevention tools within a unified platform. This includes seamlessly integrating ID verification with fraud assessment, providing a comprehensive customer view that enables informed decisions on whether to proceed or challenge online verifications.
- Prioritise customer experience: Ensure secure yet frictionless customer journeys across all channels with a sophisticated fraud management system. Leverage diverse data points, robust trust signals and artificial intelligence to facilitate seamless experiences for trusted customers, while applying additional authentication for potentially risky interactions.
- Safeguard consumers: Complement customer education efforts regarding identity theft risks by offering both customers and employees complimentary access to a service like Equifax Protect. This proactive measure tracks credit report changes, monitors key information on the dark web and helps mitigate identity theft risks.
- Foster strategic collaboration: Recognise that collective intelligence offers a stronger defense than isolated efforts. Participating in anonymised data sharing in a fraud industry consortium creates a powerful resource of confirmed fraud events and early warnings for point-of-application fraud.
- Deploy velocity detection: Implement velocity detection capabilities to identify unusual spikes in activity volume or speed, which can flag suspicious identity verification attempts based on pattern matching within defined timeframes. Ensure the flexibility to customise velocity rules, aligning acceptable thresholds with your business needs.
- Adopt a multilayered approach: Employ a robust combination of diverse data sources, advanced analytics, AI-driven defenses and human expertise. Enhance onboarding decisions through pattern matching and machine learning that operates in the background to rigorously assess identity attributes, history, and behavior in real time.
What Not to Do: Avoiding common mistakes
Businesses often make critical mistakes in their fraud prevention efforts by:
- Downplaying exposure: Avoid the assumption that your business or sector is immune. Fraud landscapes are dynamic, and even seemingly small businesses are at risk.
- Missing collaboration opportunities: Resist the notion that your organisation is too small to gain from collaborating with larger players. Shared intelligence and resources form a crucial element of a robust fraud strategy.
- Operating reactively: Don't delay action until an incident occurs. Implement proactive safeguards, including hotlists, velocity rules, shared intelligence networks and device/behavioural biometrics.
- Neglecting consumer awareness: Do not underestimate the need to educate your customer base on the dangers of scams and identity fraud. Provide them with the knowledge and tools necessary for self-protection.
Equifax: Your partner in fraud prevention
The Equifax Good to Go platform of ID & Fraud Digital Services draws on 50 years of industry expertise, harnessing extensive data assets, advanced analytics, cloud infrastructure and cross-industry intelligence within an advanced, single view platform. Seamlessly integrate identity verification, comprehensive fraud assessment, biometric data verification, a fraud consortium, PEP and sanctions screening, adverse media monitoring and robust payments fraud defense - all within a single environment.
Transition from a 'Know your customer' approach to a position of genuine ‘Trust your customer’ by selecting a partner and platform that delivers a consolidated view of individual risk, accessible through a single API for rapid responses. Transform a potential vulnerability into distinct competitive advantage by swiftly and seamlessly identifying which customers are indeed good to go.