According to the new study by Juniper Research, online businesses globally will lose more than $206 bln from online payment fraud by 2025. The figure is almost 10x equal to Amazon's net income recorded in the last year (2020).
The study shows increasing fraud issues for merchants greatly caused by the worldwide Covid-19 plague, particularly, a fresh wave of fraud related to identity and account theft to lay hold of correlated payment information.
Even before the coming of the pandemic, the digital payment industry was growing at a slow rate, but during the pandemic, a variety of standard operating procedures (SOPs) and healthy measures were put in place including social distancing, not using paper money, lockdowns, etc.
All these contributed a lot to a dramatic boom of digital payments including Bitcoin and other cryptocurrencies to hit record growth of 2.6B in 2020.
As per the report by Crypto Head, a cryptocurrency education platform, the U.S. alone saw over 82k crypto asset frauds in 2020. That was over 24000% from the 340 recorded cases in the year 2016.
As per the report, most frauds include scam ICO where fraudsters attract venture capitalists with an initial coin offering for a totally fake token, cryptocurrency pump and dump schemes where the price of crypto is pushed higher by a few venture capitalists who later sell their cryptos at a higher price leaving chumps with valueless assets, and cryptocurrency theft where criminals hack into user's account and steal his crypto.
Now, Juniper's data is projecting that digital payments users will surpass 4.4B worldwide four years from today (2025).
However, the increase in the digital payments has resulted into the development of new stealing and fraud opportunities for cybercriminals basically via omnichannel online sales plus activities which stir up the open utilization of monetary info.
Online payments have got a multiplex web of interactivities and application programming interfaces (APIs) which create huge risks. There are about 14 various forms of online payment fraud and the report proposes adjusting the user behavior to the arising threats. Some of the online payment frauds and how they can be prevented include:
Here, fraudsters create a merchant account in the best interests of a seemingly genuine business and then charge stolen credit cards. The attackers run away before the owners of the cards get to know that fraudulent payments have been conducted and before reversing the transactions.
Merchants should work with their banks or processors and inquire about the anti-fraud measures, tools and other related services they can deploy to guarantee fraudsters are not in position to utilize stolen card info at their businesses. They should also think of utilizing encryption or tokenisation so as to secure payment data and reduce its value to information hackers.
This is where attackers redirect traffic from a user's e-commerce platform by hijacking part of it and routing visitors to another separate site. In most cases, these unwanted sites possess dangerous hostile material which are usually used by attackers to access and penetrate a security system without being easily noticed.
However, a user or an owner of the e-commerce business must be aware of any dubious online activity and report any threat immediately to the cybersecurity team.
Here, the attackers ask for money in advance from credit card holders and owners of ecommerce stores, and promise them that they will later receive returns in form of credit cards or cash. Users and e-commerce store owners are advised not to give money to an untrustworthy person before confirming whether it's a scam or not. Report the matter to the security authorities in case of any suspicious activity.
Here, a cybercriminal steals the personal info of a user and deploys the information under false pretense. The cyberattackers use it to enter firewalls via old security networks or by hijacking login information through public internet sources, especially WiFi.
However, a user can avoid this fraud by checking if he is covered by an effective fraud protection scheme on the service website. The user should also minimize the use of public internet sources, and should not leave his accounts open - should log out everytime he finishes using a service.