Account Takeover and Application Fraud On the Rise
June 13, 2017
Account takeover fraud and application fraud are two major challenges for U.S.-based financial institutions, according The Aite Group Impact Report “Financial Institution Fraud Trends: ATO and Application Fraud Rising Rapidly.”Obviously, these trends aren’t so great for consumers either.
Account takeovers alone resulted in $2.3 billion in losses in 2016, according to a March PYMENTS article. And application fraud costs the financial sector millions annually, and it can result in brand damage and negative publicity for the entities that enable fraudsters to create these new accounts, NuData Security says.
In the case of account takeover, bad actors use part of a person’s identity to gain access to that individual’s financial accounts.
“The perpetrator often reroutes communication about the account, keeping the victim in the dark so the thievery can continue longer,” explains an article on Creditcards.com. “Affected accounts can include credit cards, checking and savings accounts, brokerage accounts, and store loyalty rewards accounts.”
Account takeover fraud is especially attractive to fraudsters because it tends to have a bigger payoff, the piece suggests. That’s because it can take longer for individuals to realize this kind of fraud. Fraudsters make sure of that by rerouting communication about the account away from the person in whose name they opened the account.
Bad actors also sometimes use the information they leveraged to take over one account to access other accounts of an individual. People who use one password for multiple accounts make it easy for fraudsters to do that.
As for application fraud, that’s what happens when a person’s details are stolen and used to open new accounts. That can involve fraudsters using other people’s identities to open up bank accounts, get credit cards and/or loans, or even get tax rebates.
An article posted earlier this year on the Google AdWords Community notes that fraudsters and hackers use various means to gain personal information that can be used to infiltrate people’s existing financial accounts or to create entirely new ones.
- email phishing,
- instant messaging,
- Internet auctions,
- mimicking official bank websites,
- phone calls (in which fraudsters may pretend to work for a bank),
- rerouting to fake and bogus websites, and
- sending malware to devices.
To guard against such problems, people should avoid sharing their account details, never use public computers to log into their bank accounts, and check their bank accounts regularly. Individuals should also avoid clicking on links in emails, use different passwords for different accounts, and use licensed antivirus software.
Edited by Alicia Young
Article comments powered by