Social Engineering: Identity fraud in the digital world costs companies billions of euros. When it comes to social engineering, fraudsters always use it. The list of the most frequent attempts at fraud is headed by social engineering with 73 percent, followed by the use of forged (16 percent) or stolen IDs (11 percent). This resulted from the new “Identity Fraud Report 2019 from IDnow, provider of Identity Verification-as-a-Service solutions. The report shows current fraud scenarios from the first half of 2019 and explains how companies can protect themselves against them with digital business models.
Fraud Attempts Via Social Engineering Are Increasing
Fraudsters have been using social engineering for longer to induce unsuspecting end-users to open an online account and misuse it for criminal activities. In 2019, social engineering attempts increased overall compared to other fraud techniques. In most cases, scammers use fake job ads, app test offers, or cheap loans to lure their victims with a supposedly lucrative deal that requires them to open an account with an online bank. eBay classifieds (83 percent), job search engines such as Indeed (nine percent) and Jobmensa (two percent), as well as networks such as Xing (two percent), are used to establish contact.
Fraudsters use a pretext, such as a paid product test, to get their victims to open an account in their name. Once the account is set up, the scammers control it and use it for criminal activities. Only then does the victim realize that they have been deceived. Some scammers now use sophisticated camouflage. These include fake company email addresses, fake ads, and even fully developed websites pretending to be a legitimate business venture. Therefore, it is becoming increasingly important this year to counteract this with advanced technology and specially trained identity experts.
Use Effective Defense Strategies
Two defense strategies have proven to be particularly effective to prevent this type of identity fraud: First, device binding, which ensures that the account can only be used with the device with which it was opened. As soon as another device is accessed, the user has to verify himself again. And on the other hand, particularly well-trained staff use psychological questions during the video identification process to sound out whether the new customer could be a potential social engineering victim and uncover any inconsistencies.
In the case of identity fraud with forged documents, the quality of ID copies has noticeably improved this year. Compared to passports with 24 percent, forged identity cards are used three times more often with 76 percent. Fraudsters are particularly active with this method, with identification documents from Austria (39 percent), the Czech Republic (24 percent), and Germany (20 percent). Companies can protect themselves against this by relying on identification solutions that recognize security features such as holograms and variable inks quickly and reliably and use machine learning algorithms for continuous improvement in dynamic visual recognition. In unclear cases, a double-check should also be carried out.
Fewer Cases Of Similarity Fraud
In similarity fraud, criminals use a real, stolen ID card from a person with similar facial features. The overall share of this method is falling, as today’s specially trained experts and biometric systems expose this form of fraud much better than was possible in the past.
All features on the user’s face are scanned during the identification process and compared with the image on the identification document. If both images match in all important areas, the second step is taken: the liveliness test. The user has to move his face in front of the camera according to certain specifications, ensuring that it is not a static recording or photo of the user but a living person.
Always Be One Step Ahead
“To always be one step ahead of the latest fraud methods, we have to be faster, better networked, and more creative than the fraudsters themselves. Exchanges with victims are available to study the exact procedure of the fraudsters. The team also has the fraudsters’ websites taken offline and works with the police and Lukas to arrest the fraudsters. On this basis, we continuously adapt our security processes,”.
“When it comes to cyber fraud in sensitive industries such as banks and insurance companies, every single case counts, which is why we rely on a hybrid model on a technical level that optimally combines AI and human intelligence to protect customer data best and ensure its security. We invest heavily here, and it pays off: We regularly receive feedback from our customers that the video identification process has the lowest fraud rates compared to other identification methods”.