LexisNexis® Risk Solutions, the global data and analytics provider, today predicts what it expects the key fraud trends will be in 2021. Fraud has evolved significantly in 2020, with fraudsters taking advantage of people’s fears and uncertainties around the Covid-19 pandemic. LexisNexis® Risk Solutions predicts much of this behaviour will continue to evolve in 2021.
An online environment perfect for bots
The government imposed restrictions as a result of Covid-19 has fuelled a shift in UK commerce, drawing new businesses, users and devices online. This shift in new-to-digital users has resulted in an increase in online traffic, with the LexisNexis® Digital Identity Network® reporting a 21% rise in ecommerce transactions for the first half of 2020. This increase in online traffic and transactions provides the perfect camouflage for fraudsters to launch automated bot attacks and test the myriad of stolen identity credentials available on the dark web. Correlating this trend is the fact that the Network reported a 235% increase in automated bot attacks YoY in the first half of 2020. With lockdown environments seemingly expected to extend into 2021, we expect fraudsters to continue to attempt to operate beneath the radar of detection by hiding among large traffic volumes and launching automated bot attacks to test stolen identity credentials. Data breaches will continue to be the lifeblood of cybercrime, increasing 17% in 2019 alone, feeding cybercriminals with the stolen credentials used for fraudulent activity.
The year 2020 attacks come to fruition
2020 has seen the full gamut of attacks as fraudsters look to find opportunity in a digital environment currently in flux due to the pandemic and lockdown environments. Data breaches have continued to make headline news, with fraudsters leveraging automated bots, phishing, social engineering and other complex attack vectors designed to monetise breached identity data. We have seen that data being used to create synthetic identities, takeover accounts and make fraudulent payments – this will all continue in 2021. Fraudsters will continue to use tried-and-tested methods, as well as evolve and create new methods of attack. However, in 2021 we will also see all the fraudulent activity and attacks carried out in 2020 come to bare – so prepare for a wave of fraudulent activity, and an increase in fraud victims, in early 2021 – especially coronavirus-related scams, such as fraudulently obtained business loans offered by the Government. With these ‘Bounce Back’ loans, the first repayment dates are currently stated for March and that will be a key moment to understand how many of the loans were obtained fraudulently.
Rise of Authorised Push Payment Fraud
Also known as a bank transfer scam, an Authorised Push Payment (APP) scam is when an individual – either knowingly or unwittingly – transfers money to an account held by a fraudster. Fraudsters are getting adept at tricking victims into transferring money – via social engineering or Remote Access Attack, for example. Banks have seen an increase in new-to-digital customers, with store branches closed due to lockdown environments stemming from the pandemic. Many of these new-to-digital users are unfamiliar with online banking, and may be easily tricked into sending money to another account. In 2021, we expect APP fraud to ramp up in the UK, with a wide range of attacks targeting vulnerable consumers – from mobile and mobile app attacks, to sophisticated social engineering attacks.
Changing face of fraud victims
For too long victims of fraud have been characterised as the technologically naïve and elderly. In reality, there is no true one face of fraud – anyone, from anywhere, can become a victim, and 2020 was testament to that fact. Not only did fraudsters continue to be indiscriminate as to who they targeted in 2020, but they also showed that they were adept at adapting and pivoting attacks to take advantage of developing situations – scams concerning PPE and government-backed ‘Bounce Back’ Loans, for example. It is important to remember that each and every consumer is unique, which is why it is vital for businesses to understand the digital DNA of each and every customer in order to reliably recognise genuine, returning customers, as well as the fraudsters.
Money mule recruitment drive
Fraudsters have become adept at recruiting ‘money mules’ – someone who is asked to receive money into their bank account and transfer it into another account, or allows somebody to take control of their account. A key demographic targeted by fraudsters, or ‘mule herders’, are young people, with a recent Barclays report finding that under-21s being recruited as money mules has more than tripled between 2016 and 2019. Fraudsters leverage social media and messaging services to lure young people – such as cash-strapped students – into laundering dirty cash with fake job adverts offering easy money. Compounding the money mule problem is the current lockdown restrictions resulting from the global pandemic – those on furlough or those who have been made unemployed may also turn to these fast money scams, making money mules one of the biggest threats in the coming year.
Rebekah Moody, director, Fraud & Identity at LexisNexis® Risk Solutions, comments: “2020 has been a year of unprecedented change and disruption, but one thing that has remained constant is fraudsters’ determination to get access to what they want, and this will continue in 2021. If 2020 has shown us one thing it’s that fraudsters are highly adaptive to change and will pivot their attacks to take advantage of developing situations – just look at how quickly fraudsters saw the opportunity in Bounce Back Loans offered by the government. As criminals develop ever more complex methods to commit fraud, businesses must be able to keep pace with the shifting cybercrime landscape and arm themselves with fraud defences that layer multiple solutions to detect and block the full spectrum of attacks. It is vital to separate the good from the bad, the fraudulent from the legitimate – we can bring together digital identity intelligence, behavioural biometrics, machine learning techniques and other advanced technology to help prevent and detect fraud.
“Whilst we can need to be aware of these key trends in 2021, it’s vital that businesses are prepared for all forms of attack, and they do the utmost to protect their customers and themselves.”