5 Key Strategies to Prepare for New Fraud Trends

In recent years, focus has, understandably, been on addressing the rapid rise of authorised push payment (APP) fraud. In the background, however, there has been a resurgence in fraud types that many had thought were on the decline.

Recent data from UK Finance revealed that the number of card-not-present (CNP) fraud cases in the UK increased by 26% to just over 1.24 million in the first six months of 2024 (in comparison to same time last year). The gross loss value now sits at £193.7 million (growing 11% on H1 2023).

This continues to highlight how resilient, innovative and agile fraudsters are. Free of the constraints faced by legitimate organisations operating in the financial space, they can move quickly to exploit both new and old opportunities.

As fraud continues to move in multiple directions, there are some key strategies that financial institutions can and should implement now to be ready for changes in fraud patterns.

1. Watch Declining Fraud Types

Fraud patterns are cyclical and organisations shouldn't forget this. When new controls are successfully implemented in one area and fraud levels begin to fall, it's tempting to move resources over to growth areas. Fraudsters, however, will keep their fingers on every pulse, looking for new ways to breathe new life into old tactics.

This is evident with the recent resurgence of CNP fraud in the UK. It first emerged as a pressing issue with the growth of online shopping, and in 2019 strong customer authentication (SCA) was implemented widely with positive results. As a result, fraudsters found a new focus in the form of authorised push payment (APP) fraud or scams.

Although APP fraud had been around for a while, it suddenly boomed supercharged by Covid-19, economic downturns and technological advancement. Organisations and regulators across the globe turned their primary focus from detecting unauthorised payment activity to the detection of scams.

Meanwhile, criminals found ways to bypass the protections that have been put in place for CNP fraud, primarily by tricking consumers into sharing one-time passcodes (OTPs) through sophisticated social engineering tactics. This enabled them to facilitate a 3D-Secure transaction or register a card for an e-wallet, both of which tend to be seen as the more secure payment methods with less oversight once authenticated.

This is a stark reminder that fraudsters are constantly testing the system for weaknesses. A balanced fraud strategy must be maintained at all times, using data and trend analysis to help determine where resources should be allocated.

2. Break Down the Silos Between Fraud Teams

In many cases, there is still a lack of coordination between teams dealing with application fraud and those teams handling fraud further down the line. This fragmented approach creates huge gaps in the defence system.

For example, fraudsters manage to open accounts using stolen, synthetic or even their own identities. They manage those accounts in a similar manner to legitimate account holders. There is no reason to suspect anything untoward. Credit is built up until they have reached the maximum amount they can access, then they commit 'bust-out' fraud, taking the money and abandoning the account.

Removing those internal silos has to be a priority. Ideally, this should be achieved by consolidating decisioning across all stages into a single solution, with insights and decision outcomes visible and readily available for decisioning across the entire customer lifecycle. At the very least, organisations should ensure that teams share key knowledge and data from the different solutions that are in place. It's only with a unified approach that emerging threats can be identified earlier. In the example above, by sharing key data from the 'bust-out' stage with those managing the originations process, trends or red flags can be identified much earlier in the process.

3. Learn from Trends Developing in Other Regions

Fraud trends are not limited by borders. While approaches to tackling fraud can vary significantly between countries, an uptick in a certain type in one country is a vital signal towards what might soon happen elsewhere.

For instance, the UK has been very active in its approach to tacking APP fraud with much progress from a regulatory perspective. However, as a byproduct it is also now experiencing a resurgence of CNP fraud as well as growth in abuse of false scam reimbursement cases. In countries where financial institutions have not yet seen a surge in this type of fraud, the UK's experience is an important indicator and a learning can be taken from it. What steps can you take to better prepare defences against threats like resurgence of CNP fraud before those threats become reality?

4. Empower Internal Teams to Move Quickly

The return to CNP fraud has placed a spotlight on digital wallets - one of the faster growing payments methods with over half the world's population expected to be using them by 2025. They have become a hot target for fraudsters.

Fraudsters are increasingly gaining access to digital wallets using phishing schemes or malware, or by adding stolen debit and credit cards to new wallets through social engineering techniques. This underlines the need for agility, and specifically the ability to spot threats and adapt quickly.

In order to gain the level of agility needed, there are a number of areas that organisations trying to manage this fraud need to consider.

The first is a flexible strategy. Many organisations have fraud detection rule sets that are so complex and rigid that they make it difficult to maintain and deploy new strategies. This inhibits the effectiveness and benefit of highly predictive analytical features provided by both third-party and internally developed models.

This also impacts the ability to onboard and access a variety of enhanced datasets from third-party suppliers. Though the integration of different datasets has consistently proven critical to fraud decisioning, it remains an extremely complex and lengthy process for many financial institutions.

Another key element to adapting and responding the moment threats are identified is the ability to make changes instantly. Many organisations today cite that due to lengthy IT processes they face a wait time of four to six months simply to implement a change to their data ingestion processes or their messaging in customer communication tools.

These are major barriers to being able to adapt and respond quickly. Without technology that enables teams to ingest data more efficiently, utilise analytical tools more effectively, or make changes quickly, financial institutions face significant risks.

5. The Power of Psychology in Communications

Fraudsters are master manipulators. They are adept at influencing customer behaviour, using social engineering tactics to convince individuals to hand over sensitive information. Sadly, this makes the customer the weakest link in the whole process.

This is where understanding both the psychology of fraudsters and their victims, and using effective customer communication, becomes key. It's no longer enough to send generic verification requests. The communication must help people think twice before sharing personal information. The goal must be to break the fraudster's spell and help your customer spot the red flags the scammer is trying to hide.

Tailored messaging and real-time prompts during suspicious activity and transactions will play a more valuable role in helping customers recognise potential scams. This means having the right tools that support personalised communication and bespoke treatment tailored to the threat at hand, reaching customers in the right way at the right time.

Anticipate, Adapt and Stay Connected

For financial institutions to be ready to move, they must remove the pitfalls of siloed thinking, choose technology that empowers internal teams and watch international neighbours for changes in fraud patterns and regulations.

A final point to remember is that fraudsters will always choose the path of least resistance. Currently, this sits alongside the customers themselves. Fraudsters are using psychology to exploit them when they are most vulnerable. It's time financial institutions incorporated customer psychology into their messaging to remove this path and protect their customers from manipulation.

Learn More About Fighting Fraud

• Read our whitepaper: Breaking down the Silos Between Application Fraud and Originations
• Understand how FICO helps customers manage fraud
• Learn about the value of customer communications in tackling fraud
• Understand how FICO platform enables better use of data

Public link

Please use the above public link if you want to share this noodl on another website.