Digital Transactions Authoritative, insightful and timely information for payments professionals
Online fraud schemes are on the rise across the globe.
In fact, data breaches reached an all-time high last year, with an increase of 78% year-over-year between 2022 and 2023*, and that threat continues to escalate as fraudsters find new ways to beat digital security solutions.
“There’s a lot of chatter on the dark web among bad actors, all scheming to get around fraud rules,” says Sunny Thakkar, Sr. Director of Product Fraud, Disputes & Authentication at Worldpay. “They are all putting their heads together to discover how they can get around it. That’s how new trends come up.”
“And they come up quick,” notes Thakkar.
Once confined to large companies, small businesses and nonprofits today are often targeted specifically because they tend to have little to no fraud protection in place.
To protect your business, the first step is to understand today’s most prevalent fraud schemes.
Top 2 Fraud Schemes
- Bot or Enumeration Attacks
Also known as “Carding,” the scheme works like this:
- Fraudsters purchase stolen card data on the dark web
- Then, they create a digital script on a merchant’s website to test each card to make sure it’s active
- The script automatically runs thousands of card transactions in just minutes
- If a card is accepted, the fraudster knows the card is good and uses it for larger transactions in the future
- Account Takeover
The second fraud scheme quickly gaining traction in 2024 is account takeover:
- A bad actor buys a list of stolen email addresses and passwords from the dark web
- The fraudster then uses this information to log into accounts and steal additional personal data stored on the accounts like credit card information
- If a consumer uses the same login to access multiple accounts, the fraudster then tries the consumer’s other accounts to steal even more personal data, like rewards and loyalty points
- The theft continues until the bad actor has essentially taken over all the consumer’s accounts
Impact to Businesses
These schemes, especially bot attacks, can have devastating consequences to businesses.
“It’s pretty impactful,” says Thakkar. “If a merchant usually processes 15 – 20 credit card transactions each day, and then all of a sudden, thousands and thousands of transactions per minute are fraudulently processed, there can be a significant amount of fees. Sometimes the fees exceed the merchant’s total revenue for an entire year.”
At the same time, major credit card companies are cracking down on businesses that suffer data breaches, charging fines and even revoking the business’ right to process their cards.
How to Protect Your Business
There are a variety of fraud protection solutions available. Look for a provider that:
- Incorporates sophisticated machine learning into their fraud protection services
- Offers easy to install and easy to implement solutions
- Requires little to no technical expertise on behalf of the merchant
Click here to learn more about how Worldpay can help you protect your business.
*Identity Theft Resource Center, Data Breach2023 Annual Report
