Search

Brian Pennington

A blog about Cyber Security & Compliance

Tag

Online banking

Card fraud and online banking fraud down, but cheque and phone banking fraud up

New figures released on the 5th October 2011 show that fraud losses on UK cards decreased in the first half of 2011 compared with the same time last year, as did fraud on online bank accounts. However, cheque fraud and fraud on phone banking accounts increased over the same period.

Total fraud losses on UK cards fell to £169.8 million

Between January and June 2011 a 9 per cent reduction compared with losses in the first half of 2010. This half-year total is the lowest for eleven years and also the third consecutive decrease. The sustained fall is due to the success of a number of industry initiatives such as the increasing use of fraud detection software, the roll-out of updated chip cards and the increasing roll-out of chip and PIN technology abroad. Lost and stolen card fraud losses rose slightly, increasing by £4.4 million. Initiatives such as chip and PIN have made it harder to commit ‘high-tech’ frauds, and criminals are instead reverting to more basic frauds centred around stealing people’s cards and PINs. These scams range from distracting people in shops or at cash machines and then stealing their cards without them noticing, to simply tricking them into handing over their cards and PINs on their own doorstep.

Online banking fraud losses totalled £16.9 million

During January to June 2011 a 32 per cent fall on the 2010 half-year figure. A variety of factors have contributed to the decrease in online banking fraud, including increased customer awareness of computer security combined with banks’ use of fraud detection software.

Phone banking fraud losses rose to £8.6 million

A 48 per cent increase during January to June 2011. As with card fraud, criminals are focusing on the straightforward crime of duping a customer into believing they are dealing with a bank or police representative and getting them to disclose their financial security details, such as PINs, passwords and login details, which the criminal then uses to access the customer’s bank account over the phone.

Cheque fraud losses increased

Cheque fraud losses increased from £14.0 million in the first half of 2010 to £16.4 million during the same period in 2011. Although this is a 17 per cent increase, the overwhelming majority of this type of fraud is stopped before the cheque is paid. In fact, more than £254 million of attempted cheque fraud was spotted and stopped during the clearing process in the first half of this year.

DCI Paul Barnard, Head of the Dedicated Cheque and Plastic Crime Unit (DCPCU), the special police squad which is sponsored by the banking industry and has an ongoing brief to help stamp out organised payment fraud across the UK, said:

Losses are appreciably lower than they were a few years ago and everyone involved in tackling fraud has reason to be encouraged by this and that includes bank customers who, as their own front-line of defence, have certainly played their part too.

“However, there has been an increase in old fashioned scams criminals using distraction techniques and social engineering methods to get hold of people’s cards or phone banking details. We are urging everyone to be on their guard. Your bank or the police will never cold call you or email you and ask you for your login details, cards or PINs. If anyone does, they are probably  a criminal, so hang up the phone or delete the email.”

Card Fraud Type – on UK issued credit and debit cards Jan-June 2007 Jan-June 2008 Jan-June 2009 Jan-June 2010 Jan-June 2011 +/- 10/11
Phone, internet and mail order fraud (Card-not-present fraud) £137.0m £163.9m £134.0m £118.2m £109.2m -8%
Counterfeit (skimmed/cloned) fraud £72.3m £88.8m £46.3m £28.2m £18.0m -36%
Fraud on lost or stolen cards £30.7m £26.8m £25.1m £21.3m £25.7m 20%
Card ID theft £18.7m £19.5m £23.9m £15.0m £11.5m -23%
Mail non-receipt £4.9m £5.3m £3.5m £3.8m £5.4m 42%
TOTAL £263.6m £304.2m £232.8m £186.8m £169.8m -9%

The release places some of the success on fraud detection solutions and Chip and Pin but lets not underestimate the impact of the improved focus on IT Security which is being enforced by compliance and regulatory requirements like PCI DSS and the Data Protection Act.

.

Advertisements

Which? Tips for Online Banking

Security token devices
Image via Wikipedia

After a recent review of online banking Which? the consumer guide people have produced a list of “Top online security tips”.

  1. Regularly log in and check your statement for unusual transactions. If you spot anything unfamiliar
    immediately contact your bank.
  2. Avoid public computers for online banking, make sure your wifi-network is secure, and don’t open emails from unknown sources as they may contain a virus
  3. Install the latest anti-virus and anti-spyware software, use an effective firewall, and ask your bank if they offer ‘Rapport‘ software which can be used in addition to your usual software.
  4. Keep both your operating system (such as Windows) and your browser (such as Internet Explorer or Firefox) up to date and set your computer to install updates automatically. If you receive a suspicious email purporting to be from your bank forward it to reports @banksafeonline.org.uk.

Learn more about online banking security by reading the Which? “online guide to protecting your online ID” here and the Which? “How to bank online safely” here.

.

Most Small Business Owners do not treat Fraud as a Top Priority – survey results

New logo for TD Bank
Image via Wikipedia

On the 15th August 2011 TD Bank launched the results of a survey that indicates small businesses (sub $5 million) do not have Business Fraud as their top priority, in fact only 1% of survey respondents said it was a top priority.

TD Bank’s survey polled 300 small business executives in its Maine to Florida area  to understand their current awareness of small business fraud, as well as their top external concerns over the next 12 months.

“It’s encouraging to see that small business owners are taking steps to protect their business, but fraud protection should be a high priority and it pays to be vigilant,” says Fred Graziano, Head of Commercial and Small Business Banking at TD Bank. “Given the influx of new digital technologies and operational tools available for small business owners, it’s increasingly important to learn about the latest trends and techniques used by criminals, and to be more diligent in defending against fraud.”

Graziano and Robert Dunlop, TD Bank Director of Corporate Security and Investigations, offer the following advice to small business owners to protect their business from fraud:

Manage finances  using secure online banking.

Online banking is a secure and essential tool for any small business  owner. The benefits of this useful service include 24/7 access to real-time information, account transfers and payment management. Small business owners can easily schedule and manage payments, submit remittance information, and have an audit trail of all transactions.

“It’s important for small business owners to check their account activity regularly,” says Graziano. “Having instant access to payment history helps businesses closely monitor their spending for any discrepancies. If there are any, contact your financial institution immediately.”

Protect computer systems and practice online awareness.

“Being complacent about cyber protection can lead to the compromise of critical information and detrimental consequences for a business,” says Dunlop. “Every computer at home or in the office should have installed and regularly updated firewalls and anti-virus software.”

While conducting business online, be aware of “phishing” – an electronic scam that attempts to obtain confidential personal or financial information from its target. It takes the form of a fake message, usually an e-mail, which appears to be from a financial institution or service provider. While some e-mails are easily identified as fraudulent, including some containing enticing headlines, others may appear to come from a legitimate address.

“If an offer received via e-mail or on a website sounds too good to be true, it probably is,” says Graziano.

Safely handle sensitive documents and financial statements.

“The web isn’t the only place where thieves can steal valuable information from a small business,” says Dunlop. “Employees and outside parties can steal important mail, credit card information or checks, and commit fraud.”

Printed financial statements, social security numbers and other sensitive papers should be disposed properly using a shredder or saved in a securely locked device.

“To avoid the hassle of handling several papers, banks such as TD Bank allow customers to opt out of paper statements and receive online statements instead,” says Graziano.

According to Dunlop, technological advances have even put photocopiers at risk, “Most photocopiers built since 2002 contain a hard drive that stores every image scanned, copied or emailed. When a business sells or upgrades their copier, the machine is usually cleaned up and reconditioned, but often times the hard drive is left intact and is not scrubbed,” says Dunlop.

Once resold, it’s possible for anyone to simply pop out the hard drive and access, and sell confidential information such as income tax and bank records, social security numbers, and birth and medical records.

“Businesses need to be aware of this and treat documents in the standard office copier just as they would any printed document, and guard that information accordingly,” says Dunlop.

Obtain fidelity insurance.

“Crime and fraud-related losses generally aren’t covered by property insurance policies, so it’s important to protect money losses from workplace fraud,” says Dunlop.

Fidelity insurance protects your business against criminal acts such as robbery, embezzlement, forgery and credit card fraud. Liabilities secured under this type of insurance usually include money loss coverage (burglary or theft) and employee dishonesty (embezzlement and forgery).

Search for low rates and partner with a broker, such as TD Insurance, who can help shop for the best deal.

Incorporate appropriate checks and balances.

Every small business owner should perform an internal review and assessment of company finances on a monthly basis. Make sure payment amounts match all invoices and check for any missing documents.  “Running random audits or having a third party audit the books once a year will show employees you are serious about fraud and deter them from committing deceptive acts,” says Graziano.

TD Bank advise that if you think you are a victim of business fraud, immediately contact the fraud department of any of the three major credit bureaus to place a fraud alert on your credit file. Also, contact your banks, credit card issuers and other creditors where your finances and information are available.

More information on TD Banks Security can be found here.

.

Smartphone users at risk of ID Fraud

Image representing Equifax as depicted in Crun...
Image via CrunchBase

Credit reference agency Equifax has recently released its research into the implications of Smartphone Theft on Identity Fraud.

The findings of the reasearch are very interesting as they show how cavalier Smartphone owners are with their information and Identity.

The highlights of the research are below:

  • 94% of consumers fear identity fraud and theft yet many keep too much personal data on mobile devices
  • 54% of second-hand phones contain personal data including texts, emails and even banking details, identity fraud expert Equifax is urging consumers to think about what personal data they store on their mobile phone and ensure they delete all data from both the phone and SIM card before recycling or selling it
  • 40% of smartphone users also don’t use the passcode function, leaving them vulnerable to ID fraud. And this jumps when looking at the younger generation that have most embraced the new technologies
  • 62% of 22-25 year olds use their smartphone to regularly check their online banking. Yet despite fears about identity theft, 69% do not use a passcode function on their phone
  • 35% admit to regularly clearing their browsing history after they use online banking. It’s also this generation where there’s probably more chance of them having personal items stolen when out shopping or in bars and clubs, making them the perfect target for fraudsters

 EQUIFAX’S SMARTPHONE SECURITY TIPS

  • Always use the PIN function on your handset
  • Don’t store reminders of passwords on your phone
  • Think about which accounts you access from your phone – would it be better to wait until you’re at the security of your home
  • Wipe browser history, especially if reviewing online banking
  • Keep an eye out for malicious software masquerading as apps
  • Keep your smartphone safe at all times
  • Delete all personal information from the phone and the SIM card before recycling or selling your phone

Read the full press release here.

.

Blog at WordPress.com.

Up ↑

%d bloggers like this: