Cybercriminals to Target Digital Payments in 2022
Feb 21, 2022
Worldwide, organisations are warning cybercrime surrounding digital payments is likely to reach new highs in 2022, following record breaches in 2020 and 2021 targeting businesses and individuals alike.
The FinTech Society Research Team (FTR) at University College London points out that, alongside benefits, digital payments also bring a unique set of disadvantages, some of which make them especially vulnerable to criminal exploitation. With cash, there is a physical exchange of value. In digital applications, FTR notes there is ‘no concrete payment proof’ of the value transfer. ‘Criminals can easily obtain credentials, online-banking passwords and control online-banking meetings remotely through the rampant use of trojans.’
Statista—a provider of global market and consumer data—noted worldwide losses from online payment fraud reached $17.5 billion in 2020 and were likely to be around $20 billion in 2021, representing an increase of more than 14 percent.
On a personal level, in an exploration of the rise in fintech fraud, Forbes cited the case of Shayla King, a single mother of four from Florida, U.S. who lost over $740 (€650) when her online bank account was hacked. Chime, a provider of mobile banking services that uses the Visa card network, messaged her to highlight potentially fraudulent activity on the account, but although she confirmed the transactions—from various businesses in India—were illegitimate, the charges went through. She pursued the matter, which was then followed up by a reporter, and the money was eventually refunded more than a month later. King was clear that, given the damage caused to her finances, she would not use online banking again.
I will never in my life bank with an online bank again. That’s my car payment, my electricity bill… I’m a paycheck-to-paycheck person, and I’m still trying to climb out of that hole.
Forbes also examined the problems of digital payments for businesses, with reports from rental car agencies and hotels indicating ‘first-party fraud’ is on the rise. Customers rack up charges, then withdraw the money needed to pay them from their account before a transaction is settled, meaning the business does not receive payment. Chime was involved in so many cases that major rental brand Avis opted to refuse payments from them.
In its 2021 Payment Threats and Fraud Trends Report, the European Payments Council says ‘attacks leading to fraud can occur in all payment-relevant processes’ and often exploit more than one vulnerability in digital payment systems. It notes the European Commission has ‘reviewed and extended the legislation on combating fraud and counterfeiting of non-cash means of payment’, while highlighting the need for ongoing security improvements of digital payment systems and education of consumers using them.
The Identity Theft Resource Center (ITRC), which tracks data breaches in the U.S., anticipates not just a rise digital-payment crime, but also in the number of people who fall victim to identity theft multiple times, identifying changes in how people pay as being a particular risk.
Look for cybercriminals to take advantage of the shift to alternative digital payment methods, such as payment apps, digital wallets and peer-to-peer services.
Fortunately, for anyone concerned about the safety of a particular digital payment, and for those looking to support small businesses that are less resilient to fraud losses than larger operations, cash remains an option.