AFP SURVEY: PAYMENTS FRAUD HITS RECORD HIGH OF 78%
The 2018 AFP Payments Fraud Survey, underwritten by J.P. Morgan, revealed that payments fraud reached a new high in 2017 after a downswing earlier in the decade. A record 78% of all organizations were hit by payments fraud last year, according to the survey of nearly 700 treasury and finance professionals.
Checks continue to be the subject of more fraud than any other payment method, with 74% of respondents reporting this form of attack. Wire fraud followed at 48 percent, while corporate card fraud ranked third at 30%.
Business email compromise (BEC) played a major role in payments fraud in 2017, with 77 percent of organizations experiencing BEC in 2017. Additionally, 54% of BEC scams targeted wires, followed by checks at 34%. The good news is that 77% of organizations have implemented controls to prevent BEC scams.
Other highlights of the 2018 AFP Payments Fraud and Control Survey include:
65% of payments fraud is committed by individuals outside the organization
67% of payments fraud is discovered by treasury staff
92% of organizations report that payments fraud attacks collectively cost 0.5% of the organization’s annual revenue
47% of organizations discovered fraud less than two weeks after the incident occurred.
– paymentscardsandmobile.com –
US SECRET SERVICE WARNS OF ‘CHIP SWITCH’ CARD SCAM
The U.S. Secret Service is warning financial institutions about a new scam involving the temporary theft of chip-based debit cards issued to large corporations. In this scheme, the fraudsters intercept new debit cards in the mail and replace the chips on the cards with chips from old cards. When the unsuspecting business receives and activates the modified card, thieves can start draining funds from the account.
According to an alert sent to banks late last month, the entire scheme goes as follows:
1. Criminals intercept mail sent from a financial institution to large corporations that contain payment cards, targeting debit payment cards with access to large amount of funds.
2. The crooks remove the chip from the debit payment card using a heat source that warms the glue.
3. Criminals replace the chip with an old or invalid chip and repackage the payment card for delivery.
4. Criminals place the stolen chip into an old payment card.
5. The corporation receives the debit payment card without realizing the chip has been replaced.
6. The corporate office activates the debit payment card; however, their payment card is inoperable thanks to the old chip.
7. Criminals use the payment card with the stolen chip for their personal gain once the corporate office activates the card.
The reason the crooks don’t just use the debit cards when intercepting them via the mail is that they need the cards to be activated first, and presumably they lack the privileged information needed to do that. So, they change out the chip and send the card on to the legitimate account holder and then wait for it to be activated.
The Secret Service memo doesn’t specify at what point in the mail process the crooks are intercepting the cards. It could well involve U.S. Postal Service employees (or another delivery service), or perhaps the thieves are somehow gaining access to company mailboxes directly. Either way, this alert shows the extent to which some thieves will go to target high-value customers.
– krebsonsecurity.com –
FAKE QR CODE PAYMENT SCAMMERS ARRESTED IN CHINA
Three men have been arrested on suspicion of printing out small pieces of paper with the QR codes on them and then sticking them over 60 codes used by traders in Nanjing, the capital of Jiangsu province, late last week, Xiandai Kuaibao reported on Monday.
The alleged scam is said to have netted 3,000 yuan (US$480) from more than 100 transactions, which targeted traders selling expensive items such as seafood.
The three unemployed men – who were only identified by their surnames Zhao, Zhu and Zhang – reportedly told police they had been inspired by a friend who had made money this way.
People opening mobile payment accounts are now obliged to provide their full names and ID documents, but the three are accused of trying to hide their tracks by using an account opened by a friend before the regulations came into force.
Police tracked down the suspects using surveillance footage and found them in an internet cafe where they were playing computer games.
In the newspaper report local police warned shoppers to take care when scanning QR codes and always confirm that shop owners had received the payment.
– scmp.com –
Juniper predicts 2.1bn mobile wallet users in 2019
A new study from Juniper Research has found that nearly 2.1 billion consumers worldwide will use a mobile wallet to make a payment or send money in 2019, up by nearly 30% on the 1.6 billion recorded at the end of 2017.
The study claimed that while contactless card payments were far more prevalent than NFC mobile payments in many markets, leading wallets were seeking to redress the balance by enabling both online and offline options. Meanwhile, a number of wallets, including Orange in France, have augmented payments offerings with banking services in a bid to deliver a holistic financial portfolio for consumers.
The report, Mobile Wallets: Service Provider Analysis, Market Opportunities & Forecasts 2018-2022, also assessed the capabilities of, and prospects for, nearly 20 leading mobile wallets. It concluded that PayPal, which has begun offering contactless payments instore in the US, had the greatest opportunities to develop a converged wallet on a worldwide basis, closely followed by China’s Alipay.
Leading Global Mobile Wallet Providers, Juniper Leaderboard, 2018:
PayPal
Alipay
Weixin Pay/WeChat Pay
– juniperresearch.com –