Latest news with #Fraudscape
Finextra
15-07-2025
- Business
- Finextra
How Open Banking helps with Account Takeover Fraud Prevention: By Andrew Bonsall
While Open Banking transactions remain significantly less prone to fraud than other payment types, financial crime, particularly Authorised Push Payment (APP) fraud, is still a major concern across the ecosystem. In fact, Cifas' latest Fraudscape report shows a 76% surge in ATO cases, with more than 74,000 filed in 2024 alone. The spike in unauthorised facility upgrades and SIM swaps shows how quickly criminals bypass controls and take over accounts at scale. While telecoms and online retail saw the sharpest rises, the same tactics like remote access tools, spoofed identities, and phishing are being used across financial services. Traditional fraud models aren't built to pick up on these behaviours in time to prevent loss. To stay ahead, firms need to understand what's happening inside the account as it happens. That means access to live transaction patterns, not historical snapshots. This is where Open Banking data makes the difference. Missed signals behind 2024's fraud spike Cifas's recent Fraudscape 2025 report recorded a record 421,000 fraud cases in 2024, a 13% increase on the previous year, driven primarily by a 5% rise in identity fraud and a huge 76% jump in account takeover attempts. In particular, SIM swap fraud exploded by 1,055%, with nearly 3,000 cases impacting airtime accounts. This sharp rise in account takeover fraud reflects the key changes in how these attacks are being carried out. But while tactics have matured. Controls haven't. Many fraud models are still rooted in historical data and binary triggers: a flagged device, an unexpected login, or a change to contact details. But criminals are no longer working outside the lines. They're copying genuine user behaviour, using compromised credentials, and blending in with normal activity until it's too late. Traditional fraud controls struggle because they lack three things: timing, context, and behavioural insight. That's what allows high-risk activity to slip through unnoticed. What's being missed: Subtle changes in usage , like increased account access at unusual hours, or from slightly different locations (just enough to bypass geo-tracking but still signal a change). Micro-withdrawals or test payments that precede larger unauthorised transactions, missed due to fixed rule thresholds. SIM swap attempts or new device registrations that are flagged after the fact. Dormant account reactivation, which can look like a returning customer but is the start of staged fraud. What's changed in fraud risk: Illegal 'fraud-as-a-service' tools are lowering the barrier to entry. Even novice actors now have access to professional-grade scripts, phishing kits, and remote desktop tools. AI-enhanced social engineering is making impersonation more persuasive (Cifas notes a surge in spoofed voices being used to bypass phone-based verification). Scam infrastructure is industrialised, with organised groups running operations at the scale of legitimate businesses, complete with tech support, operating hours, and incentive schemes. Without real-time signals, many of these behaviours appear low risk until money moves or a customer reports an issue. By then, recovery is expensive, trust is eroded, and the window for effective response has closed. This is where Open Banking data comes into play. By analysing live transaction flows, spending patterns, and account behaviours, fraud teams can: ✅Detect anomalies based on actual customer behaviour. ✅Build contextual risk profiles that adjust dynamically over time. ✅Act faster on the first signs of high-risk activity, before the funds are gone. In short, it's the difference between observing a breach after it happens and spotting the warning signs in motion. What Open Banking data reveals Account takeovers don't always start with a bang. In many cases, they build slowly: a password phished weeks earlier, followed by low-level testing to see what goes unnoticed. By the time money is moved or a handset is upgraded, the groundwork has already been done. What's often missing in traditional controls is the ability to see this build-up. Open Banking data changes that. It offers a continuous feed of transactional and behavioural insight that helps identify when something isn't right, long before a formal red flag is raised. Key early indicators that Open Banking data can reveal: 🚩Unusual transaction patterns: e.g. out-of-character spending categories, new merchants, or transfers to unfamiliar accounts. 🚩Test transactions: small-value payments used to check account access or set up mule pathways. 🚩Sudden changes in regular income or spending flow: particularly where income disappears but spending continues at a similar rate. 🚩Withdrawals or payments from dormant or low-activity accounts: a frequent hallmark of takeover attempts. 🚩Clustering of failed transactions or reversed payments: indicative of probing activity, often missed by legacy systems. These are rarely visible through traditional credit data or one-off fraud triggers. But they stand out clearly when you're analysing how an account is being managed day to day. And for fraud teams under pressure to act earlier and with greater precision, this level of visibility is essential. The cost of inaction Account takeover fraud prevention measures need to be implemented quickly. Every missed signal adds cost. And not just financial: the operational burden of remediation, the regulatory scrutiny that comes with customer harm, and the long-term reputational damage, particularly to those vulnerable customers. What firms are facing: Escalating financial exposure as takeovers lead to unauthorised credit, cash withdrawals, or third-party losses. Increased servicing costs , with resource-heavy case reviews, complaints handling, and reimbursement processes. Compliance risk , especially when vulnerable customers are affected and Consumer Duty expectations aren't met. Erosion of trust, both from customers and partners, as fraud events become more visible and reputationally damaging. What's more, with regulatory focus on vulnerability and outcome-based compliance continuing to rise, account takeover fraud also brings a heightened risk of non-compliance with Consumer Duty, SMCR obligations, and complaint-handling requirements. Detection capabilities must now be auditable, explainable, and built for live environments. The Cifas data reinforces this. In 2024, individuals aged 61+ were among the most common victims of account takeover. The same year, the UK public lost £11.4 billion to scams, most of which were never reported. The bottom line: Preventing fraud protects customers, maintains confidence and demonstrates that risk frameworks stand up to scrutiny. Main takeaway: When fraud moves fast, your data has to move faster The sharp rise in account takeovers is unlikely to be a temporary spike. As criminals become more coordinated and tactics more advanced, the ability to detect risk in real-time becomes essential. Open Banking data is already playing a central role: giving fraud teams the visibility to see what's happening inside the account before the warning signs become losses.
Yahoo
10-07-2025
- Business
- Yahoo
Asset finance fraud plummets 80% amid sector crackdown: Cifas
Asset finance has emerged as a rare success story in the battle against identity fraud, with cases in the sector dropping by 80% in the past year, according to newly released data from fraud intelligence specialists GBG. The analysis, based on the 2025 Fraudscape report by Cifas, highlights identity fraud trends across UK industries between 2023 and 2024. While overall identity fraud rose by 4.94%, reaching 249,417 cases in 2024, asset finance bucked the trend, recording just 1,560 cases compared to 7,837 the previous year. Experts say the sharp decline suggests that targeted anti-fraud efforts in the asset finance sector have been highly effective. 'Many sectors have seen successful reductions in fraud, particularly asset finance and online retail,' said Gus Tomlinson, Managing Director at GBG. 'This suggests that targeted prevention measures can be effective when properly implemented.' While asset finance recorded the most dramatic improvement, other sectors weren't as fortunate. Plastic card fraud continues to dominate, making up nearly 38% of all identity theft cases in 2024. Meanwhile, communications fraud soared by over 72%, making it the fastest-growing identity scam by volume. This embedded content is not available in your region. While fraud targeting the asset finance sector now accounts for less than 1% of identity theft cases, experts stress that continued vigilance is essential across all industries. 'Identity fraud continues to evolve,' warned Tomlinson. 'The continued rise in overall fraud figures serves as a reminder that businesses must remain vigilant. Strong identity verification processes, regular security updates, and cross-sector intelligence sharing remain crucial tools in combating these evolving threats.' "Asset finance fraud plummets 80% amid sector crackdown: Cifas" was originally created and published by Leasing Life, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
