According to the US FTC’s 2019 report on identity theft and fraud, while there was a slight dip in previous years, rates are back on the rise. In fact, identity theft complaints rose in 2018 by 19.8 percent compared to 2017. A question many will ask: “How is identity theft increasing when we have new technologies to protect us?” Unfortunately, as advancements in identity protection capabilities such as multi-factor authentication, have been developed, they too are being used by fraudsters to accumulate more the $1.48B from unsuspecting Americans.
Let’s break down some of the common ways that fraudsters are preying on their victims:
Caller ID Spoofing (CLI spoofing): Caller ID spoofing is where fraudsters deliberately falsify the information transmitted to a phone’s caller ID display to disguise their identity, with the hopes of defrauding those who answer the call. According to a recent report , it has been estimated that now one in every four calls is spoofed or is a spam call. This issue is also on the rise with SMS spoofing (or Smishing).
Deep fake impersonation: The double edge sword of advancements in AI technology is that they can be used against us. A recent example of Deep Fake impersonation happened when a UK-based energy firm was scammed out of $243,000 when criminals targeted the company with an effective vishing (or voice phishing) campaign. Vishing is now possible simply by using AI-based software to successfully mimic another person’s voice. In this case, the criminals tricked an employee by imitating a chief executive’s voice to demand a fraudulent transfer. This incident marks the first time AI-based voice fraud has netted such a high payload.
Synthetic IDs: Synthetic IDs are being used by fraudsters to subscribe to new services without the intention to pay. These fake IDs are made by constructing a whole new persona using stolen information, such as a name, social security number and birth date. Two of these data points can be easily found within someone’s social media profile. Even with multi-factor identification, if the initial profile is spoofed using a synthetic ID, and false accounts are created to support these fake identities, these prevention methods will still fall short.
As technology gives the mobile handset an increasingly pivotal role in banking, payments, identity management and authentication, promoting trust in the communications between the handset and the network now becomes mission critical. A network breach can provide fraudsters the opportunity to eavesdrop and intercept an SMS containing an account password verification code to steal money from bank accounts, create fake IDs to set up new credit card accounts – or even worse, conduct denial of service attacks. While 3rd party verification adds a layer of protection, we need to keep in mind that most businesses are hesitant to add extra layers of complexity that prevent a seamless customer experience. For these reasons, the financial services, banking, and insurance sectors must immediately invest in multi-protocol Signaling Firewalls that monitor and control signaling streams without requiring additional ‘hoops’ for consumers to jump through.
As the leading provider of security and fraud protection solutions for the telecommunications industry, Mobileum is supporting network operators to protect their networks from today’s security threats and reduce the risks of fraud. Mobileum’s security and fraud portfolio ensures enterprise networks have complete protection from new and evolving signaling threats such as eavesdropping, SMS interception, fraud, credential theft, and data session hijacking. Mobileum’s security and risk management portfolio has been developed based on years of experience managing billions of messages and protecting network perimeters with its multi-protocol signaling firewall for 3 out of 4 of the world’s communications network operators.
If you want to know how we can help your business to be prepared for 2020 and beyond, please contact us.