The shiny square EMV chips that started appearing on your credit cards over the last two years were supposed to help prevent credit card fraud. But while the chips do seem to be making a dent in some online crime, financial research firm Aité Group finds, cyber scammers seem to have shifted their efforts elsewhere.
“We are at a period where an impressive amount of data is in the hands of criminals,” said Aité research director Julie Conroy during a recent webinar on fraud prevention. The average cyber criminal isn’t about to go out and get a legitimate job, she points out — and while Aité estimates there will still be about $4.5 billion in fraudulent credit card losses this year, criminals are already shifting to different types of identity theft.
Two scams in particular are surging in frequency, Conroy says.
- One is application fraud (also known as new account fraud) — when criminals use fake or stolen documents to open an account in a victim’s name. Such frauds are set to double this year, Conroy says, with expected damage at $1.37 billion.
- The other rising problem is account takeover fraud — when thieves use personal information (like an email address) to gain access to an account, then change the password and communication settings to reroute all alerts and updates, essentially locking victims out of their own accounts. Aité says financial institutions are already telling them of a 50% year-over-year increase in account takeover frauds, with an expected total cost of $760 million in 2016.
Complicating the issue is the rising value of identity details. “Criminals are getting a lot more mileage out of compromised credentials,” Conroy says. Access to an Uber account sells for $3.78 on the black market, and a PayPal account with a guaranteed $500 balance goes for $6.43 — but a credit card number is worth a mere $0.22, according to Conroy.
What to Do
To help protect your identity, set up alerts and monitoring — either with your bank or an outside app such as IdentityForce that will let you know if any suspicious activity occurs. Also, keep a close eye on your annual credit report for any new accounts or queries you didn’t initiate.
If you know your identity has been compromised, contact your bank and other financial institutions to have them close any unauthorized accounts or any that have evidence of fraud. Then report the issue to the Federal Trade Commission and contact the three major credit bureaus in order to put a “fraud alert” on your account.
No problems yet? Don’t get complacent, Conroy says — because criminals have “extraordinary patience.” Thieves may have access to your identity long before they actually commit any fraud. In some cases, Conroy warns, students’ identities were stolen while they were in college, but the fraudulent activity occurred years later — when the victims are settled in their careers and have more assets. “We’re not up against a kid in his basement,” she says. “These are organized crime rings.”