The good old days when the bad guy had to get a bit dirty to steal your personal info have come and gone.  The anonymity and convenience afforded to today’s digital crooks has prompted a paradigm shift in the way that fraudsters do business to the detriment of consumers, merchants, and the financial industry. Data breaches are a considerable driver of fraud according to Javelin’s 2013 ID Fraud Report, as nearly 1 in 4 consumers who were notified that their PII had been compromised in a breach later suffered from identity fraud.  On top of breaches is an epidemic of malware that has begun to infect mobile devices, where Zeus, Citadel, and SpyEye have mutated to become Zitmo, CitMo, and SpitMo – while not the cleverest of nomenclature adaptations, they certainly make dumpster diving and mail theft look quaint by comparison.

It’s not just the means by which PII is compromised that has gone high-tech, as a victim’s information is used to make a purchase online in 45% of all identity fraud cases in 2012 (up from 41% last year).  Fraudulent purchases at the point of sale (35%), unauthorized ATM withdrawals (6%), and phony checks (5%) are all losing steam – having to commit fraud in person has fallen out of favor. Recognizing your enemy’s capabilities is necessary for an effective defense – fraudsters have figured out how to steal voluminous amounts of PII, and either sell it or use it to commit fraud in a way that doesn’t require them to leave their couch.  Install anti-malware, actively monitor your accounts, demand strong authentication, consider identity protection services, encrypt everything – common sense is still an important tool, but if the bad guys are going to level up, then so should we.

Author

About Al Pascual

An accomplished industry analyst, market researcher, and financial industry practitioner, Al Pascual is Javelin’s Research Director and Head of Fraud & Security. As Research Director, Al leads Javelin’s Advisory Services and Custom Research businesses. He oversees growth of these businesses while ensuring that Javelin’s research content meets quality standards and provides the innovative perspectives that clients expect from the firm.

As Head of Fraud & Security, Al provides clients actionable insights on a variety of fraud and security issues, acts as a partner in developing strategies for managing risk, and identifies and raises awareness of future threats and solutions. Al researches a range of topics, including the applicability of biometrics in banking and payments, the effect of data breaches on the integrity of consumer identities, the relationship between identity fraud and loyalty, and the best methods for securing payment data and transactions.

Al has presented findings from Javelin’s rigorous, industry-leading research at conferences around the world, including BAI, CARTES, Money20/20, NACHA, and RSA. Al has provided commentary on fraud and security issues to American Banker, Bloomberg, CNNMoney, Fox Business, Reuters, The New York Times, The Wall Street Journal, The Washington Post, and Wired.

Previously Al held risk management roles at HSBC, Goldman Sachs, and FIS. He is a member of the Association of Certified Fraud Examiners, the International Association of Financial Crimes Investigators, and the Federal Reserve Secure Payments Task Force. Al also serves on the board of advisers to the Information Security Media Group. He earned a Bachelor of Arts degree in History from the University of South Florida.

Stay in Touch!