AFP compiles the most alarming—and informative—fraud news relevant to corporates in Fraudwatch. This column is part of AFP’s Payments Fraud Resource Center and is intended to keep you aware of the latest threats to your organization.
In this edition, e-payments fraud threatens the proposed cashless economy in Nigeria, the USDA takes steps to protect against food stamp fraud, and fraudsters can now hire a criminal network to tie up phone lines so that they can rob unknowing corporate clients.
Nigeria’s Proposed Cashless Economy Hinges on Fraud Prevention
The Central Bank of Nigeria is preparing for a cashless economy, moving to an all-electronic payment system in 2012, in an effort to ensure financial inclusion of the unbanked. However, some experts theorize that the success of such a venture depends on whether security technology can stay a step ahead of fraudsters, who have capitalized heavily on electronic payments in recent years, the Nigerian newspaper The Nation reported.
Oluseyi Akindeinde, director of Information Assurance and Risk Management at Digital Encode Limited, argues that while much attention is being given to regulations, mobile payment and the deployment of more point-of-sale terminals, online fraud on e-payment platforms is the greatest threat to the Nigerian payments infrastructure.
At a recent e-payments forum, Akindeinde explained how his team tested multiple e-payments networks and found that online fraudsters are outpacing security technology. By simply manipulating some codes, the team was able to obtain airline tickets on an e-ticketing portal and purchase items online through a shopping portal, both by making no actual payment. Akindeinde stressed that “something has to be done to raise the bar of security certification and network authentication in electronic transactions because the form of security these portals have is not what they should have in this kind of payment system.”
For the CBN cashless initiative to be successful, Akindeinde believes it is critical for operators to comply with the Payment Card Industry Data Security Standard (PCI-DSS), which has raised awareness about card fraud and exposed multiple security vulnerabilities since its inception.
Mobile is also an area where Nigerians should be wary, given that approximately 80 percent of the people are unbanked and use mobile phones to handle financial transactions. Malware targeting mobile devices more than doubled between August 2009 and December 2010, according to a recent study by Kaspersky Lab. “In 2010, over 65 percent more new threats targeting mobile devices were detected than in the previous year; and over 1,000 variants from 153 different families of mobile threats were included in Kaspersky Lab’s databases by the end of 2010,” the study found.
CBN insists that it is aware of the threats. CBN Governor Mallam Sanusi Lamido Sanusi said at a payments conference that while the some factors are beyond the bank’s ability to resolve, CBN is taking measures to ensure a secure payments infrastructure. He cited a 98.5 percent in ATM fraud since the bank put an ATM Fraud Prevention Group in place. A key factor was CBN’s assertion that cards move from magnetic strip technology to EMV chip and PIN.
“We are aware that money matters are delicate, hence, we should ensure that our technologies should not just be state-of-the-art but should also provide the necessary security required for the business; that our personnel do not only possess the requisite skills but also the integrity to operate in this fast-growing industry; that we have not only processes, but ensure that requisite controls are implemented and regularly reviewed,” said Sanusi.
USDA Staves Off $800 Million in Food Stamp Fraud
The U.S. Department of Agriculture’s Supplemental Nutrition Assistance Program—formerly known as food stamps—said it prevented $800 million in improper payments.
Food stamp fraud entails selling benefits or using food stamps for something other than food. Improper or fraudulent payments only account for about 1 percent of SNAP recipients, but USDA Under Secretary Kevin Concannon told Federal News Radio that even that amount is unacceptable. The USDA is aiming to get it “as close to zero as we can possibly make it,” he said.
The USDA has begun monitoring benefit recipients more closely and is imposing penalties on those who are caught committing food stamp fraud. Last year, 931 retailers were permanently removed from the program. According to Concannon, penalties in stores totaled $5 million last year. Cracking down on fraudsters is essential to preserving the program for the 46 million people that depend on it and the taxpayers who support it, said Concannon.
The USDA is able to track fraudulent transactions by monitoring the usage of electronic benefit cards issued to SNAP participants. If a recipient’s entire monthly claim is used up in a small store, it raises a red flag and prompts the USDA to investigate. Smaller stores tend to be the most prevalent hotspots for fraud, so the USDA monitors them more closely than large supermarkets.
“We need to make sure as much as possible that we can identify stores and vendors that fraudulently participate,” Concannon said. “But we also want to make sure that consumers, who are the recipients of the benefit, when they actively become part of that that they are made accountable as well.”
Nearly 900,000 SNAP participants across the U.S. were reviewed for potential improper actions or trafficking last year.
Phone Fraudsters for Hire
Back in 2010, the FBI issued a warning about telephone denial-of-service attacks. This is a practice in which a fraudster uncovers an individual’s bank account information via malware and ties up their phone lines. The fraudster then proceeds to impersonate the victim, contact their financial institution, and authorize various transactions. Since the victim is unable to receive any calls from the FI regarding these transactions, they are completely unaware of what is happening.
Like virtually all occupations these days, this too is now being outsourced. Krebs on Security reported that at the low price of $5 an hour or $40 a day, you can now pay an elite criminal network to tie up the phone lines of companies whose banks routinely call them to verify major financial transfers. Each call appears to come from a different number, leaving the victims unable to block the influx of calls.
|