KPMG warns of ‘technology-savvy’ wolves in sheep’s clothing, amid calls for integrated cyber security and fraud controls
According to KPMG’s latest UK Fraud Barometer, 2016 saw a rise in cyber-enabled fraud. This is an increase of 1,266% on 2015 figures. Amid growing sophistication by fraudsters, Jeremy Cowan hears a call for better education and integration of cyber security and fraud management measures.
The value of alleged fraud reaching UK Courts broke the £1 billion (€1.18 billion) barrier in 2016, due to a resurgence in “super cases”, according to new research by KPMG Forensic. This is the first time since 2011 that fraud has exceeded £1 billion.
The cases include a £113 million (€132.8 million) cyber fraud, the largest recorded in UK Courts since 2008, as professional criminals cold-called bank customers and stole their money to fund their luxury lifestyle. Sophisticated techniques meant that when victims were contacted by the gang (claiming to be members of the bank’s fraud department and persuading them to reveal security details), they saw false telephone numbers appear under the caller ID, and were unable to make or receive calls whilst their accounts were being drained.
The fraudsters made between £1 million and £2 million (€1.18 million – €2.35 million) a week at the scam’s peak and operated like a nine-to-five business using information from corrupt bank insiders.
Hitesh Patel of KPMG, commented: “Both public and private organisations openly acknowledge that cyber-attacks are one of the most prevalent and high-impact risks they face, and yet many operate on the basis ‘it won’t happen to me’. Organisations must keep abreast of the cyber threats, both physical and digital, to ensure the protection mechanisms don’t become obsolete given the pace of technology and business change. You can have a variety of IT protections in place to defend yourself, but it’s all for nothing if you are tricked into giving away the keys to the electronic vault.”
Commenting on the report to VanillaPlus, João Moita, vice president Global Sales & Delivery at WeDo Technologies says: “This week, KPMG reported that the value of fraud committed in the UK last year topped £1 billion for the first time since 2011, reflecting how fraud is becoming a lucrative and practical proposition for those with the right skills and tools. Owing to the rapid growth of technology and IoT connectivity, we are now witnessing increasingly complex threats with more and more people targeted by fraudsters that have unrestricted access to a larger pool of online victims across the globe.”
“Businesses are also facing the challenge of guarding against both existing fraud and new attempts made possible by the hyper-connectivity of an expanding array of networked devices. As a result, it is unlikely to be the tip of the iceberg and we are likely to continue to see new types of fraud emerge, as criminals will always evolve with technology.”
“Unfortunately, we are seeing the internet increasingly used by consumers tempted to obtain goods and services illegally,” says Moita. “The findings from KPMG included one such case of a 51-year-old Leicester man, who was jailed for six years for masterminding a £60 million fraud to supply free cable TV using illegal set-top boxes and promoted the business on internet forums and his own website. 2016 also saw several high-profile cyber security hacks and breaches; Tesco Bank, for example, was subject to one of the most significant cyber thefts ever to hit a UK bank. (These examples) highlight the increasing risk that businesses face from hackers and fraudsters.”
To help protect consumers, WeDo says it is clear that education about the risks of fraud must improve and businesses must focus on driving the integration of cyber security and fraud management through a unified approach, in order to successfully mitigate risk. To achieve this, businesses must help consumers spot suspicious activity and learn what they should look out for, from suspicious emails with conspicuous links and attachments through to requests for credit card information.
Moita concludes, “Businesses and fraud practitioners will also need to focus on agility to ensure they can adapt to today’s rapidly changing digital world and adopt the best fraud management tools available. They need to identify fraud before it starts and compete with the criminals that are potentially using more advanced weapons.”
Luke Taylor CCO and deputy CEO of Neural Technologies comments, “The worldwide danger with fraud and cyber crime is that a single successful fraud can impact thousands of people or businesses which means the headline loss figures can be large. Our company works with telcos all over the world and we know that fraud management is essentially an arms race between the fraudsters and the telecoms industry.
“The fraudsters are developing new scams and the telecoms community is constantly developing and deploying new solutions to stop them. The good news for the UK is that it has one of the lowest telco fraud rates worldwide because operators put a lot of time and investment into fraud and risk management,” Taylor adds.
Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus
What are the next most important steps for CSPs’ data driven transformations?
Our VanillaPlus Analytics Insight report explores how the conversation has moved on from big data to using analytics to enable effective management of virtualised and hybrid networks and better monetisation of CSPs’ network, subscriber and service data.
The Insight contains a VanillaPlus-commissioned report from analyst firm Heavy Reading and includes features and interviews to help you gain a greater understanding of how the analytics discipline is maturing to become a critical CSP enabler.