Businesses’ efforts to combat fraud were not very successful in 2017 because it turns out that cybercriminals stole $16.8 billion personal data last year according to the latest researches.
A new identity study states that the number of victims increased by 8% in 2017 compared to 2016 and it reached 16.7 million people last year. This is, unfortunately, the highest number of victims since the phenomenon started to be measured about 15 years ago by the research company Javelin Strategy & Research.
Cybercriminals fraud is becoming more complex
Embedded chip cards made it possible for the fraud to shift online, so it went beyond physical stores. Fraudsters are becoming more and more adapted to the newest technologies, and they are continually improving their criminal techniques.
It seems that there’s a change in the way that fraud was committed last year because cybercriminals opened a massive number of intermediary accounts including e-commerce services on Amazon and email payments made via PayPal.
The main findings of the fraud-related research
- 35% Social Security numbers were compromised and 30% credit card numbers in breaches.
- 64% of consumers were victims of identity fraud in 2017, and this means a million more compared to 2016.
- Account takeover tripled over 2017 compared to 2016 and victims had to pay about $290 and spend around 16 hours to resolve the issues.
- Cybercriminals are using more complex methods to devise monetization schemes.
- Consumers are losing trust in institutions due to personal data breaches.
The Equifax data breach might be connected to the fraud
The same survey mentioned about says that the Equifax breach has something to do with what happened in 2017 – the fraud rose from 51% in 2016 to 69% in 2017. The Equifax breach is extremely dangerous for the victims because cybercriminals can use the stolen data to craft even more convincing campaigns for phishing. This is serious because phishing is blamed for 9 out of 10 data breaches.
Other severe examples of data breach are WannaCry contagion from May 2017 and GoldenEye/Petya a few months after that.
General Data Protection Regulation will be implemented shortly, and businesses all over the world should consider enhancing their IT security as soon as possible.