Merchants ID Theft Board on how to fight fraud
A diverse group of expert volunteers including executives from US financial institutions, legal firms, software suppliers and law enforcement agencies, have come together to form a group that aims to show how ID data breaches can best be stopped.
The FBI, computer products distributor Avnet and SSL certificate authority GoDaddy.com are a few of the names of interests to be represented in the Merchants ID Theft Advisory Board.
The Board was created to tackle what it refers to as the ‘epidemic of ID theft’ with as many as nine million cases registered annually and an estimated 262 million ID records reportedly stolen since 2005.
In the UK CIFAS the UK’s Fraud Prevention Service views online fraud as one of the highest priority threats during the current climate. Figures from APACS show that card not present fraud, which includes phone and mail order frauds as well as internet transactions, amounted to £328.4m in 2008, a 13% increase from 2007.
It judges that there has been an overall increase in successful identity frauds with CIFAS members, which include businesses that are spread across banking, mail order, insurance, savings and investments, telecommunications, and share dealing, recording a 5.7% increase during 2008.
ID theft gangs are seemingly often months ahead of law enforcement with new tactics. “The Board plans to try and level the playing field by getting effective prevention knowledge and methods out rapidly and frequently,” it said.
A first response will be production of a sophisticated and up-to-the-minute best practices guide in the prevention of ID theft and data breach events.
CIFAS reckons account takeover has seen the sharpest rise of all fraud types with a 207% increase recorded in 2008.
Plastic cards, bank accounts, mail order and telecoms are particularly vulnerable, as fraudsters obtain account information in many ways, with phishing being one that has largely entered the public consciousness.
Smishing, where an attack comes via SMS text message which banks and other financial services providers increasingly use to contact customers, is a new threat that is not so well-known and potentially represents a profitable line of attack for fraudsters.
Interestingly, CIFAS reports that the scarcity of credit being offered currently means that fraudsters are attempting to create creditworthy fake identities, which is further driving up the number of successful identity frauds.
The Merchants ID Theft Advisory Board believes most data breach events occur through social engineering including current and former employees and vendors who are often part of criminal networks.
The new group includes professionals from AZ Federal Credit Union, the law firms of Bryan Cave, Hudson Cook and Charles & Associates, the FBI, GoDaddy.com, Go Media, Avnet, Forensic Consulting Solutions, NXG Strategies, and Merchants Information Solutions.