Top 10 fraud threats to watch for in 2024 & how to respond

Cybercrime is on the rise, and the methods used by criminals are changing rapidly. As these criminals adjust their tactics, it's crucial for businesses to stay current on the latest trends in fraud prevention.

From new tactics like A2P fraud to new variations on classic phone scams, these malicious activities can have serious consequences for businesses. But, while cybercriminals are using more advanced technology, the good news is that the tools for detecting and preventing fraud are also becoming more sophisticated, too.

In this piece, we’ll run down 10 fraud trends to know about in 2024, and provide some tips on how merchants can protect themselves.

‍

#1. The rise of A2P fraud.

A2P fraud, also known as “application-to-person fraud,” is a growing concern for businesses. This tactic involves the misuse of digital communication channels that companies use to reach their customers.

These channels allow businesses to send messages, notifications, and marketing materials. They’re also commonly used for two-factor authentication (2FA), where users confirm their identity through SMS. Fraudsters can employ this tactic in a few different ways:

• Artificial Inflation of Traffic (AIT): Fraudsters create fake accounts and send a large number of messages. This results in substantial costs for businesses, even if the messages never reach their intended recipients.
• Gray Route Fraud: Fraudsters divert unauthorised A2P messages through channels originally designed for person-to-person messaging. This deceptive practice lets them circumvent proper channels.
• SMS Phishing Scams: Scammers send A2P messages that appear to come from legitimate sources, but contain links or phone numbers leading to deceptive websites. These messages are designed to trick recipients into divulging sensitive information.

AIT, in particular, poses a significant threat to businesses. Over 43% of businesses reported incidents recently, and 60% indicated an increase in attacks in 2023.

#2. AI fraud.

Advanced technologies such as machine learning, generative AI, and predictive analytics are transforming the landscape of business operations. Unfortunately, fraudsters have gained access to these powerful tools and are deploying them for nefarious purposes.

For instance, ChatGPT, an AI-based tool, is now assisting scammers in crafting highly convincing phishing emails that closely resemble legitimate business communications. These emails can be used to compromise a business' email or other attacks. 

#3. Phone scams.

Phone scams have also evolved to stay current with new technologies. Fraudsters are adopting new tactics to deceive unsuspecting individuals and businesses, including:

• Use of Synthetic Identities: Scammers employ synthetic identities to deceive people into thinking that their calls originate from reputable organisations or familiar individuals. These fraudsters manipulate emotions, often creating a sense of urgency or fear to trick recipients into divulging sensitive information.
• Geographical Expansion: Phone scammers have expanded their operations globally using local-number telecom technology to spoof phone numbers from various countries. This tactic allows them to reach a broader audience while remaining challenging to trace.

#4. Account takeover fraud & synthetic identities.

Sophisticated phishing attacks and massive data breaches have facilitated more account takeover attacks than ever before.

Account takeover fraud (ATO) occurs when hackers gain unauthorised access to accounts and exploit them for financial gain. In 2022, ATO fraud accounted for more than one-third of all reported fraud.

Scammers impersonate legitimate account users by evading traditional identity verification methods. Once inside, fraudsters exploit these accounts for financial gain or malicious purposes. They may change account information to cover their tracks, making ATO fraud hard to detect and prevent.

#5. Toll fraud.

While cloud communications offer cost savings and remote work capabilities, they can also introduce vulnerabilities. Toll fraud, for instance, presents a major challenge for businesses relying on these technologies.

Toll fraud occurs when unauthorised users gain access to a business' phone system and make a high volume of calls to premium international numbers. Fraudsters reap financial rewards from the revenue generated by these calls.

Toll fraud can cause significant financial losses. However, it could become a much bigger issue, with the potential for further growth as voice-over internet protocol (VoIP) phone adoption grows.

#6. Chargeback fraud.

Chargeback fraud (sometimes referred to as “cyber shoplifting”) is still a big problem in the card-not-present retail space.

Fraudsters execute this scheme by manipulating chargebacks, a consumer protection mechanism meant to insulate cardholders against losses due to fraud. The scammer makes online purchases using stolen credit card information, then later calls the bank to dispute the charges, claiming they were fraudulent. As a result, merchants face increased chargebacks, resulting in spikes in chargeback fees, revenue losses and administrative burdens.

On a related topic, not all chargeback abuse is necessarily deliberate. Some buyers are simply unable to recognise charges that appear on their statements, and so they call the bank to demand a chargeback. Regardless of the intent, the end result is the same for the merchant.

#7. Employee insider fraud.

Employees with access to a company's financial or customer data may engage in insider fraud, as it’s sometimes known.

This scam has the potential to pose grave threats to your organisation's data, including personally identifiable information (PII), confidential data and intellectual property. Incidents of insider fraud can occur across various industries and sectors, ranging from eCommerce, finance and banking to charities, healthcare, research, and IT.

It may result in financial losses, damage to reputation and potential penalties for failing to comply with cybersecurity regulations. However, there’s also the added effect that such scams have on trust within an organisation. In the long run, this could be much more devastating than the fallout from a single fraud incident.

#8. Identity theft in financial services.

Straightforward identity theft is also still a concern within the financial services sector.

Fraudsters steal individuals' personal information and exploit it to open fraudulent accounts, apply for loans, or conduct unauthorised transactions. These actions inflict financial harm on victims and tarnish the reputation of financial institutions.

Implementing robust identity verification measures is essential to mitigating this type of fraud. That said, scammers are resourceful and creative. They’re constantly developing new approaches, meaning financial institutions are perpetually behind the eight ball when it comes to stopping identity fraud.

#9. Insurance fraud.

Insurance fraud poses challenges for both insurance providers and individuals.

This encompasses a few distinct threats. It can involve the submission of false claims, exaggerating the details in a claim, deliberately damaging possessions, committing acts of crime in order to claim against them or giving inaccurate information to get a better insurance premium.

Effective monitoring and reporting mechanisms are critical to combat insurance fraud.

#10. Online auction & marketplace fraud.

Online auction and marketplace platforms are susceptible to multiple fraud threats. Anything from counterfeit product listings to non-delivery of purchased items and fraudulent seller accounts — all are distinct possibilities.

Buyers and sellers alike can fall victim to these scams, leading to financial losses and disputes. Vigilance and due diligence are key here. This means inspecting the seller’s (or buyer’s) terms, and verifying the condition of any goods purchased. You should also research the person on the other end of the transaction, and ensure they’re not some fly-by-night scammer.

‍

How to prevent fraud in 2024. 

Each of these fraud examples presents distinct challenges for merchants. Understanding and addressing them is essential for maintaining financial security and business integrity.

So, now that we have a better understanding of the threats you face this year, let’s go over a few tips to limit your exposure to risk and prevent the revenue loss and reputational damage attached to any of the above fraud trends.

Tip 1. Stay informed. 

Staying informed means regularly reading about and understanding the latest fraud trends, tactics, and emerging threats in the digital landscape. This knowledge will help you anticipate potential risks and adapt your fraud prevention strategies accordingly.

Tip 2. Multi-factor authentication. 

Strong authentication methods like multi-factor authentication require customers to provide additional information beyond just a password to access their accounts. This added layer of security can significantly reduce the risk of unauthorised access.

Tip 3. Regularly update software.

Cybercriminals often exploit vulnerabilities in outdated software. Regularly update your operating systems, software, and applications to patch security flaws and protect your systems from potential breaches.

Tip 4. Train your team.

Educate your employees about current and developing forms of fraud, including phishing, social engineering and malware attacks. Provide them with practical training on how to recognise and respond to suspicious activities, emails or customer requests.

Tip 5. Use advanced fraud detection tools.

Advanced fraud detection tools employ machine learning and artificial intelligence to analyse vast amounts of data in real time. They can identify unusual patterns and flag potentially fraudulent transactions for further investigation.

Tip 6. Monitor transactions closely. 

Regularly monitor customer transactions, especially high-value ones or those that deviate from typical patterns. Promptly investigate any transactions that appear suspicious or out of the ordinary. Your payment provider should also be monitoring and reacting to any suspicious activity for you, using their fraud tools.

Tip 7. Verify customer identities.

Implement strong identity verification processes, especially for high-risk transactions. Methods may include document verification, biometric authentication or knowledge-based authentication to confirm that the customer is who they claim to be.

Tip 8. Secure payment processing. 

Make sure that your payment processing systems meet industry security standards, such as Payment Card Industry Data Security Standard (PCI DSS). Compliance with this ruleset helps protect sensitive payment data from theft and unauthorised access.

Tip 9. Establish a response plan. 

Develop a comprehensive incident response plan that outlines the steps to take in the event of a security breach or fraud incident. Having a clear plan can minimise damage and help you respond effectively to mitigate risks.

Tip 10. Educate your customers. 

Provide guidance and resources to educate your customers about online security best practices. Encourage them to create strong, unique passwords, be cautious of phishing attempts and report any suspicious activities promptly.

‍

By implementing these measures and continuously adapting your fraud prevention strategies to evolving threats, you can better protect your business and customer data in 2024.

‍

Guest post by Pelwasha Faquiryan, the Chief Growth Officer at Chargebacks911. 

An industry veteran with over 20 years of experience, Pel has extensive experience in helping businesses scale and take their operations to the next level, as well as forge stronger relationships between customers and partners. She has spent her career dedicated to driving a customer-centric culture, prioritising engagement, advocacy, and satisfaction.