How companies are fighting back against fraud

Galway Daily news Scam Alert for electricity discount claims

Ireland’s Central Statistics Office reported in 2021 that fraud was up a staggering 71% on the year before, setting a new record in the country. In quarter three alone, 4171 incidents were reported, more than double in the same period during the year before. In addition, online shopping fraud increased by some 50% during 2020 as more people started shopping online. Other kinds of crime registered a decrease, suggesting that online crime and financial crime is becoming a worrisome trend.

Best ways to fight back

There are a number of ways companies are fighting back in an effort to preserve their business and protect their customers. One way is through an IP lookup tool. This is a piece of software which allows companies to gain information from an IP address, such as where they are located, whether it is a traffic bot if there are connections between users and more. It is great to use at the onboarding stage to help ascertain how risky a transaction might be and whether the individual is someone with good intentions or not. This kind of tool is essential for business owners and will also benefit customers, but it should also be used in conjunction with other matters.

Another way is by bringing on a specialist team to solely take care of fraud prevention. The idea is they will work specifically on prevention, detection, mitigation and follow-up of suspected fraud cases. Trained up on the latest tools and risk, they should also be responsible for patching existing software and making sure there are no loopholes. While this can be expensive, it is worth it when you consider how much money fraud costs Irish businesses and consumers every year.

Increasingly, artificial intelligence is being used to not just detect fraud but to predict it before it happens. These plugins can be used to analyse the behaviour of users in real-time, picking up suspicious behaviour. They can also be used to predict if someone will act fraudulently based on previously learned behaviour and patterns.

These are just some of the common anti-fraud measures used by companies in Ireland and further afield.

The issue in Ireland

Irish law enforcement authorities, the Gardai, have issued a warning regarding a specific type of scam targeting bank account holders in the country. The scam preys on unsuspecting members of the public by calling them and convincing them they are calling from the fraud department of a big bank. The person on the end of the phone will tell the victim that there is a problem with their existing account and a new one has been opened to protect their money. They hand over a new account number to the victim, an account that is under their control. The criminal will then ask them to go to their branch and transfer all their money into the new account while telling them it has been opened on their behalf. Once the funds are transferred, the criminal makes off with the money, leaving the victim with nothing.

The Gardai warned that all money transferred into such accounts would be stolen. They have embarked on a campaign to remind the public that genuine banks would never call their customers and ask them to transfer money from one account to another. Nor would they open a new account without their permission and explicit instruction to do so before it is opened.

They added that legitimate banks would never ask for passwords, PINs, or one-time security codes sent to customers to verify logins or approve transactions.

To raise awareness, the Gardai have also highlighted some of the other common types of fraud in the country.

Payment Card Fraud

This type of fraud is where a criminal will use a stolen card or details without the authorisation of the cardholder. They are used to make purchases or cash withdrawals without the account holder’s knowledge and can cause significant financial damage to the individual. The agency recommends keeping the PIN safe and not writing it down or giving it to anyone else. Additionally, the card should be kept in a safe place at all times and must be reported immediately if lost or stolen. Lastly, when keying in the PIN at an ATM or POS, the keypad should be covered, and users should be sure no one is peeking over their shoulder.

Invoice Redirection Fraud

This is where criminals and nefarious actors will contact people via email, phone, or other means of communication to request you pay an invoice for their services. Sometimes they can pose as vendors the individual already does business with; other times, they can be vague or just take a stab in the dark. They present the unsuspecting individual with an invoice for goods or services that needs paying, including payment details. In the case of targeting businesses, they can ask that the bank account details in the company invoicing system are changed to new ones, which they, the fraudster, control. This way, funds designated for the legitimate company are passed into the hands of a fake account and stolen.

Gardai suggest training staff on such risks and always following up requests for changes to details with a phone call to a known contact. In addition, consumers should not pay invoices for products they have not ordered.

Phishing, Vishing and Smishing

Phishing is where criminals contact victims via email, often posing as a reputable company like DHL. When the individual clicks on an email or attachment, malicious software is downloaded to the PC, which can lead to sensitive data being passed to the criminal. In other cases, the email could try to convince the recipient to provide personal and banking details to them, enabling other forms of fraud. Vishing is where the victim is contacted by phone by someone pretending to be a bank, credit card company, or computer company. They will try to extract information on personal or security information that they will then use for criminal purposes. Smishing is where similar attempts are made but via SMS text message.

The authorities advise to consistently refuse to engage in communication with such individuals and not to hand over information such as name, date of birth, address, bank account numbers, PINs or passwords. In cases where they are unsure, they should always seek to verify the individual by making a call to a trusted number that you have used to contact the company before.