BNPL Fraud Alert as Account Takeovers Surge

Account takeover (ATO) attacks targeting the financial services sector surged 58% from April to May this year, raising fears that fraudsters are focusing more on buy now, pay later (BNPL) schemes.

BNPL has become increasingly popular as the cost-of-living crisis bites, enabling consumers to buy the products they want by splitting purchases into smaller, interest-free payments.

The global market is predicted to be worth a staggering $ 4tn by 2030with Apple recently announcing a move into the space.

However, Imperva warned that new and emerging sectors like BNPL are often favorite targets of fraudsters, as they may initially have gaps in security and regulation which can be exploited.

Both ATO and new account fraud (NAF) could impact the BNPL sector.

“[ATO] occurs when a fraudster takes over an existing BNPL account and uses it to make unauthorized purchases, ”Imperva explained in a blog post.

“This can either be done by taking over the BNPL account directly, or by taking over a user account with a business that is authorized to charge their BNPL account; like an online retailer for example. This creates an even bigger attack surface and allows fraudsters to act with more flexibility. ”

As such, consumers, merchants, BNPL providers and banks – which pay the merchant up front for BNPL purchases – are potentially exposed to this type of fraud.

In a NAF context, fraudsters use stolen and synthetic data to create new fake BNPL accounts to make purchases.

The financial services sector has traditionally been a major target for ATO, representing 35% of attacks recorded in Imperva’s Bad Bot Report 2022. It was closely followed by travel and retail (both 34%).

The report revealed ATO surging 148% year-on-year across all sectors in 2021.

“Successful ATO attacks and [NAF] harm everyone involved in the transaction. For consumers, they can end up hundreds or thousands of pounds out of pocket, and potentially find their credit scores trashed as part of the bargain. Even if the money is recovered, the psychological toll can still be profound, ”argued Imperva senior product manager, Lynn Marks.

“For businesses, they not only risk losing the entire value of the loan, but also incurring significant additional costs to support victims and investigate fraud claims, increased customer churn, and reputational damage for allowing accounts to be compromised.”

Source

Account takeover (ATO) attacks targeting the financial services sector surged 58% from April to May this year, raising fears that fraudsters are focusing more on buy now, pay later (BNPL) schemes.

BNPL has become increasingly popular as the cost-of-living crisis bites, enabling consumers to buy the products they want by splitting purchases into smaller, interest-free payments.

The global market is predicted to be worth a staggering $ 4tn by 2030with Apple recently announcing a move into the space.

However, Imperva warned that new and emerging sectors like BNPL are often favorite targets of fraudsters, as they may initially have gaps in security and regulation which can be exploited.

Both ATO and new account fraud (NAF) could impact the BNPL sector.

“[ATO] occurs when a fraudster takes over an existing BNPL account and uses it to make unauthorized purchases, ”Imperva explained in a blog post.

“This can either be done by taking over the BNPL account directly, or by taking over a user account with a business that is authorized to charge their BNPL account; like an online retailer for example. This creates an even bigger attack surface and allows fraudsters to act with more flexibility. ”

As such, consumers, merchants, BNPL providers and banks – which pay the merchant up front for BNPL purchases – are potentially exposed to this type of fraud.

In a NAF context, fraudsters use stolen and synthetic data to create new fake BNPL accounts to make purchases.

The financial services sector has traditionally been a major target for ATO, representing 35% of attacks recorded in Imperva’s Bad Bot Report 2022. It was closely followed by travel and retail (both 34%).

The report revealed ATO surging 148% year-on-year across all sectors in 2021.

“Successful ATO attacks and [NAF] harm everyone involved in the transaction. For consumers, they can end up hundreds or thousands of pounds out of pocket, and potentially find their credit scores trashed as part of the bargain. Even if the money is recovered, the psychological toll can still be profound, ”argued Imperva senior product manager, Lynn Marks.

“For businesses, they not only risk losing the entire value of the loan, but also incurring significant additional costs to support victims and investigate fraud claims, increased customer churn, and reputational damage for allowing accounts to be compromised.”

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Threat Intelligence Services Are Universally Valued by IT Staff

Almost all IT professionals believe that threat intelligence services and feeds will help their company get ready for and repulse malware attacks. Only...

Black Basta may be an all-star ransomware gang made up of former Conti and REvil members

The group has targeted 50 businesses from English speaking countries since April 2022. ...

APAC companies are failing to build successful digital models: Forrester

Approximately 61% of APAC organizations have failed to build robust and successful digital business business models, primarily due to unsound practices of enterprise architecture...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!