{ "version": "https://jsonfeed.org/version/1.1", "user_comment": "This feed allows you to read the posts from this site in any feed reader that supports the JSON Feed format. To add this feed to your reader, copy the following URL -- https://www.pymnts.com/category/news/security-and-risk/feed/json/ -- and add it your reader.", "next_url": "https://www.pymnts.com/category/news/security-and-risk/feed/json/?paged=2", "home_page_url": "https://www.pymnts.com/category/news/security-and-risk/", "feed_url": "https://www.pymnts.com/category/news/security-and-risk/feed/json/", "language": "en-US", "title": "Security & Fraud Archives | PYMNTS.com", "description": "What's next in payments and commerce", "icon": "https://www.pymnts.com/wp-content/uploads/2022/11/cropped-PYMNTS-Icon-512x512-1.png", "items": [ { "id": "https://www.pymnts.com/?p=2081393", "url": "https://www.pymnts.com/news/security-and-risk/2024/liability-remains-murky-despite-reduction-united-kingdom-push-payments-fraud-fine/", "title": "Liability Remains Murky Despite Reduction in UK Push Payments Fraud Fine", "content_html": "

It\u2019s said in jurisprudence that hard cases make bad law.

\n

Bad laws have the unintended consequences of hurting society, encouraging bad behavior, or both.

\n

In payments, and in the United Kingdom, the hard choices of what to do about authorized push payment (APP) fraud are translating into bad law, or at least bad regulatory policies that don\u2019t go far enough to establish liability and impose penalties accordingly.

\n

The Payment Systems Regulator (PSR) is slashing the reimbursement mandates faced by banks and payment companies as soon as next month. Under the previous proposals, these firms would have been on the hook for a maximum of 415,000 British pounds (about $545,000), but they will now have to pay a maximum of 85,000 pounds (about $112,000). Nothing is etched in stone yet, as a consultation period is in place this month.

\n

The rationale behind the new APP fraud caps was published by the regulator Wednesday (Sept. 4), and the final policy position from last year details what to expect.

\n

In terms of the impact, the PSR noted that last year \u2014 out of over 250,000 cases \u2014 there were 18 instances of people being scammed for more than 415,000 pounds and 411 instances of more than 85,000 pounds.

\n

\u201cThe analysis also highlighted that almost all high value scams are made up of multiple smaller transactions, reducing the effectiveness of transaction limits as a tool to manage exposure,\u201d the PSR said.

\n

\u201cThe proposed new cap will still see over 99% of claims (by volume) covered,\u201d it added.

\n

However, the PSR also noted: \u201cFor larger firms who have been operating under the voluntary CRM code for a number of years, the adjustment will be smaller, but some smaller firms have a much bigger adjustment to make.\u201d

\n

The read-across here is that the burden of compliance will be borne perhaps more urgently by smaller companies, with the built-in assumption that they are, in fact, to blame for the fraud.

\n

Cost and Benefit Analysis

\n

The PSR also published a cost benefit analysis that estimated that a maximum claim limit of 85,000 pounds would reduce the level of APP scam reimbursement by about eight percentage points relative to a limit of 415,000 pounds. It concluded that the lower level of reimbursement (benefit) is balanced out by the reduced cost to payment service providers (PSPs).

\n

It also noted that there would be a \u201csmall decrease\u201d in PSP incentives to prevent APP fraud, as well as a \u201csmall decrease\u201d in \u201cmoral hazard\u201d and \u201cprudential risk and reduction in competition and innovation.\u201d

\n

\u201cWe have listened to industry concerns about the prudential impact of our proposed policy,\u201d the PSR said in the analysis. \u201cWe continue to seek to understand this impact and acknowledge the uncertainty about the impact of our initial 415,000-pound limit on the solvency of firms, particularly smaller PSPs. We are therefore making a conservative assumption that a maximum claim limit of 85,000 pounds may reduce firms\u2019 liability (relative to the current 415,000-pound limit) and mitigate their prudential risk.\u201d

\n

The October deadline is rushing toward the banks and PSPs, and they will have to scramble to reconfigure their fraud-battling frameworks and their transaction analysis. That means real costs will be incurred over the span of a few weeks.

\n

But the question remains as to the moral hazard that will still exist and whether more rigor is needed to create a set of standards or frameworks for establishing liability and imposing fines accordingly. At the moment, the regulation is a blunt instrument that assumes banks and PSPs are at fault. The moral hazard is that consumers, with the knowledge in the back of their minds that the banks and payment firms will be on the hook for fraud, might send their payments without thinking as hard as they might or should about who is on the receiving end. The \u201csender beware\u201d model would suddenly become less urgent.

\n

For the scammers, the lure of the first-party fraud scheme \u2014 where they effectively pose as victims and get reimbursed \u2014 is a risk too, especially with artificial intelligence-powered fraudsters capable of tricking many people into doing things they probably shouldn\u2019t. We\u2019ve already seen evidence of slower payments in the U.K. as this regulation looms large.

\n

More careful consideration of the regulation is required \u2014 lest the unintended consequences become consequential indeed.

\n

The post Liability Remains Murky Despite Reduction in UK Push Payments Fraud Fine appeared first on PYMNTS.com.

\n", "content_text": "It\u2019s said in jurisprudence that hard cases make bad law.\nBad laws have the unintended consequences of hurting society, encouraging bad behavior, or both.\nIn payments, and in the United Kingdom, the hard choices of what to do about authorized push payment (APP) fraud are translating into bad law, or at least bad regulatory policies that don\u2019t go far enough to establish liability and impose penalties accordingly.\nThe Payment Systems Regulator (PSR) is slashing the reimbursement mandates faced by banks and payment companies as soon as next month. Under the previous proposals, these firms would have been on the hook for a maximum of 415,000 British pounds (about $545,000), but they will now have to pay a maximum of 85,000 pounds (about $112,000). Nothing is etched in stone yet, as a consultation period is in place this month.\nThe rationale behind the new APP fraud caps was published by the regulator Wednesday (Sept. 4), and the final policy position from last year details what to expect.\nIn terms of the impact, the PSR noted that last year \u2014 out of over 250,000 cases \u2014 there were 18 instances of people being scammed for more than 415,000 pounds and 411 instances of more than 85,000 pounds.\n\u201cThe analysis also highlighted that almost all high value scams are made up of multiple smaller transactions, reducing the effectiveness of transaction limits as a tool to manage exposure,\u201d the PSR said.\n\u201cThe proposed new cap will still see over 99% of claims (by volume) covered,\u201d it added.\nHowever, the PSR also noted: \u201cFor larger firms who have been operating under the voluntary CRM code for a number of years, the adjustment will be smaller, but some smaller firms have a much bigger adjustment to make.\u201d\nThe read-across here is that the burden of compliance will be borne perhaps more urgently by smaller companies, with the built-in assumption that they are, in fact, to blame for the fraud.\nCost and Benefit Analysis\nThe PSR also published a cost benefit analysis that estimated that a maximum claim limit of 85,000 pounds would reduce the level of APP scam reimbursement by about eight percentage points relative to a limit of 415,000 pounds. It concluded that the lower level of reimbursement (benefit) is balanced out by the reduced cost to payment service providers (PSPs).\nIt also noted that there would be a \u201csmall decrease\u201d in PSP incentives to prevent APP fraud, as well as a \u201csmall decrease\u201d in \u201cmoral hazard\u201d and \u201cprudential risk and reduction in competition and innovation.\u201d\n\u201cWe have listened to industry concerns about the prudential impact of our proposed policy,\u201d the PSR said in the analysis. \u201cWe continue to seek to understand this impact and acknowledge the uncertainty about the impact of our initial 415,000-pound limit on the solvency of firms, particularly smaller PSPs. We are therefore making a conservative assumption that a maximum claim limit of 85,000 pounds may reduce firms\u2019 liability (relative to the current 415,000-pound limit) and mitigate their prudential risk.\u201d\nThe October deadline is rushing toward the banks and PSPs, and they will have to scramble to reconfigure their fraud-battling frameworks and their transaction analysis. That means real costs will be incurred over the span of a few weeks.\nBut the question remains as to the moral hazard that will still exist and whether more rigor is needed to create a set of standards or frameworks for establishing liability and imposing fines accordingly. At the moment, the regulation is a blunt instrument that assumes banks and PSPs are at fault. The moral hazard is that consumers, with the knowledge in the back of their minds that the banks and payment firms will be on the hook for fraud, might send their payments without thinking as hard as they might or should about who is on the receiving end. The \u201csender beware\u201d model would suddenly become less urgent.\nFor the scammers, the lure of the first-party fraud scheme \u2014 where they effectively pose as victims and get reimbursed \u2014 is a risk too, especially with artificial intelligence-powered fraudsters capable of tricking many people into doing things they probably shouldn\u2019t. We\u2019ve already seen evidence of slower payments in the U.K. as this regulation looms large.\nMore careful consideration of the regulation is required \u2014 lest the unintended consequences become consequential indeed.\nThe post Liability Remains Murky Despite Reduction in UK Push Payments Fraud Fine appeared first on PYMNTS.com.", "date_published": "2024-09-04T17:02:24-04:00", "date_modified": "2024-09-04T17:02:24-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2022/12/PSR-Payment-Systems-Regulator-UK.jpg", "tags": [ "banking", "Banks", "fraud", "international", "legal", "News", "Payment Systems Regulator", "PSR", "PYMNTS News", "regulations", "scams", "Security", "uk", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2081147", "url": "https://www.pymnts.com/news/security-and-risk/2024/office-comptroller-currency-michael-hsu-agility-teamwork-critical-banks-confront-new-risks/", "title": "OCC\u2019s Hsu: Agility and Teamwork Critical as Banks Confront New Risks", "content_html": "

Banks are confronting new, digital risks, and guarding against them demands a more agile, teamwork-focused approach.

\n

Michael Hsu, acting Comptroller of the Currency, said in a Tuesday (Sept. 3) speech before the Joint European Banking Authority and European Central Bank International Conference that within financial services, \u201cdigitalization \u2026 has brought great benefits, but has also increased the risk surface for cyberattacks. At the same time, hackers, money launderers and fraudsters have become much more sophisticated. Controls and systems that were effective a couple of years ago may not be effective today.\u201d

\n

This week, Intellicheck CEO Bryan Lewis told PYMNTS: \u201cWe are at about four times the level of data that has been breached this year to date compared to last year. So, it is definitely a problem.\u201d

\n

The PYMNTS Intelligence report \u201cLeveraging AI and ML to Thwart Scammers\u201d found that 43% of the fraudulent transactions that financial institutions report are authorized fraud. Beyond the increased risk of cyberattacks, per Hsu, the \u201csheer breadth\u201d of various banking relationships also leads to vulnerabilities.

\n

Proliferation of Partnerships and Extended Risks

\n

\u201cParticularly challenging is the proliferation of bank partnerships and arrangements with nonbank third parties, who in turn often partner and rely on fourth parties,\u201d said Hsu, adding that \u201cthe dynamic nature of interactions between banks and nonbank financial institutions and technology firms (FinTechs), which compete, support and rely on banks to varying degrees, has led to an increasingly complex nexus between banking and commerce.\u201d

\n

Against that backdrop, Hsu pointed to the practice of bank supervision as a \u201ccraft\u201d \u2014 reliant on technology but also aided by a \u201cnimble \u2018team of teams\u2019 approach\u201d that examines liquidity, market and cyber risks across a cohort of banks.

\n

This holistic, horizontal approach has been discussed within PYMNTS\u2019 coverage.

\n

Featurespace founder Dave Excell told PYMNTS in July that banks and financial institutions can combat fraud more effectively when they share information. Multi-enterprise dialogue can catch scams that might slip through when looking at activity at a single bank.

\n

The Federal Reserve also has been developing a scam classifier model and creating frameworks for data sharing between institutions, he said.

\n

Nick Fleetwood, head of data services at Form3, told PYMNTS in January that a \u201ccollaborative network\u201d can help build and constantly refine robust information flows that help safeguard banks.

\n

\u201c[I]f you have everyone contributing to a data model, you\u2019re able to score risk in real time\u201d based on a consortium effort,\u201d he said.

\n

This holistic approach lets financial institutions determine whether to let a payment go through, or whether to raise new prompts to slow things down and make sure the account holders are genuine.

\n

Intellicheck\u2019s Lewis told PYMNTS in April that Intellicheck is actively exploring a consortium approach to fighting digital identification fraud, envisioned as an interoperable network where financial institutions can share trust and verification outcomes.

\n

The post OCC\u2019s Hsu: Agility and Teamwork Critical as Banks Confront New Risks appeared first on PYMNTS.com.

\n", "content_text": "Banks are confronting new, digital risks, and guarding against them demands a more agile, teamwork-focused approach.\nMichael Hsu, acting Comptroller of the Currency, said in a Tuesday (Sept. 3) speech before the Joint European Banking Authority and European Central Bank International Conference that within financial services, \u201cdigitalization \u2026 has brought great benefits, but has also increased the risk surface for cyberattacks. At the same time, hackers, money launderers and fraudsters have become much more sophisticated. Controls and systems that were effective a couple of years ago may not be effective today.\u201d\nThis week, Intellicheck CEO Bryan Lewis told PYMNTS: \u201cWe are at about four times the level of data that has been breached this year to date compared to last year. So, it is definitely a problem.\u201d\nThe PYMNTS Intelligence report \u201cLeveraging AI and ML to Thwart Scammers\u201d found that 43% of the fraudulent transactions that financial institutions report are authorized fraud. Beyond the increased risk of cyberattacks, per Hsu, the \u201csheer breadth\u201d of various banking relationships also leads to vulnerabilities.\nProliferation of Partnerships and Extended Risks\n\u201cParticularly challenging is the proliferation of bank partnerships and arrangements with nonbank third parties, who in turn often partner and rely on fourth parties,\u201d said Hsu, adding that \u201cthe dynamic nature of interactions between banks and nonbank financial institutions and technology firms (FinTechs), which compete, support and rely on banks to varying degrees, has led to an increasingly complex nexus between banking and commerce.\u201d\nAgainst that backdrop, Hsu pointed to the practice of bank supervision as a \u201ccraft\u201d \u2014 reliant on technology but also aided by a \u201cnimble \u2018team of teams\u2019 approach\u201d that examines liquidity, market and cyber risks across a cohort of banks.\nThis holistic, horizontal approach has been discussed within PYMNTS\u2019 coverage.\nFeaturespace founder Dave Excell told PYMNTS in July that banks and financial institutions can combat fraud more effectively when they share information. Multi-enterprise dialogue can catch scams that might slip through when looking at activity at a single bank.\nThe Federal Reserve also has been developing a scam classifier model and creating frameworks for data sharing between institutions, he said.\nNick Fleetwood, head of data services at Form3, told PYMNTS in January that a \u201ccollaborative network\u201d can help build and constantly refine robust information flows that help safeguard banks.\n\u201c[I]f you have everyone contributing to a data model, you\u2019re able to score risk in real time\u201d based on a consortium effort,\u201d he said.\nThis holistic approach lets financial institutions determine whether to let a payment go through, or whether to raise new prompts to slow things down and make sure the account holders are genuine.\nIntellicheck\u2019s Lewis told PYMNTS in April that Intellicheck is actively exploring a consortium approach to fighting digital identification fraud, envisioned as an interoperable network where financial institutions can share trust and verification outcomes.\nThe post OCC\u2019s Hsu: Agility and Teamwork Critical as Banks Confront New Risks appeared first on PYMNTS.com.", "date_published": "2024-09-04T11:41:18-04:00", "date_modified": "2024-09-04T11:41:18-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/05/bank.jpg", "tags": [ "banking", "Banks", "Bryan Lewis", "Cybersecurity", "dave excell", "Featurespace", "FinTech", "Form3", "fraud", "Hackers", "Intellicheck", "News", "nick fleetwood", "Office of the Comptroller of the Currency", "partnerships", "PYMNTS News", "scams", "Security", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2080343", "url": "https://www.pymnts.com/news/security-and-risk/2024/report-uk-regulator-makes-massive-cut-to-fraud-reimbursement-plan/", "title": "Report: UK Regulator Makes Massive Cut to Fraud Reimbursement Plan", "content_html": "

The U.K.\u2019s payment regulator is reportedly making a drastic cut to its fraud reimbursement plan.

\n

Banks and payment companies in England would have had to reimburse victims of scams up to \u00a3415,000 ($544,000), but will now have to pay a maximum of \u00a385,000 ($111,000), the Financial Times reported Wednesday (Sept. 4), citing sources familiar with the matter.\u00a0

\n

The move follows pressure from the banking/payments sector on the Payment Systems Regulator (PSR) to scale back the reimbursement plan, set to go into effect Oct. 7.\u00a0 According to the FT, a consultation on the new limit is expected to be announced as soon as Wednesday.

\n

The report also notes that the PSR says it will release findings on how much of recent payment fraud was on individual transactions of more than \u00a385,000. However, the regulator declined to say whether it would reduce the proposed threshold for mandatory reimbursement by banks from \u00a3415,000.

\n

A spokesperson for the PSR told PYMNTS the regulator would answer questions after the release of its findings Wednesday morning.

\n

The PSR had called for the reimbursement plan following a surge in authorized push payment (APP) fraud, which refers to cases when someone is duped into sending money from their bank account to a fraudster pretending to be a legitimate payee.

\n

Such fraud cost U.K. residents $433 million last year, according to a report issued by the PSR in August.\u00a0 That was a 12% drop from the prior year, although the volume of fraud cases increased by the same amount.

\n

Industry groups such as the Payments Association had been lobbying the PSR to hold off on imposing the new measure for at least a year.

\n

Riccardo Tordera-Ricchi, head of policy and government relations at the association, said in June that if the planned APP fraud reimbursement changes proceeded as planned, \u201cthe prudential risk and requirements to participate in the U.K. payments market will increase significantly.\u201d

\n

\u201cIt will also result in an increase in cost and friction of real-time payments and a decrease in investment into the U.K. FinTech market due to higher risks of failure and lower profitability,\u201d Tordera-Ricchi added.

\n

However, the PSR was committed to going forward with its plan as recently as August 21.

\n

\u201cWe have extensively consulted on these measures for over two years and continue to engage closely with the industry to ensure timely and effective implementation,\u201d Kate Fitzgerald, head of policy at PSR, told Bloomberg News at the time.

\n

Dan McLoughlin, Fraud and Security Specialist at Lynx, told PYMNTS he was disappointed by the decision.

\n

\u201cDropping the value of reimbursement so dramatically takes away a big part of banks\u2019 financial motivation to prevent fraud,” he said. “While most APP fraud cases will still be covered by the regulation, the dropping shows an unwillingness from banks to accept responsibility and make tough decisions. It takes away their drive to invest in robust fraud detection and prevention systems, which ultimately safeguard consumers.”

\n

The post Report: UK Regulator Makes Massive Cut to Fraud Reimbursement Plan appeared first on PYMNTS.com.

\n", "content_text": "The U.K.\u2019s payment regulator is reportedly making a drastic cut to its fraud reimbursement plan.\nBanks and payment companies in England would have had to reimburse victims of scams up to \u00a3415,000 ($544,000), but will now have to pay a maximum of \u00a385,000 ($111,000), the Financial Times reported Wednesday (Sept. 4), citing sources familiar with the matter.\u00a0\nThe move follows pressure from the banking/payments sector on the Payment Systems Regulator (PSR) to scale back the reimbursement plan, set to go into effect Oct. 7.\u00a0 According to the FT, a consultation on the new limit is expected to be announced as soon as Wednesday.\nThe report also notes that the PSR says it will release findings on how much of recent payment fraud was on individual transactions of more than \u00a385,000. However, the regulator declined to say whether it would reduce the proposed threshold for mandatory reimbursement by banks from \u00a3415,000.\nA spokesperson for the PSR told PYMNTS the regulator would answer questions after the release of its findings Wednesday morning.\nThe PSR had called for the reimbursement plan following a surge in authorized push payment (APP) fraud, which refers to cases when someone is duped into sending money from their bank account to a fraudster pretending to be a legitimate payee.\nSuch fraud cost U.K. residents $433 million last year, according to a report issued by the PSR in August.\u00a0 That was a 12% drop from the prior year, although the volume of fraud cases increased by the same amount.\nIndustry groups such as the Payments Association had been lobbying the PSR to hold off on imposing the new measure for at least a year.\nRiccardo Tordera-Ricchi, head of policy and government relations at the association, said in June that if the planned APP fraud reimbursement changes proceeded as planned, \u201cthe prudential risk and requirements to participate in the U.K. payments market will increase significantly.\u201d\n\u201cIt will also result in an increase in cost and friction of real-time payments and a decrease in investment into the U.K. FinTech market due to higher risks of failure and lower profitability,\u201d Tordera-Ricchi added.\nHowever, the PSR was committed to going forward with its plan as recently as August 21.\n\u201cWe have extensively consulted on these measures for over two years and continue to engage closely with the industry to ensure timely and effective implementation,\u201d Kate Fitzgerald, head of policy at PSR, told Bloomberg News at the time.\nDan McLoughlin, Fraud and Security Specialist at Lynx, told PYMNTS he was disappointed by the decision.\n\u201cDropping the value of reimbursement so dramatically takes away a big part of banks\u2019 financial motivation to prevent fraud,” he said. “While most APP fraud cases will still be covered by the regulation, the dropping shows an unwillingness from banks to accept responsibility and make tough decisions. It takes away their drive to invest in robust fraud detection and prevention systems, which ultimately safeguard consumers.”\nThe post Report: UK Regulator Makes Massive Cut to Fraud Reimbursement Plan appeared first on PYMNTS.com.", "date_published": "2024-09-04T06:47:17-04:00", "date_modified": "2024-09-04T07:25:28-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2022/12/PSR-Payment-Systems-Regulator-UK.jpg", "tags": [ "APP Fraud", "authorized push payments fraud", "EMEA", "fraud", "Fraud Prevention", "fraud reimbursement", "News", "Payment Systems Regulator", "PSR", "PYMNTS News", "regulation", "uk", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2080138", "url": "https://www.pymnts.com/news/security-and-risk/2024/ftc-reports-tenfold-increase-in-scams-involving-bitcoin-atms/", "title": "FTC Reports Tenfold Increase in Scams Involving Bitcoin ATMs", "content_html": "

As bitcoin ATMs have been installed in more locations, they have become a \u201cpayment portal for scammers,\u201d the Federal Trade Commission (FTC) said in a Tuesday (Sept. 3)\u00a0data spotlight.

\n

The amount of money consumers lost to scams\u00a0involving bitcoin ATM\u00a0machines increased tenfold between 2020 and 2023, rising from $12 million to $114 million, according to the article.

\n

The total for 2024 is on pace to top that of 2023, as the FTC\u2019s data shows that this year\u2019s reported bitcoin ATM fraud losses through June amounted to $66 million.

\n

The FTC added that this amount probably reflects\u00a0only a fraction of the total losses, because most frauds are not reported.

\n

Scammers are increasingly using bitcoin ATMs as part of their government impersonation, business impersonation and tech support scams, the FTC said in a Tuesday\u00a0press release.

\n

\u201cThe lies told by scammers vary, but they all create some urgent justification for consumers to take cash out of their bank accounts and put it into a bitcoin ATM,\u201d the FTC said in the release. \u201cAs soon as consumers scan a QR code provided by scammers at the machine, their cash is deposited straight into the scammer\u2019s crypto account.\u201d

\n

Among this year\u2019s bitcoin ATM fraud losses, people over the age of 60 were more than three times as likely as younger adults to report losing money to these scams, according to the release.

\n

Across all ages, the median loss reported in the first half of 2024 was $10,000, per the release.

\n

Consumers can avoid these scams by never clicking on links or responding directly to unexpected calls, messages or computer pop-ups; talking with someone they trust before doing anything else after seeing these communications; never withdrawing cash in response to unexpected calls or messages; and ignoring anyone who says they must use a bitcoin ATM, buy gift cards or move money to protect their money or solve a problem, the release said.

\n

Crypto has become a top payment method for many types of scams, the FTC said in the data spotlight, adding: \u201cWidespread access to [bitcoin ATMs (BTMs)] has helped make this possible.\u201d

\n

The FTC said in May that it has been flooded by reports of\u00a0impersonation scams in which consumers are taken in by scammers purporting to represent some of today\u2019s leading companies.

\n

The post FTC Reports Tenfold Increase in Scams Involving Bitcoin ATMs appeared first on PYMNTS.com.

\n", "content_text": "As bitcoin ATMs have been installed in more locations, they have become a \u201cpayment portal for scammers,\u201d the Federal Trade Commission (FTC) said in a Tuesday (Sept. 3)\u00a0data spotlight.\nThe amount of money consumers lost to scams\u00a0involving bitcoin ATM\u00a0machines increased tenfold between 2020 and 2023, rising from $12 million to $114 million, according to the article.\nThe total for 2024 is on pace to top that of 2023, as the FTC\u2019s data shows that this year\u2019s reported bitcoin ATM fraud losses through June amounted to $66 million.\nThe FTC added that this amount probably reflects\u00a0only a fraction of the total losses, because most frauds are not reported.\nScammers are increasingly using bitcoin ATMs as part of their government impersonation, business impersonation and tech support scams, the FTC said in a Tuesday\u00a0press release.\n\u201cThe lies told by scammers vary, but they all create some urgent justification for consumers to take cash out of their bank accounts and put it into a bitcoin ATM,\u201d the FTC said in the release. \u201cAs soon as consumers scan a QR code provided by scammers at the machine, their cash is deposited straight into the scammer\u2019s crypto account.\u201d\nAmong this year\u2019s bitcoin ATM fraud losses, people over the age of 60 were more than three times as likely as younger adults to report losing money to these scams, according to the release.\nAcross all ages, the median loss reported in the first half of 2024 was $10,000, per the release.\nConsumers can avoid these scams by never clicking on links or responding directly to unexpected calls, messages or computer pop-ups; talking with someone they trust before doing anything else after seeing these communications; never withdrawing cash in response to unexpected calls or messages; and ignoring anyone who says they must use a bitcoin ATM, buy gift cards or move money to protect their money or solve a problem, the release said.\nCrypto has become a top payment method for many types of scams, the FTC said in the data spotlight, adding: \u201cWidespread access to [bitcoin ATMs (BTMs)] has helped make this possible.\u201d\nThe FTC said in May that it has been flooded by reports of\u00a0impersonation scams in which consumers are taken in by scammers purporting to represent some of today\u2019s leading companies.\nThe post FTC Reports Tenfold Increase in Scams Involving Bitcoin ATMs appeared first on PYMNTS.com.", "date_published": "2024-09-03T14:28:07-04:00", "date_modified": "2024-09-03T14:28:07-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/Bitcoin-ATM.jpg", "tags": [ "ATMs", "Bitcoin", "Bitcoin ATMs", "crypto", "Crypto Wallets", "Cryptocurrency", "Federal Trade Commission", "fraud", "FTC", "News", "PYMNTS News", "scams", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2078427", "url": "https://www.pymnts.com/news/security-and-risk/2024/intellicheck-ceo-warns-every-data-breach-is-a-step-closer-to-someone-else-stealing-your-life/", "title": "Intellicheck CEO Warns: Every Data Breach Is a Step Closer to Someone Else Stealing Your Life", "content_html": "

In the wrong hands, digital footprints can turn into a blueprint for fraud.

\n

Particularly as identity theft proliferates and becomes more sophisticated, data breaches are increasingly turning personal and business information into a goldmine for cybercriminals looking for their next payday.

\n

\u201cWe are at about four times the level of data that has been breached this year to date compared to last year,\u201d Intellicheck CEO Bryan Lewis told PYMNTS CEO Karen Webster. \u201cSo, it is definitely a problem.\u201d

\n

Every data breach is a step closer to someone else living your life. As cybercriminals ramp up their own attacks and tactics, technology must evolve to stay ahead of new attack vectors and fraud techniques, something typically easier said than done. Data breaches are not just becoming more frequent; they are also compromising vast amounts of sensitive information, including personal identification details that can easily be exploited for identity theft.

\n

\u201cIf you go to these sites where you can now go steal somebody\u2019s identity, you can plug in everything right down to a driver\u2019s license number,\u201d explained Lewis, stressing that identity theft is no longer just a concern for financial institutions; it has permeated all aspects of daily life.

\n

A particularly concerning case is the National Public Data breach, where 2.9 billion records were compromised. The breach is especially worrying because the organization specializes in background checks, meaning the stolen data includes not just Social Security numbers, but also employment histories, addresses, alias names and other personal details that can be used to create a complete and convincing identity profile, Lewis said.

\n

The implications of such breaches are far-reaching, in large part because the sheer volume of new data being added to criminal repositories on the dark web only serves to lower the cost of purchasing stolen identities, making identity theft more accessible to criminals.

\n

Read also: Intellicheck CEO: Fraudsters Using AT&T\u2019s Call Log Breach to Build Consumer Profiles

\n

The Rising Threat of Perfectly Fabricated Identities

\n

One of the most frightening aspects of modern identity theft is the potential for criminals to create government-issued identities using stolen data. With the right combination of information, a criminal could theoretically pass the typical screening processes and obtain a legitimate ID.

\n

While it may still be challenging to pull off such a feat, Lewis explained that the ease with which criminals can now access detailed personal information makes it increasingly possible.

\n

He underscored that the traditional methods of verifying identity, such as knowledge-based authentication and physical checks using black lights, are becoming less effective in the face of these sophisticated threats. Knowledge-based questions, once seen as a robust security measure, are now vulnerable due to the proliferation of personal data. With criminals having access to detailed information about a person\u2019s life, including previous addresses and even dorm room numbers, it has become easier for them to answer these questions correctly and bypass security measures.

\n

\u201cThe stuff that used to be hard to know is now becoming prolific, and everybody has it and knows it,\u201d Lewis said. \u201cMy particular bank, they still rely on a black light to check if the ID is real or not. Which, maybe it makes me think I should change my bank because that just does not work.\u201d

\n

In response to the growing threat of identity theft, businesses and financial institutions must adopt more proactive measures to protect their customers\u2019 identities.

\n

The consequences of identity theft can be particularly severe in high-stakes transactions, and for businesses operating in such environments, it is essential to invest in advanced identity verification technologies and ensure their processes are robust enough to detect even the most sophisticated attempts at fraud. Consumers, too, must be vigilant in protecting their identities, choosing to do business with companies that prioritize security and take the necessary precautions to safeguard their personal information.

\n

Lewis emphasized the importance of moving beyond outdated methods and instead focusing on verifying the authenticity of government-issued IDs. This involves not just checking the physical plastic, but also examining the data encoded in the barcodes on IDs, which is much harder to fake.

\n

See also: The $400 Million Problem: Intellicheck CEO Details the Cost of Fake IDs

\n

The Evolving Landscape of Identity Theft: Emerging Solutions

\n

One promising approach to the evolving threat of identity theft is the development of identity scores, similar to credit scores, which would provide a measure of how trustworthy a person\u2019s identity is based on various inputs.

\n

Lewis noted that this could include data from government-issued IDs, behavioral patterns and other relevant information. By creating a comprehensive profile of an individual\u2019s identity, businesses can better assess the risk of fraud and take appropriate action to protect themselves and their customers.

\n

As the battle against identity theft intensifies, technology will play a role in helping businesses stay ahead of criminals. Machine learning and artificial intelligence are already being used to enhance the accuracy of identity verification processes, ensuring that even the most convincing fake IDs can be detected.

\n

Lewis explained that the digital signatures and subdirectories within the barcodes of IDs are not publicly available, making them difficult for fraudsters to crack. This is where businesses must focus their efforts, he stressed, by ensuring that they are thoroughly checking the authenticity of IDs before relying on them for important transactions.

\n

Additionally, the adoption of mobile driver\u2019s licenses and other forms of digital identification is gaining traction to secure personal identities further. Although the rollout is still in its early stages, these technologies represent a promising future where identity verification is more secure and less susceptible to fraud.

\n

\u201cBuilding up a fake me is very easy to do, but working with other parties to say, \u2018Here is what we trust,\u2019 and putting the puzzle together will enable all of us to trust more,\u201d Lewis said. \u201cThat, I think, is what will happen in the future.\u201d

\n

The post Intellicheck CEO Warns: Every Data Breach Is a Step Closer to Someone Else Stealing Your Life appeared first on PYMNTS.com.

\n", "content_text": "In the wrong hands, digital footprints can turn into a blueprint for fraud.\nParticularly as identity theft proliferates and becomes more sophisticated, data breaches are increasingly turning personal and business information into a goldmine for cybercriminals looking for their next payday.\n\u201cWe are at about four times the level of data that has been breached this year to date compared to last year,\u201d Intellicheck CEO Bryan Lewis told PYMNTS CEO Karen Webster. \u201cSo, it is definitely a problem.\u201d\nEvery data breach is a step closer to someone else living your life. As cybercriminals ramp up their own attacks and tactics, technology must evolve to stay ahead of new attack vectors and fraud techniques, something typically easier said than done. Data breaches are not just becoming more frequent; they are also compromising vast amounts of sensitive information, including personal identification details that can easily be exploited for identity theft.\n\u201cIf you go to these sites where you can now go steal somebody\u2019s identity, you can plug in everything right down to a driver\u2019s license number,\u201d explained Lewis, stressing that identity theft is no longer just a concern for financial institutions; it has permeated all aspects of daily life.\nA particularly concerning case is the National Public Data breach, where 2.9 billion records were compromised. The breach is especially worrying because the organization specializes in background checks, meaning the stolen data includes not just Social Security numbers, but also employment histories, addresses, alias names and other personal details that can be used to create a complete and convincing identity profile, Lewis said.\nThe implications of such breaches are far-reaching, in large part because the sheer volume of new data being added to criminal repositories on the dark web only serves to lower the cost of purchasing stolen identities, making identity theft more accessible to criminals.\nRead also: Intellicheck CEO: Fraudsters Using AT&T\u2019s Call Log Breach to Build Consumer Profiles\nThe Rising Threat of Perfectly Fabricated Identities\nOne of the most frightening aspects of modern identity theft is the potential for criminals to create government-issued identities using stolen data. With the right combination of information, a criminal could theoretically pass the typical screening processes and obtain a legitimate ID.\nWhile it may still be challenging to pull off such a feat, Lewis explained that the ease with which criminals can now access detailed personal information makes it increasingly possible.\nHe underscored that the traditional methods of verifying identity, such as knowledge-based authentication and physical checks using black lights, are becoming less effective in the face of these sophisticated threats. Knowledge-based questions, once seen as a robust security measure, are now vulnerable due to the proliferation of personal data. With criminals having access to detailed information about a person\u2019s life, including previous addresses and even dorm room numbers, it has become easier for them to answer these questions correctly and bypass security measures.\n\u201cThe stuff that used to be hard to know is now becoming prolific, and everybody has it and knows it,\u201d Lewis said. \u201cMy particular bank, they still rely on a black light to check if the ID is real or not. Which, maybe it makes me think I should change my bank because that just does not work.\u201d\nIn response to the growing threat of identity theft, businesses and financial institutions must adopt more proactive measures to protect their customers\u2019 identities.\nThe consequences of identity theft can be particularly severe in high-stakes transactions, and for businesses operating in such environments, it is essential to invest in advanced identity verification technologies and ensure their processes are robust enough to detect even the most sophisticated attempts at fraud. Consumers, too, must be vigilant in protecting their identities, choosing to do business with companies that prioritize security and take the necessary precautions to safeguard their personal information.\nLewis emphasized the importance of moving beyond outdated methods and instead focusing on verifying the authenticity of government-issued IDs. This involves not just checking the physical plastic, but also examining the data encoded in the barcodes on IDs, which is much harder to fake.\nSee also: The $400 Million Problem: Intellicheck CEO Details the Cost of Fake IDs\nThe Evolving Landscape of Identity Theft: Emerging Solutions\nOne promising approach to the evolving threat of identity theft is the development of identity scores, similar to credit scores, which would provide a measure of how trustworthy a person\u2019s identity is based on various inputs.\nLewis noted that this could include data from government-issued IDs, behavioral patterns and other relevant information. By creating a comprehensive profile of an individual\u2019s identity, businesses can better assess the risk of fraud and take appropriate action to protect themselves and their customers.\nAs the battle against identity theft intensifies, technology will play a role in helping businesses stay ahead of criminals. Machine learning and artificial intelligence are already being used to enhance the accuracy of identity verification processes, ensuring that even the most convincing fake IDs can be detected.\nLewis explained that the digital signatures and subdirectories within the barcodes of IDs are not publicly available, making them difficult for fraudsters to crack. This is where businesses must focus their efforts, he stressed, by ensuring that they are thoroughly checking the authenticity of IDs before relying on them for important transactions.\nAdditionally, the adoption of mobile driver\u2019s licenses and other forms of digital identification is gaining traction to secure personal identities further. Although the rollout is still in its early stages, these technologies represent a promising future where identity verification is more secure and less susceptible to fraud.\n\u201cBuilding up a fake me is very easy to do, but working with other parties to say, \u2018Here is what we trust,\u2019 and putting the puzzle together will enable all of us to trust more,\u201d Lewis said. \u201cThat, I think, is what will happen in the future.\u201d\nThe post Intellicheck CEO Warns: Every Data Breach Is a Step Closer to Someone Else Stealing Your Life appeared first on PYMNTS.com.", "date_published": "2024-09-03T04:02:27-04:00", "date_modified": "2024-09-04T11:22:08-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/Intellicheck-identity-verification.jpg", "tags": [ "authentication", "Bryan Lewis", "Cybersecurity", "Data Breaches", "digital identity", "Featured News", "fraud", "Fraud Prevention", "identity verification", "Intellicheck", "News", "PYMNTS News", "pymnts tv", "Security", "Technology", "video", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2078213", "url": "https://www.pymnts.com/news/security-and-risk/2024/singapore-considers-bill-allowing-police-stop-transfers-scammers/", "title": "Singapore Considers Bill Allowing Police to Stop Transfers to Scammers", "content_html": "

Singapore is considering a bill that would allow police to order banks to temporarily prevent people from sending money to scammers.

\n

The country\u2019s Ministry of Home Affairs (MHA) is seeking public comment on the proposed Protection from Scams Bill after seeing that some victims of scams voluntarily transfer money even after being warned by police, banks or family that they were being scammed, the MHA said in a Friday (Aug. 30) press release.

\n

This commonly happens in cases of internet love scams and impersonation scams, according to the release.

\n

\u201cIn the first half of 2024, 86% of reported scams were the result of self-effected transfers,\u201d MHA said in the release. \u201cThe scammers did not gain direct control of the victims\u2019 accounts, but manipulated them into transferring their monies to the scammers.\u201d

\n

While Singapore\u2019s banks offer tools customers can use to protect themselves from scams \u2014 such as a \u201cKill-Switch\u201d that lets customers freeze their bank accounts if they suspect they\u2019ve been compromised and a \u201cMoney Lock\u201d that allows them to set aside money that cannot be transferred by online means \u2014 police have no power to stop people from voluntarily sending money to scammers, the release said.

\n

The Protection from Scams Bill would allow police to issue restriction orders (ROs) only in cases of scams conducted via calls, text messages or online communications; would cover money transfers and all credit facilities; and would allow ROs to be issued for 28 days at a time, per the release.

\n

\u201cROs will only be issued if the police have reason to believe that the individual is being targeted by a scammer and may make transfers to the scammer within the foreseeable future, and after other options to convince the victim have been exhausted and have failed,\u201d the MHA said in the release.

\n

It was reported in 2020 that cyber thieves posing as Singapore government agencies and universities stole $749,000 worth of goods after tricking companies into delivering them. The victims of these purchase order scams received emails from senders identifying themselves as a procurement officer, agreed to send the items, and then received no payments.

\n

In the United States, the Federal Trade Commission (FTC) said in May that it has been flooded with reports of impersonation scams in which consumers were taken in by scammers purporting to represent some of today\u2019s leading companies. The scammers prompted consumers to share their credit card information to renew nonexistent service plans, resolve fake security breaches or deliver nonexistent sweepstakes winnings.

\n

Online romance scams or confidence scams are also common. In these schemes, perpetrators create fake identities, gain the victim\u2019s affection and trust, and then drain their bank accounts by requesting money.

\n

The post Singapore Considers Bill Allowing Police to Stop Transfers to Scammers appeared first on PYMNTS.com.

\n", "content_text": "Singapore is considering a bill that would allow police to order banks to temporarily prevent people from sending money to scammers.\nThe country\u2019s Ministry of Home Affairs (MHA) is seeking public comment on the proposed Protection from Scams Bill after seeing that some victims of scams voluntarily transfer money even after being warned by police, banks or family that they were being scammed, the MHA said in a Friday (Aug. 30) press release.\nThis commonly happens in cases of internet love scams and impersonation scams, according to the release.\n\u201cIn the first half of 2024, 86% of reported scams were the result of self-effected transfers,\u201d MHA said in the release. \u201cThe scammers did not gain direct control of the victims\u2019 accounts, but manipulated them into transferring their monies to the scammers.\u201d\nWhile Singapore\u2019s banks offer tools customers can use to protect themselves from scams \u2014 such as a \u201cKill-Switch\u201d that lets customers freeze their bank accounts if they suspect they\u2019ve been compromised and a \u201cMoney Lock\u201d that allows them to set aside money that cannot be transferred by online means \u2014 police have no power to stop people from voluntarily sending money to scammers, the release said.\nThe Protection from Scams Bill would allow police to issue restriction orders (ROs) only in cases of scams conducted via calls, text messages or online communications; would cover money transfers and all credit facilities; and would allow ROs to be issued for 28 days at a time, per the release.\n\u201cROs will only be issued if the police have reason to believe that the individual is being targeted by a scammer and may make transfers to the scammer within the foreseeable future, and after other options to convince the victim have been exhausted and have failed,\u201d the MHA said in the release.\nIt was reported in 2020 that cyber thieves posing as Singapore government agencies and universities stole $749,000 worth of goods after tricking companies into delivering them. The victims of these purchase order scams received emails from senders identifying themselves as a procurement officer, agreed to send the items, and then received no payments.\nIn the United States, the Federal Trade Commission (FTC) said in May that it has been flooded with reports of impersonation scams in which consumers were taken in by scammers purporting to represent some of today\u2019s leading companies. The scammers prompted consumers to share their credit card information to renew nonexistent service plans, resolve fake security breaches or deliver nonexistent sweepstakes winnings.\nOnline romance scams or confidence scams are also common. In these schemes, perpetrators create fake identities, gain the victim\u2019s affection and trust, and then drain their bank accounts by requesting money.\nThe post Singapore Considers Bill Allowing Police to Stop Transfers to Scammers appeared first on PYMNTS.com.", "date_published": "2024-08-30T10:13:47-04:00", "date_modified": "2024-08-30T10:13:47-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/Singapore.jpg", "tags": [ "Banks", "fraud", "international", "Legislation", "News", "PYMNTS News", "scams", "Security", "Singapore", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2064998", "url": "https://www.pymnts.com/news/security-and-risk/2024/lumen-chinese-hacking-group-breached-4-united-states-companies/", "title": "Lumen: Chinese Hacking Group Breached 4 US Companies", "content_html": "

Hackers tied to China breached four U.S. companies, according to cybersecurity researchers.

\n

Lumen\u2019s Black Lotus Labs said in a Tuesday (Aug. 27) blog post that the group Volt Typhoon found a server vulnerability at the startup Versa Networks that allowed it to hack the four companies. It also hacked a company in India, Bloomberg reported Tuesday.

\n

\u201cGiven the severity of the vulnerability, the sophistication of the threat actors, the critical role of Versa Director servers in the network, and the potential consequences of a successful compromise, Black Lotus Labs considers this exploitation campaign to be highly significant,\u201d the blog post said.

\n

Lumen shared its findings with Versa in late June, Bloomberg reported. Versa said it issued an emergency patch for the bug at the end of June but only began flagging the issue widely to clients in July after one of them notified Versa of a breach.

\n

Versa said the customer failed to follow the proper guidelines on how to protect its systems through measures like firewall rules, according to the report.

\n

Earlier this year, FBI Director Christopher Wray warned that the Chinese government\u2019s attempts to virtually attack American infrastructure had reached new levels. He mentioned Volt Typhoon by name. The group last year was revealed to be dormant inside U.S. critical infrastructure, with malware that needed to be triggered to disrupt that infrastructure.

\n

\u201cIt\u2019s the tip of the iceberg,\u201d Wray said at the time. \u201c\u2026It\u2019s one of many such efforts by the Chinese.\u201d

\n

In other cybersecurity news, there was a \u201cpossible cyberattack\u201d last week at the Port of Seattle, which operates the Seattle-Tacoma International Airport.

\n

The incident came weeks after the July Microsoft outage that sidelined critical systems around the world, although that disruption came as a result of a software glitch by CrowdStrike, not the actions of cybercriminals.

\n

\u201cStill, both incidents serve as an uncomfortable illustration of just how brittle the connected economy\u2019s core internet structure can be, particularly when faced with stressors,\u201d PYMNTS wrote Monday (Aug. 26). \u201cBut as the world goes increasingly digital, the risk of online systems being targeted by cybercriminals who want to disrupt operations, steal data or ransom sensitive information is only growing.\u201d

\n

The post Lumen: Chinese Hacking Group Breached 4 US Companies appeared first on PYMNTS.com.

\n", "content_text": "Hackers tied to China breached four U.S. companies, according to cybersecurity researchers.\nLumen\u2019s Black Lotus Labs said in a Tuesday (Aug. 27) blog post that the group Volt Typhoon found a server vulnerability at the startup Versa Networks that allowed it to hack the four companies. It also hacked a company in India, Bloomberg reported Tuesday.\n\u201cGiven the severity of the vulnerability, the sophistication of the threat actors, the critical role of Versa Director servers in the network, and the potential consequences of a successful compromise, Black Lotus Labs considers this exploitation campaign to be highly significant,\u201d the blog post said.\nLumen shared its findings with Versa in late June, Bloomberg reported. Versa said it issued an emergency patch for the bug at the end of June but only began flagging the issue widely to clients in July after one of them notified Versa of a breach.\nVersa said the customer failed to follow the proper guidelines on how to protect its systems through measures like firewall rules, according to the report.\nEarlier this year, FBI Director Christopher Wray warned that the Chinese government\u2019s attempts to virtually attack American infrastructure had reached new levels. He mentioned Volt Typhoon by name. The group last year was revealed to be dormant inside U.S. critical infrastructure, with malware that needed to be triggered to disrupt that infrastructure.\n\u201cIt\u2019s the tip of the iceberg,\u201d Wray said at the time. \u201c\u2026It\u2019s one of many such efforts by the Chinese.\u201d\nIn other cybersecurity news, there was a \u201cpossible cyberattack\u201d last week at the Port of Seattle, which operates the Seattle-Tacoma International Airport.\nThe incident came weeks after the July Microsoft outage that sidelined critical systems around the world, although that disruption came as a result of a software glitch by CrowdStrike, not the actions of cybercriminals.\n\u201cStill, both incidents serve as an uncomfortable illustration of just how brittle the connected economy\u2019s core internet structure can be, particularly when faced with stressors,\u201d PYMNTS wrote Monday (Aug. 26). \u201cBut as the world goes increasingly digital, the risk of online systems being targeted by cybercriminals who want to disrupt operations, steal data or ransom sensitive information is only growing.\u201d\nThe post Lumen: Chinese Hacking Group Breached 4 US Companies appeared first on PYMNTS.com.", "date_published": "2024-08-27T15:41:58-04:00", "date_modified": "2024-08-27T15:41:58-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/cybersecurity-hackers-data-breach.jpg", "tags": [ "china", "Cybersecurity", "Data Breaches", "fraud", "Hackers", "international", "Lumen", "News", "PYMNTS News", "scams", "Security", "Versa Networks", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2063768", "url": "https://www.pymnts.com/news/security-and-risk/2024/nigeria-targets-online-extortion-scams-following-meta-crackdown/", "title": "Nigeria Targets Online Scams Following Meta Crackdown", "content_html": "

Nigeria is reportedly eager to combat online extortion scams following a crackdown by Meta.

\n

The country\u2019s Economic and Financial Crimes Commission is willing to work with global law enforcement to stop suspects based in Nigeria, a spokesperson for the watchdog\u00a0said, per a Financial Times report published Monday (Aug. 26).

\n

\u201cThere\u2019s no safe haven for anyone committing such crimes in Nigeria as far as the EFCC is concerned,\u201d said commission spokesperson Dele Oyewale, according to the report.

\n

His comments came after Meta pulled more than 63,000 fake accounts from Instagram, including what it called a \u201ccoordinated network\u201d of 2,500 accounts tied to 20 users, for their role in \u201csextortion\u201d scams, the report said.

\n

In these scams, fraudsters pose as young women and typically target younger men and boys, soliciting sexually explicit images from them and then extorting money from their victims by threatening to make the images public. In the worst cases, victims have died by suicide, the report said.

\n

\u201cFinancial sextortion is a rising and very serious threat targeting our minors nationwide,\u201d Cheyvoryea Gibson, special agent in charge of the FBI in Michigan, where one of the most extreme sextortion cases happened, said in a statement in April, per the report.

\n

The increase in this kind of criminal activity is happening amid a larger uptick in online fraud and scam cases.

\n

Speaking earlier this month with PYMNTS, Featurespace Chief Operating Officer Tim Vanderham noted that \u201cwhen you think about the billions and billions of dollars that come from scams globally,\u201d the money made from ill-gotten gains dwarfs the revenues of some of the largest businesses around the world.

\n

The interview came against the backdrop of a report by The Wall Street Journal on the rise of \u201cscam dens,\u201d which operate essentially as business centers with sophisticated setups, complete with separate departments for training fraudsters, \u201conboarding\u201d unwitting victims and KPIs used to determine whether certain scams are working.

\n

\u201cAlong the way, fraudsters are proving adept at using artificial intelligence to develop relationships and trust on the part of their victims, preying on human emotions and making off with individuals\u2019 life savings and retirement holdings, draining their bank accounts with brazen speed, notably through authorized push payments,\u201d PYMNTS wrote.

\n

The post Nigeria Targets Online Scams Following Meta Crackdown appeared first on PYMNTS.com.

\n", "content_text": "Nigeria is reportedly eager to combat online extortion scams following a crackdown by Meta.\nThe country\u2019s Economic and Financial Crimes Commission is willing to work with global law enforcement to stop suspects based in Nigeria, a spokesperson for the watchdog\u00a0said, per a Financial Times report published Monday (Aug. 26).\n\u201cThere\u2019s no safe haven for anyone committing such crimes in Nigeria as far as the EFCC is concerned,\u201d said commission spokesperson Dele Oyewale, according to the report.\nHis comments came after Meta pulled more than 63,000 fake accounts from Instagram, including what it called a \u201ccoordinated network\u201d of 2,500 accounts tied to 20 users, for their role in \u201csextortion\u201d scams, the report said.\nIn these scams, fraudsters pose as young women and typically target younger men and boys, soliciting sexually explicit images from them and then extorting money from their victims by threatening to make the images public. In the worst cases, victims have died by suicide, the report said.\n\u201cFinancial sextortion is a rising and very serious threat targeting our minors nationwide,\u201d Cheyvoryea Gibson, special agent in charge of the FBI in Michigan, where one of the most extreme sextortion cases happened, said in a statement in April, per the report.\nThe increase in this kind of criminal activity is happening amid a larger uptick in online fraud and scam cases.\nSpeaking earlier this month with PYMNTS, Featurespace Chief Operating Officer Tim Vanderham noted that \u201cwhen you think about the billions and billions of dollars that come from scams globally,\u201d the money made from ill-gotten gains dwarfs the revenues of some of the largest businesses around the world.\nThe interview came against the backdrop of a report by The Wall Street Journal on the rise of \u201cscam dens,\u201d which operate essentially as business centers with sophisticated setups, complete with separate departments for training fraudsters, \u201conboarding\u201d unwitting victims and KPIs used to determine whether certain scams are working.\n\u201cAlong the way, fraudsters are proving adept at using artificial intelligence to develop relationships and trust on the part of their victims, preying on human emotions and making off with individuals\u2019 life savings and retirement holdings, draining their bank accounts with brazen speed, notably through authorized push payments,\u201d PYMNTS wrote.\nThe post Nigeria Targets Online Scams Following Meta Crackdown appeared first on PYMNTS.com.", "date_published": "2024-08-26T09:30:20-04:00", "date_modified": "2024-08-26T09:30:20-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/Nigeria.jpg", "tags": [ "fraud", "international", "Meta", "News", "Nigeria", "PYMNTS News", "scams", "Security", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2063054", "url": "https://www.pymnts.com/news/security-and-risk/2024/galileo-banks-must-predict-customer-experience-combat-fraud/", "title": "Galileo: Banks Need to Predict Customer Experience to Combat Fraud", "content_html": "

Forget everything you knew about fraud and fraudsters.

\n

Financial institutions must grapple with the dual challenge of countering increasingly sophisticated fraud attacks as fraudsters harness artificial intelligence and machine learning technologies. The flip side is ensuring that the customer experience is seamless through the entire journey with the bank.

\n

Max Spivakovsky, senior director of strategy and operations, global payments risk management and onboarding at Galileo, told PYMNTS in an interview that banks walk a tightrope as they deliver digital services and payments choices to their end customers while guarding against scammers and cybercriminals.

\n

That balancing act mandates that FIs use both proactive and reactive approaches, and technological tools, as they defend themselves while creating a personalized, convenient customer experience, he said.

\n

\u201cThe legacy solutions just don\u2019t work anymore,\u201d he told PYMNTS. \u201cLeveraging a single tool used to be the \u2018paramount\u2019 strategy of fraud mitigation years ago, but now it\u2019s just not applicable \u2026 the FIs must think about fighting fraud with a holistic perspective.\u201d

\n

The holistic perspective can pay dividends while protecting the FI from financial losses and reputational risk, he said.

\n

\u201cThe client experience drives the engagement, and utilization of [banking] apps and programs,\u201d he said.

\n

Increased engagement translates into longer-lived, stickier relationships, more deposits at the bank and willingness to try new services and products.

\n

Asked what a proactive strategy might entail, Spivakovsky said banks should ideally be able to predict the customer experience and shifts in customer spending patterns so they can tailor new offers in context. Reactive approaches contend with fraud that has already happened and include the need to inform customers in real time, through in-app notifications and other outreach efforts, of the steps they must take to protect themselves.

\n

No Need to Go It Alone

\n

All of this costs time and money, especially if banks try to do it in-house.

\n

But \u201cfinancial institutions don\u2019t have to build or manage these tools alone,\u201d said Spivakovsky. \u201cThere\u2019s always support.\u201d

\n

The financial services industry is moving away from the days when banks took charge of everything, keeping all data and processes on-premises. Now the shift is toward relying on FinTechs and other providers to get real-time fraud prevention in place and to identify emerging fraud and scam patterns before they wind up hurting banks and their customers while improving the customer experience, he said.

\n

Each side of the equation \u2014 the bank and the FinTech/solution provider \u2014 can bring their respective strengths to the relationship. For FinTechs, banks bring knowledge of exactly who their customers are and how they want to tailor a given customer relationship. The FinTechs, in turn, can and do offer platforms that can be adjusted for any client and improve the payments experience so that card transactions, ACH and faster payments are all enabled in an omnichannel fashion.

\n

Taking the example of card payments, Spivakovsky noted that platforms serving banks must be able to tackle real-time decisioning and signals that can determine if plastic or virtual cards can (or even should) be issued to would-be customers across individual and commercial use cases. FIs seeking to protect clients and safely take new clients on board have been turning to FinTechs and consortiums to take care of the know your customer (KYC) and know your business (KYB) processes that happen in the background and battle the rising tide of synthetic fraud.

\n

\u201cAI, machine learning, large language modeling will help us better combat fraud by making fraud detection more precise, while at the same time proving more adaptive to the new threats,\u201d he told PYMNTS. \u201cUnderstanding the client experiences and what exactly the clients are trying to achieve will help us to be much more proactive in the ways we would like to engage the customer within their digital journey.\u201d

\n

The post Galileo: Banks Need to Predict Customer Experience to Combat Fraud appeared first on PYMNTS.com.

\n", "content_text": "Forget everything you knew about fraud and fraudsters.\nFinancial institutions must grapple with the dual challenge of countering increasingly sophisticated fraud attacks as fraudsters harness artificial intelligence and machine learning technologies. The flip side is ensuring that the customer experience is seamless through the entire journey with the bank.\nMax Spivakovsky, senior director of strategy and operations, global payments risk management and onboarding at Galileo, told PYMNTS in an interview that banks walk a tightrope as they deliver digital services and payments choices to their end customers while guarding against scammers and cybercriminals.\nThat balancing act mandates that FIs use both proactive and reactive approaches, and technological tools, as they defend themselves while creating a personalized, convenient customer experience, he said.\n\u201cThe legacy solutions just don\u2019t work anymore,\u201d he told PYMNTS. \u201cLeveraging a single tool used to be the \u2018paramount\u2019 strategy of fraud mitigation years ago, but now it\u2019s just not applicable \u2026 the FIs must think about fighting fraud with a holistic perspective.\u201d\nThe holistic perspective can pay dividends while protecting the FI from financial losses and reputational risk, he said.\n\u201cThe client experience drives the engagement, and utilization of [banking] apps and programs,\u201d he said.\nIncreased engagement translates into longer-lived, stickier relationships, more deposits at the bank and willingness to try new services and products.\nAsked what a proactive strategy might entail, Spivakovsky said banks should ideally be able to predict the customer experience and shifts in customer spending patterns so they can tailor new offers in context. Reactive approaches contend with fraud that has already happened and include the need to inform customers in real time, through in-app notifications and other outreach efforts, of the steps they must take to protect themselves.\nNo Need to Go It Alone\nAll of this costs time and money, especially if banks try to do it in-house.\nBut \u201cfinancial institutions don\u2019t have to build or manage these tools alone,\u201d said Spivakovsky. \u201cThere\u2019s always support.\u201d\nThe financial services industry is moving away from the days when banks took charge of everything, keeping all data and processes on-premises. Now the shift is toward relying on FinTechs and other providers to get real-time fraud prevention in place and to identify emerging fraud and scam patterns before they wind up hurting banks and their customers while improving the customer experience, he said.\nEach side of the equation \u2014 the bank and the FinTech/solution provider \u2014 can bring their respective strengths to the relationship. For FinTechs, banks bring knowledge of exactly who their customers are and how they want to tailor a given customer relationship. The FinTechs, in turn, can and do offer platforms that can be adjusted for any client and improve the payments experience so that card transactions, ACH and faster payments are all enabled in an omnichannel fashion.\nTaking the example of card payments, Spivakovsky noted that platforms serving banks must be able to tackle real-time decisioning and signals that can determine if plastic or virtual cards can (or even should) be issued to would-be customers across individual and commercial use cases. FIs seeking to protect clients and safely take new clients on board have been turning to FinTechs and consortiums to take care of the know your customer (KYC) and know your business (KYB) processes that happen in the background and battle the rising tide of synthetic fraud.\n\u201cAI, machine learning, large language modeling will help us better combat fraud by making fraud detection more precise, while at the same time proving more adaptive to the new threats,\u201d he told PYMNTS. \u201cUnderstanding the client experiences and what exactly the clients are trying to achieve will help us to be much more proactive in the ways we would like to engage the customer within their digital journey.\u201d\nThe post Galileo: Banks Need to Predict Customer Experience to Combat Fraud appeared first on PYMNTS.com.", "date_published": "2024-08-26T04:00:24-04:00", "date_modified": "2024-08-25T20:27:05-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/Galileo-Fraud-Security.jpg", "tags": [ "banking", "Banks", "Cybersecurity", "Digital Banking", "digital transformation", "faster payments", "Featured News", "FinTech", "fraud", "Fraud Prevention", "Galileo", "KYC", "Max Spivakovsky", "News", "PYMNTS News", "pymnts tv", "scams", "Security", "video", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2063497", "url": "https://www.pymnts.com/news/security-and-risk/2024/telegram-founder-arrested-in-france-in-cybercrime-probe/", "title": "Telegram Founder Arrested in France in Cybercrime Probe", "content_html": "

\u00a0Telegram\u2019s founder has reportedly been arrested in France as part of a cybersecurity investigation.

\n

Pavel Durov, the Russian-born billionaire behind the popular messaging app, was detained at Le Bourget airport outside Paris and taken into custody shortly after landing on a private jet late Saturday (Aug. 24), Reuters reported.

\n

According to the report, a police source said the arrest was part of a preliminary investigation into whether Telegram allowed a range of criminal activity on its platform due to a lack of moderators. The probe is also looking into a lack of cooperation with police on the part of the company, the source said.

\n

The report said a cybersecurity gendarmerie unit and France\u2019s national anti-fraud police unit are leading the investigation, with an investigative judge who specializes in organized crime.

\n

The company stated on\u00a0 X Sunday (Aug. 25), saying that it abides by European laws, including the Digital Services Act, and that its moderation conforms to industry standards.

\n

\u201cIt is absurd to claim that a platform or its owner are responsible for abuse of that platform,\u201d the company said. \u201cAlmost a billion users globally use Telegram as means of communication and as a source of vital information. \u201cWe\u2019re awaiting a prompt resolution of this situation. Telegram is with you all.\u201d

\n

Earlier this year, Telegram announced it was pivoting to crypto payments for its advertisers, and crypto payouts for content creators using its app, using the Open Network (better known as the TON Blockchain), and its native cryptocurrency, Toncoin.

\n

\u201cWe chose the TON Blockchain because it has low fees, high transaction speeds \u2014 and holds a record for the number of transactions it can process per second,\u201d the messaging app said in a statement announcing the roll-out.

\n

Earlier this year, Durov told the Financial Times he was considering taking the Dubai-based Telegram public, also noting the company had 900 million users, and is making \u201chundreds of millions of dollars\u201d in revenues from advertising and premium subscription services.

\n

\u201cWe are hoping to become profitable next year, if not this year,\u201d he said in his first public interview since 2017.

\n

Durov, who owns 100% of Telegram, said the platform had \u201cbeen offered $30 billion-plus valuations\u201d from possible investors, including \u201cglobal late-stage tech funds.\u201d However, the company has no plans to sell while considering a potential initial public offering (IPO).

\n

\u201cThe main reason why we started to monetise is because we wanted to remain independent,\u201d he said. \u201cGenerally speaking, we see value in [an IPO] as a means to democratize access to Telegram\u2019s value.\u201d

\n

The post Telegram Founder Arrested in France in Cybercrime Probe appeared first on PYMNTS.com.

\n", "content_text": "\u00a0Telegram\u2019s founder has reportedly been arrested in France as part of a cybersecurity investigation.\nPavel Durov, the Russian-born billionaire behind the popular messaging app, was detained at Le Bourget airport outside Paris and taken into custody shortly after landing on a private jet late Saturday (Aug. 24), Reuters reported.\nAccording to the report, a police source said the arrest was part of a preliminary investigation into whether Telegram allowed a range of criminal activity on its platform due to a lack of moderators. The probe is also looking into a lack of cooperation with police on the part of the company, the source said.\nThe report said a cybersecurity gendarmerie unit and France\u2019s national anti-fraud police unit are leading the investigation, with an investigative judge who specializes in organized crime.\nThe company stated on\u00a0 X Sunday (Aug. 25), saying that it abides by European laws, including the Digital Services Act, and that its moderation conforms to industry standards.\n\u201cIt is absurd to claim that a platform or its owner are responsible for abuse of that platform,\u201d the company said. \u201cAlmost a billion users globally use Telegram as means of communication and as a source of vital information. \u201cWe\u2019re awaiting a prompt resolution of this situation. Telegram is with you all.\u201d\nEarlier this year, Telegram announced it was pivoting to crypto payments for its advertisers, and crypto payouts for content creators using its app, using the Open Network (better known as the TON Blockchain), and its native cryptocurrency, Toncoin.\n\u201cWe chose the TON Blockchain because it has low fees, high transaction speeds \u2014 and holds a record for the number of transactions it can process per second,\u201d the messaging app said in a statement announcing the roll-out.\nEarlier this year, Durov told the Financial Times he was considering taking the Dubai-based Telegram public, also noting the company had 900 million users, and is making \u201chundreds of millions of dollars\u201d in revenues from advertising and premium subscription services.\n\u201cWe are hoping to become profitable next year, if not this year,\u201d he said in his first public interview since 2017.\nDurov, who owns 100% of Telegram, said the platform had \u201cbeen offered $30 billion-plus valuations\u201d from possible investors, including \u201cglobal late-stage tech funds.\u201d However, the company has no plans to sell while considering a potential initial public offering (IPO).\n\u201cThe main reason why we started to monetise is because we wanted to remain independent,\u201d he said. \u201cGenerally speaking, we see value in [an IPO] as a means to democratize access to Telegram\u2019s value.\u201d\nThe post Telegram Founder Arrested in France in Cybercrime Probe appeared first on PYMNTS.com.", "date_published": "2024-08-25T16:38:09-04:00", "date_modified": "2024-08-25T16:38:09-04:00", "authors": [ { "name": "Tom Coombe", "url": "https://www.pymnts.com/author/tcoombe/", "avatar": "https://secure.gravatar.com/avatar/3edd1d32db5f11903913d5b735b68cf8?s=512&d=blank&r=g" } ], "author": { "name": "Tom Coombe", "url": "https://www.pymnts.com/author/tcoombe/", "avatar": "https://secure.gravatar.com/avatar/3edd1d32db5f11903913d5b735b68cf8?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/Telegram.jpg", "tags": [ "Cybercrime", "Cybersecurity", "digital security act", "DSA", "messaging platforms", "News", "Pavel Durov", "PYMNTS News", "Social Media", "Telegram", "What's Hot", "Security & Fraud" ] } ] }