LexisNexis Risk Solutions has released its annual cybercrime report, dubbing it “The Calm Before the Storm?” with the ominous question mark and all. The storm in this case being an impending AI-powered fraud assault.
According to their report, first-party fraud is now the most popular type of fraud globally, accounting for more than a third (36%) of all reported fraud in 2024, an increase of more than double from 15% in 2023.
First-party fraud is, in their words: “[M]isrepresenting or giving false personal or account information for financial gain, such as when applying for a loan, claiming a credit or debit card purchase is fraudulent in order to get a refund (known as friendly fraud), or claiming ordered goods were not delivered. Buy Now, Pay Later (BNPL) providers and financial institutions are among the organizations reporting an uplift in first-party fraud, which is known to be exacerbated by periods of inflation and the rising cost of living. Increased institutional liability for scams, driven by regulation, is also likely having an impact.”
The press release notes that bot-based crimes are actually down by 15% but warns that this could be the calm before the storm (heh…it’s in the name of the report) as crime networks ready their AI fraud armies for attack.
“We are at a potential tipping point. While many organizations have improved their defenses over the past few years, we also know that cybercriminals are embracing new innovative, AI-enhanced capabilities and we will likely see these extensively tested and executed over the coming months,” said Stephen Topliss, vice president of fraud and identity, LexisNexis Risk Solutions. “Our analysis of attacks over a longer multi-year period shows that significant attacks often come in waves and this latest set of figures could indicate the imminent arrival of the next, AI-enabled wave of global attacks.”
“These findings represent a notable shift in global fraud patterns, with consumers now emerging as the single largest source of human-initiated fraud,” he added. “The change in composition of attacks presents a significant challenge for fraud prevention since detecting first party fraud requires a subtly different approach from detecting scams or account takeovers. Organizations can’t afford to be complacent, however – there were more than three billion brute-force automated account takeover attacks detected last year alone and scams remain a global problem. It is vital for organizations to have models tuned to detect these varied forms of fraud.”
In a 2009 report titled “Occupational Fraud: A Study of the Impact of an Economic Recession,” the Association of Certified Fraud Examiners found a direct correlation between the dire state of the economy and fraud activity. We sort of knew that, logically, since people get desperate when the economy is trash but it’s nice to see it verified with data. This is what ACFE said in that report, just so we know what we might be dealing with should the economy take a nosedive in coming months:
- Employees pose the greatest fraud threat in a weak economy. When asked which, if any, of several categories of fraud increased during the previous 12 months, the largest number of survey respondents (48%) indicated that embezzlement was on the rise.
- Layoffs affect organizations’ internal control systems. Nearly 60% of CFEs who worked as in-house fraud examiners reported that their companies had experienced layoffs during the past year. Among those who had experienced layoffs, almost 35% said their company had eliminated some controls, while 44.2% said the layoffs had no effect on controls and only 3.2% said their company had increased controls.
- Fraud levels are expected to continue rising. Almost 90% of respondents said they expect fraud to continue to increase during the next 12 months. Additionally, the fraud most expected to increase is embezzlement.
Over in Switzerland, a recent KPMG analysis found that internal controls were insufficient in 76 percent of the fraud cases in the study. More than half of the frauded (that’s a word, shush) organizations they looked at did not have adequate preventive measures in place when the fraud was committed. Still other organizations in the KPMG study indicated that they used codes of conduct (81%), internal audits (64%) and whistleblowing (60%) as control mechanisms.
First-Party Fraud Surpasses Scams to Become the Leading Form of Global Attacks [PR Newswire]
