One in five (22%) people have been defrauded via their credit card in the last year, according to a survey of 2,000 UK adults commissioned by comparethemarket.com. This equates to 11.4 million people nationwide, highlighting the rising levels of credit card cyber risk in the UK.
The Credit Card Fraud Index found that many people who had their credit cards compromised, also lost significant sums of money. In nearly half (45%) of fraud cases, customers found themselves out of pocket, with hackers stealing an average of £801 per person. Based on these figures, comparethemarket.com estimates that £4.1billion has been stolen from the UK population in the last year.
Latest figures show that online sales now represent 17% of total UK retail sales. Cyber Monday this year falls on Monday 26 November, when millions of people take to the internet to find Christmas discounts from online retailers – presenting a major opportunity for hackers. However, it seems that customers are not taking steps to protect themselves; nearly a fifth (19%) of people who had been hacked admitted they didn’t have a backup credit card, in case something should happen which meant they could not access their account.
Despite high levels of credit card fraud, consumer awareness of the problem remains low. In over a third of cases (34%), people who had their accounts compromised did not know or couldn’t remember how the hack occurred. Similarly, in nearly a third of cases (31%), banks did not alert people to the fact they had been hacked, suggesting that in some cases, levels of security may be somewhat lax.
As a result of their credit card being compromised, 41% of people say they are now more cautious about saving their details online and 48% admit they now check their online bank accounts more frequently. However, only 6% of people who were hacked have gone on to change their credit card provider as a result of the cyber attack, whilst nearly three quarters (74%) have not considered or have no intention of changing accounts.
Simon McCulloch, Director at comparethemarket.com, said “As more and more people choose to shop online, our money is made increasingly vulnerable to sophisticated cybercriminals. Cyber Monday is a peak time for hackers. Banks and retailers must do their best to protect customers from fraud, not least because data compromises can lead to customers voting with their feet and switching accounts.”
“That said, people should not depend entirely on their bank’s security system, but should instead take decisive steps to protect themselves – such as having multiple passwords and checking their online credit card banking accounts regularly. Having a backup credit card ensures you are still able to make purchases, even if another account is frozen by fraud. It’s important to note that, provided you have not been negligent, transactions made with a credit card are protected under Section 75 of the Consumer Credit Act, so if you are victim of fraud for a purchase worth over £100, then you should be able to get your money back.”
Josh Gunnell, Head of Fraud & ID pre-sales at TransUnion, said “Black Friday is touted as one of the biggest retail occasions of the year, marking the start of Christmas shopping and kicking off an end-of-year spending spree for many shoppers. But with the British Retail Consortium announcing over 3000 stores have closed in the past four years, it’s no surprise that it’s the online retailers that are striding ahead in the seasonal sales showdown.
“Of course, as the consumers move online, so do the fraudsters – and the holidays bring a host of opportunities as shoppers, often feeling rushed and in a frenzy to bag the best bargains, find themselves unwitting victims, whilst fraudsters can hide amongst atypically high volumes for retailers.”
“Many organisations do not have adequate controls to mitigate the increase in fraudulent activity at this time of year, having been focusing on evolving their processes to make the online shopping experience more streamlined, without necessarily increasing their fraud prevention tactics to correlate. Or more acutely, they have an inability to scale up on the finite human and technological resources they have at their disposal to mount an effective set of defences that these peak periods require.”
“Online retail giant Amazon is the latest in the list of big names to suffer a data breach this year, and just days before Black Friday, with the company attributing the disclosure of customer names and email addresses to a technical issue.”
“Cyber security is in the spotlight during this frenetic few weeks – if a retailer’s website doesn’t have the correct encryption in place, then processes such as storing credit card details, or simple one-click buying can leave the business exposed and the customer data vulnerable to theft. Plus, the social engineering tactics the fraudsters employ for those on the hunt for a bargain can often be quite inventive – so it’s more important than ever that businesses are educating their customers and alerting them to these threats.”
“Earlier this year CIFAS reported a huge annual increase of 49% in relation to identity fraud within online retail, which will be a key tactic during this period, given the volume of transactions taking place. As fraudsters buy goods online using the victim’s name and bank details, they can often have them delivered to a different address, raising little suspicion at this time of gift-giving.”
“Plus, some of the fraudsters will be bold in their approach – reportedly in some cases encouraging victims to take delivery of goods obtained fraudulently using their own details. They sign for the package, because it’s addressed to them, and then hand it over to a fraudster posing to be a courier who delivered it in error. This is just one of the many tricks that will be at play, so businesses need to be doing all they can to help consumers shop safely.”
“Traditional fraud prevention methods, such as identity verification, are obviously essential, but businesses should look to complement these with more sophisticated techniques and a multi-layered set of controls to ensure comprehensive strategies that will help keep themselves, and their customers, as safe as possible.”