Fergal Parkinson
Published on: May 7, 2024
Businesses are no strangers to the risks and challenges posed by fraudulent activities. One such threat that continues to cause problems for businesses is account takeover fraud.
Account takeover fraud occurs when a malicious individual gains unauthorised access to a customer’s account, exploiting it for personal gain. This can range from financial theft to the compromise of sensitive information.
In this blog, we will explore the risks and costs associated with account takeover fraud, discuss how businesses can protect themselves, and delve into its impact on financial services and eCommerce businesses.
The consequences of account takeover fraud can be severe for businesses. Not only does it erode customer trust, leading to reputational damage, but it also results in substantial financial losses.
In the first half of 2022, the occurrence of account takeover attacks increased dramatically by 131%.
Victims of account takeover fraud are likely to seek reimbursement, making businesses responsible for the financial implications.
Additionally, the costs associated with investigating and resolving cases of account takeover can be significant, requiring dedicated resources and expertise.
Fortunately, there are several steps businesses can take to shield themselves from account takeover fraud:
Multi-Factor Authentication (MFA): Implementing MFA adds an extra layer of security by requiring customers to provide multiple forms of verification, such as a password and a text message code, to access their accounts. This makes it harder for fraudsters to gain unauthorised access.
Utilising Mobile Number Intelligence: Mobile number intelligence is a powerful and reliable dataset which can be used to validate a user’s identity based on their mobile number and their live account information. Mobile data is authoritative and highly trusted around the world.
Monitoring and Analytics: Establish robust systems to monitor user behaviour and detect suspicious activity. Analysing patterns and anomalies can help identify potential fraudulent attempts and trigger appropriate measures to prevent or mitigate them.
Educate Customers: Provide educational resources and alerts to help customers identify and prevent fraud. Encourage them to create strong passwords, regularly update them, and avoid sharing personal information.
Regular Software Updates: Keep your systems and software up to date to patch any security vulnerabilities that malicious actors might exploit.
Secure Communication Channels: Utilise secure communication protocols and ensure that sensitive data is encrypted both in transit and at rest.
Fraud Detection Solutions: Consider investing in fraud detection tools and services that utilise advanced machine learning algorithms to proactively identify and prevent account takeover fraud.
Account takeover fraud poses a significant threat to banks and financial institutions, impacting both their customers and their own operations. Here are some key ways in which account takeover fraud affects these entities:
Financial Losses: Account takeover fraud often results in direct financial losses for banks and financial institutions. Fraudsters gain unauthorised access to customer accounts and exploit them for financial gain, such as making unauthorised transactions or transferring funds to fraudulent accounts.
Reputation Damage: Account takeover fraud can have serious implications for an institution’s reputation. When customers fall victim to fraud, their trust in the institution is eroded. This can lead to negative publicity, customer attrition, and difficulty in attracting new customers.
Legal and Regulatory Consequences: Banks and financial institutions are subject to stringent regulatory requirements for securing customer data and preventing fraud. In the event of an account takeover, if these institutions are found to be non-compliant, they may face legal repercussions, fines, and damage to their credibility.
Operational Disruption: Dealing with cases of fraud requires significant resources and may impact the normal operations of banks and financial institutions. Investigation, remediation, and customer support processes can be time-consuming and costly, diverting attention from other important activities.
Customer Trust and Loyalty: Account takeover fraud can shatter customer trust in banks and financial institutions. Customers may feel violated and lose confidence in their institution’s ability to safeguard their accounts and financial data. As a result, they may switch to competitors or reduce their engagement with the affected institution.
Increased Fraud Prevention Costs: In response to the growing threat of account takeover fraud, financial institutions must invest in robust fraud prevention measures. This includes implementing stronger authentication methods, enhancing security systems, and training staff to detect and respond to fraudulent activities. This however is a small price to pay compared with falling victim to fraud.
For eCommerce businesses, account takeover fraud poses a unique set of challenges. With the rise in online shopping, fraudsters exploit the vulnerabilities of weak security systems to gain unauthorised access to customer accounts.
This not only leads to financial losses for the business but also damages its reputation. eCommerce businesses must prioritise security measures such as regular security audits, enhanced encryption protocols, and strict password policies to protect customer accounts and minimise the risk of fraud.
Account takeover fraud poses unique challenges for insurance companies, as it not only impacts their customers but also affects the overall stability and profitability of their business. Here are some ways in which account takeover fraud impacts insurance companies:
Policy Fraud: Fraudsters can take over a legitimate policyholder’s account and modify policy details without their knowledge. This can result in fraudulent claims being filed or changes to coverage, leading to financial losses for the insurance company.
Unauthorised Access to Sensitive Information: Account takeover can grant criminals access to sensitive customer information, such as social security numbers, medical records, and financial data. This puts the insurance company at risk of legal and regulatory consequences, data breaches, and reputation damage.
Malicious Activity: Once inside a customer’s account, fraudsters may engage in various malicious activities, such as changing beneficiaries, diverting claim payments, or selling policy information on the black market. These actions not only result in direct financial losses but also damage the trust between the insurance company and its customers.
Increased Fraudulent Claims: Account takeover can lead to an increase in fraudulent claims being filed. Fraudsters may take advantage of stolen accounts to submit fabricated claims or inflate existing ones, resulting in inflated claim payouts for the insurance company.
Heightened Compliance and Regulatory Burdens: In response to the growing threat of account takeover fraud, insurance companies face increasing regulatory requirements to protect customer data and prevent fraudulent activities. Non-compliance can result in penalties and legal repercussions for the insurance company.
We’ve all seen them in multiple variations for years. My uncle has a diamond mine – the original and the greatest. We tried to deliver your parcel (even though you weren’t expecting one) Contact us to arrange the unlocking of your tax rebate. Yeah, right.
The fraudsters simply never let up. But they also never stand still – and not all attempts are as easy to spot as these. And that means that it’s essential for the security of their customers that businesses don’t stand still either: they have a responsibility to be aware of trends in the fraud industry.
It may perhaps seem odd to refer to fraud as an industry but as it’s happening on an industrial scale what other term could you reasonably use? The National Crime Agency estimates that the cost to the UK economy annually is some £190 billion Fraud – National Crime Agency To give that some perspective: the entire UK fishing industry is worth just £430 million, or almost 500 times less.
Phishing is plainly a lot more lucrative than fishing.
And more than most other enterprises. Which is why it’s happening on such a massive scale. So it’s difficult to overstate just how important it is to be alert to trends – and to be ready to respond to them swiftly.
Right now, one of the biggest new fronts in the war between bona fide business and fraud is on the issue of knowing who’s in charge of a mobile phone.
Because with mobiles at the heart of much human interchange and an ever-increasing proportion of trade and commerce, if the fraudsters can control a mobile number, they can control a lot of other stuff too, including accounts and bank cards linked to that number.
When Experian evaluated the new trends in fraud for 2022 7 global fraud predictions for 2022 – Global Insights (experian.com) one of their biggest concerns was digital authenticity during smartphone use. As their report put it: “Password-free experiences led by the ubiquitous smartphone and the ability to make real-time payments has resulted in a demand for a seamless, uninterrupted customer journey. But central to all of this is identity authentication.”
We at TMT Analysis have found that the two most prevalent ways the fraudsters use to hack phone numbers are what we call SIM Swap and Call Forwarding.
Your SIM card is the cornerstone of your mobile phone account identity so if the fraudsters can persuade your mobile provider – typically with a story about a lost handset and an urgent situation – to move your number to a new SIM card and then obtain that card and insert it into an alternative device that they control then they can control your accounts. Once they’ve pulled this off they will be able to intercept your calls and messages and even impersonate you for other services like online banking. To all intents and purposes they have then taken over your digital identity.
In Call Forwarding the criminals trick a network into forwarding calls and messages from a victim’s phone to their own number, again typically starting with the story that they’ve lost or damaged a handset and are now temporarily on another device. They’ll forward some messages to the genuine account holder of the phone to keep them from raising any alarm – while using their new access to the device to confirm their ID for a new account or to authorise a withdrawal request they have fraudulently activated.
If they target an individual they can often find enough information from their publicly available profiles – on social media and so on – to give them the means to approach the phone companies sounding plausible and then successfully pull off either scam. Their victim can be sitting there with their mobile phone in their hand as normal, scrolling carefree, unaware that they are about to lose tens of thousands of pounds because their number has been switched to a surrogate device.
I talked earlier about the responsibility that all companies have to their customers to be informed about such potential dark acts and to be alert to them.
So how do they exercise this responsibility? Well just as the weakness in a customer’s online security can stem from their intimate relationship with their mobile phone, that phone can also provide the solution to protecting them.
And, similarly, it’s the insight that we get from the phone companies whose security the fraudsters have managed to evade that can catch them: by using data obtained from the mobile phone companies we at TMT are able to detect unusual activity linked to a phone number in a moment.
If fraudsters have managed a SIM Swap or Call Forwarding scam, our checks will detect that there’s more than one handset linked to a number or that data is flowing to two places – or to a new place. All these anomalies and sub-variations therein are visible in the data in a matter of microseconds if your system is sensitive to them. And ours really is.
Because we are connected to the telephony network globally the information we are able to provide is based on live data rather than a back history of behaviours. The fraudsters can move quickly so this live data is key to detecting them quickly too.
So although it’s alarming that your customers can be targeted in these ways it is also, I think, reassuring that you can protect yourself – and them – from being targeted by simply making sure your security procedures are robust.
Telephony fraud is not new, in fact there were fraud schemes reported as far back as the 1950s. Over the years, as the complexity of the telephone networks have increased so has the creativity of fraudsters looking to make money. The 2021 CFCA Global Telecommunications Fraud Loss Survey estimated the amount of revenue loss resulting from fraud schemes to be $40 Billion, which was over a 25% increase from the 2019 survey estimate.
Phone number verification plays an essential role in the detection and prevention of telephone fraud. The TMT TeleShield service uses TMT Analysis’ unique data assets that are consistently extended and updated as its foundation. It includes analysis of mobile and fixed phone numbers, with the goal of identifying phone attributes that contribute to assessing the fraud risk for a number. Through integrating a variety of data sources, TeleShield provides an accurate and living representation of the propensity for a number to be fraudulent, putting the power to identify and stop global telephony fraud in our customers’ hands.
We recently worked with a customer who was being billed a high level of surcharges as a victim of Origin Based Routing (OBR) fraud schemes. In an OBR scam, fraudsters can spoof the calling number (A number) to make it appear like it is coming from a country with a low call termination rate. This is a type of telephony by-pass fraud, which in the 2021 CFCA Survey was estimated to be $2.6 billion.
We were approached by an international wholesale provider that had been billed tens of thousands of Euros in call surcharges because originating numbers were identified as invalid by the terminating operator. The service provider wanted an independent analysis of the originating numbers, most of which they suspected were spoofed.
TeleShield’s analysis confirmed the customer’s suspicions, 91% of these calls were not valid numbers:
In summary, TeleShield can be easily integrated into customer business processes to facilitate their saving tens of thousands in fraud damages. It provides:
In conclusion, account takeover fraud is a pressing issue that businesses must address to safeguard their customers and protect their own interests. By implementing robust security measures, educating customers, and utilising advanced fraud detection solutions, businesses can fortify their defence against account takeover fraud.
Taking proactive steps will not only save businesses from potential financial losses but also ensure their reputation remains intact in the face of ever-evolving cyber threats.
Have you ever wondered who are the most common victims of online fraud? Find out more in our related article.
Last updated on January 31, 2025
Implementing MFA adds an extra layer of security by proving device possession. Authenticate silently confirms the device is the expected one without the need for an OTP.
Check out Authenticate"Phone number verification plays a critical role in helping to detect and prevent online fraud. TMT ID’s TeleShield product provides easy access to global mobile data, enabling us to enhance the actionable results of our MaxMind minFraud® services."
"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”
"Working with TMT’s TeleShield service has expanded our ability to detect fraud and minimise the risk to our business. TeleShield brings peace of mind and the opportunity to stop fraud before it affects our customers’ bottom line or the service."
"LATRO relies on TMT’s TeleShield to provide the most up to date and reliable numbering qualification information within our fraud reporting tools, enabling us to protect our customer’s revenues and empowering them to defend themselves against fraudulent numbers."
"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."
"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."
"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."
"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."
"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."
We provide the most comprehensive device, network and mobile numbering data available
Contact us > Chat to an expert >
