2022 Fraud Predictions

Here’s what they had to say:

Josh Schleicher, Director of Sales Engineering predicts a rise in peer-to-peer (P2P) systems fraud.

• Third-party P2P payment systems continue to drive fraud incidents for financial institutions (FIs)
  • We've seen this as a consistent problem for FIs. Most FIs have limited visibility in this area and are not able to provide the same level of monitoring for P2P payment systems that generally use single sign-on (SSO). This means FIs do not have visibility into P2P transactions before they are processed. Cyberattacks on vulnerable third-party P2P payment systems will continue to rise in 2022 and become the leading cause of payment fraud for FIs.

Carlos Rubio, Lead Sales Engineer, has a few predictions for the coming year.

• Phishing and more phishing
  • This attack vector continues to be particularly effective, giving cybercriminals a very profitable, simple-to-deploy attack method. We will likely see a rise in phishing attacks related to cryptocurrency and non-fungible tokens (NFTs). Additionally, on-going pandemic conditions will continue to be a driving force behind targeted phishing attacks as threat actors test security strategies for distributed users, consumers and data.

• Remote work and hybrid environments will be the new reality; it is no longer temporary
  • Remote work is no longer just an employee perk or benefit. It is a reality for many organizations that requires even more cloud and hybrid environments, making attack surfaces much greater. This undoubtedly opens doors that threat actors are eager to open and presents a great challenge for organizations that must not only secure their doors, but those of those third parties as well.

Beatriz Cleves, Product Manager for Digital Threat Protection, shared these perspectives regarding 2022 fraud trends.

• Cryptocurrency will be a major target for cyberattacks
  • During the pandemic, people learned to use 100% all-transactional channels, and all regarding cryptocurrencies became the “daily bread. In 2022, we can expect to see an increase in cryptocurrency-related cyberattacks and cybersecurity vendors will need to protect against hackers attempting to steal and manipulate bitcoins and altcoins.

• New ransomware tactics and methods
  • Ransomware will continue its meteoric rise and become more sophisticated. Hackers will utilize penetration tools to conduct real-time attacks and penetrate victim networks. For example, 2022 could be the year we see malicious actors exploiting vulnerabilities in IoT devices. This is different from today’s ransomware attacks, where hackers encrypt a victim's information and hold it for ransom while demanding payment. A new form of ransomware attack could involve taking over the ability to communicate with a victim via an IoT device and leveraging social engineering to manipulate their behavior.

Javier Velandia, Product Manager for Risk-Based Authentication, forecasts that weak authentication strategies will continue to be a pain point, driving many to adopt more secure methods.

• Greater adoption of passwordless authentication
  • Account takeover fraud schemes will persist, especially targeting organizations that reply solely on a username/password combination. This will drive increased adoption of strong passwordless authentication techniques to better secure the user experience.

Every year as we look ahead and make our fraud predictions there is one thing that remains the same—where there’s an action, there’s a fraudster reaction. Malicious actors are constantly evaluating different methods and circumstances to create new, sophisticated attacks. It’s important that organizations look ahead in anticipation for new techniques and prepare accordingly.

For more information, dive into the 2021 Faces of Fraud survey.