Digital payment systems facilitate cashless and paperless peer-to-peer (P2P) transactions through intermediary payment platforms. Transactions are conducted using devices that are connected to the internet.
Digital payment systems have revolutionized the transfer of money and purchase of commodities by facilitating quick, convenient, and often contactless transactions. In an article on onecommercetips.org a statistic provided by McKinsey & Company on the use of digital payments stated, approximately 9 out of 10 Americans reported using digital payments, with the total value of executed transactions exceeding $2 trillion dollars.
Different systems have different characteristics, purposes and target users. For example, the payment platform Venmo is popular for its social integration which allows friends to seamlessly split payments. Zelle enables users to rapidly conduct transactions between major banks. Apple Pay, Google Pay and other mobile wallet services allow users to make contactless payments in-store or online using their smartphones.
Despite how convenient and secure these systems often are, they are not immune to being exploited by transnational criminal organizations (TCOs). Digital payment systems can be utilized to place, layer and integrate criminally derived funds – making them an attractive tool for money launderers. These systems are easy to access, cheap to operate, allow for the rapid transfer of funds and offer a perception of anonymity.
Financial fraudsters regularly use these systems to deprive victims of their funds. According to the Association for Financial Professionals (AFP), 70% of financial institutions reported an increase in digital payment fraud in 2020. Several types of fraud schemes are associated with digital payment systems, including:
-
Phishing scams are one of the most common types of fraud associated with digital payment systems. Fraudsters may send deceptive emails or messages pretending to be from the digital payment provider, asking users to provide personal information or login credentials. These phishing attempts often mimic official communications, making them difficult to spot. In 2020, 56% of all digital payment fraud stemmed from phishing attacks.
-
Account takeover is another prevalent form of fraud, where hackers gain unauthorized access to users' accounts and make fraudulent, unauthorized transactions. This can occur through various means, such as weak passwords, malware, or social engineering tactics.
-
“Fake seller” fraud schemes are also a significant concern, especially on online marketplaces where users may encounter fraudulent listings for goods or services. Fraudsters posing as sellers may accept digital payments but never deliver the promised items, and by the time buyers realize what has happened, it is too late.
-
Romance/Social Engineering (specifically voluntarily sent money) is a type of fraud where the perpetrator creates a relationship with the victim, often initiated through a “wrong number’ phone call, text, or email. After trust has been established, the fraudster asks for money to be sent through digital payment systems under the guise of investing, financial assistance, or some kind of gift. After the money is sent, the perpetrator will often cease all communication with the victim.
Being proactive in preventing fraud is the best method to reduce the likelihood of becoming a victim of fraud. Assessing risks and implementing security measures can be effective in mitigating fraud:
- Ensure financial institutions apply “Know Your Customer” (KYC) standards to verify parties and counterparties that utilize digital payment systems.
- Use reputable digital payment systems that offer customer protections and report concerns to their respective anti-money laundering (AML) departments.
- Educate staff and customers about common fraud schemes and how to recognize them.
- Enable two-factor authentication (2FA) for added security on digital payment accounts. This extra protection can help prevent unauthorized access even if login credentials are compromised.
- Ignore “wrong number” texts that are followed with attempts to befriend
- Encourage elderly family members to designate a trusted family member to serve as a co-signer for bank accounts or to review financial statements on a regular basis.
- Regularly monitor accounts for any suspicious activity, such as unfamiliar transactions or changes to account settings. Promptly report any unauthorized activity to the digital payment provider and take steps to secure the account.
- Use strong, unique passwords for accounts and consider using a password manager to keep track of them securely.
- Avoid using easily guessable passwords or reusing passwords across multiple accounts, as this can make it easier for hackers to gain access.
- Don’t open unfamiliar or unsolicited emails. Do not click on any links contained in such a communication.
- Look at feedback ratings and comments associated with individuals when deciding whether to send payments. Scrutinize merchants that do not have a history of transactional activity or customer ratings.
Only accept payments from trusted sources and be cautious of requests for large or unusual transactions. Remember, if something seems too good to be true, it probably is.
The scope of digital payments is massive, and its client base is only growing. According to World Metrics, since 2019, digital payment fraud has increased by 66%, and the total cost of global payment fraud is expected to exceed $40.6 billion dollars by 2027. Some red flags to look for include:
- Unsolicited requests for personal or financial information, especially via email or messages.
- Requests for money or personal information from the company that convey a sense of urgency or pressuring you to act quickly.
- Sellers who have no reviews, ratings, or other online presence, and have listings that lack descriptions of the product, or use stock images in lieu of actual pictures of the item.
- Messages that include suspicious links that direct you to unfamiliar or “look-alike” websites.
- Any correspondence or website that have you enter sensitive information in an unsecured platform (over the phone or via text).
- Emails or messages with spelling or grammar errors, or from suspicious email addresses.
- Unexpected changes to account settings or payment methods, which could indicate an unauthorized access.
- Frequent alerts regarding declined transactions, or transactions you did not make can indicate account takeover.
- Any “too good to be true” offers that are unusually generous.
- Requests for payment outside of the platform's official channels, such as wire transfers or gift cards.
HSI encourages the public to report suspected suspicious activity through its toll-free Tip Line at 877-4-HSI-TIP.
Callers may remain anonymous.
|
