More than half of businesses across the UK, Germany, France, Spain, and Italy have seen a rise in fraud levels this year, according to new research commissioned by identity management provider GBG.
Some of the most frequent attacks were credit and debit card fraud (56% of respondents), followed by phishing (46%), and e-transfer fraud (37%).
However, respondents said that they are currently least prepared to defend themselves from synthetic identity fraud (26%), IP piracy (26%), and social engineering attempts (25%).
What's more, one in three consumers said they had become more worried about becoming a victim of fraud as a result of the COVID-19 pandemic. Unfortunately, their fears may be justified; according to GBG, fraud has become a prevalent issue in 2020, with one in five consumers affected by identity fraud only this year.
The rise in incidents can be attributed to the digital acceleration powered by government-imposed lockdown restrictions and social distancing. This year saw many consumers open online accounts, with the most popular being shopping (47%), social media (35%), and online banking (31%), using mobile numbers (50%), email addresses (48%), and biometric data (28%) to log in.
GM of Identity Fraud, Europe at GBG, Gus Tomlinson, said that the research “shows that not only is identity fraud already prolific, the ‘trust gap’ it creates poses a risk to industries which will depend on digital trust if they are to thrive in 2021 and beyond”.
RELATED RESOURCE
Best practices for protecting remote work
Staying safe and secure while working from home
“For some businesses and even entire sectors, we are nearing a tipping point: get this balance wrong, and lose trust – and therefore customers – for good.”
GBG also warned that each individual identity fraud attempt could cost an organisation between £1,000 and £4,999 on average.
At the height of the pandemic in April, it was reported that about £2 million was lost to coronavirus-related fraud in the UK, with the NCSC warning that “an increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives".
"In the UK, the NCSC has detected more UK government branded scams relating to COVID-19 than any other subject," the report added.
-
Hackers are abusing ConnectWise ScreenConnect, againNews A new spear phishing campaign has targeted more than 900 organizations with fake invitations from platforms like Zoom and Microsoft Teams.
-
Cyber teams are struggling to keep up with a torrent of security alertsNews Fragmented identity security processes are creating blind spots, and the proliferation of tools doesn't help
-
The Allianz Life data breach just took a huge turn for the worseNews Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
A new, silent social engineering attack is being used by hackers – and your security systems might not notice until it’s too lateNews Security researchers have warned the 'FileFix' technique, which builds on the notorious 'ClickFix' tactic, is being used in the wild by threat actors.
-
The FBI says hackers are using AI voice clones to impersonate US government officialsNews The campaign uses AI voice generation to send messages pretending to be from high-ranking figures
-
Employee phishing training is working – but don’t get complacentNews Educating staff on how to avoid phishing attacks can cut the rate by 80%
-
Russian hackers tried to lure diplomats with wine tasting – sound familiar? It’s an update to a previous campaign by the notorious Midnight Blizzard groupNews The Midnight Blizzard threat group has been targeting European diplomats with malicious emails offering an invite to wine tasting events, according to Check Point.
-
This hacker group is posing as IT helpdesk workers to target enterprises – and researchers warn its social engineering techniques are exceptionally hard to spotNews The Luna Moth hacker group is ramping up attacks on firms across a range of industries with its 'callback phishing' campaign, according to security researchers.
