Identity fraud cost businesses $56 billion last year and much of that came from identities stolen via social engineering, according to a new report from Javelin Strategy & Research. Scams where fraudsters obtained stolen identities directly from an account holder or consumer surged last year compared to traditional identity fraud where they might harvest PII from data breaches.
“The pandemic inspired a major shift in how criminals approach fraud,” said , lead analyst for Fraud & Security at Javelin Strategy & Research. “Identity fraud has evolved and now reflects the lengths criminals will take to directly target consumers in order to steal their personally identifiable information.”
The increase in online life occurring because of the pandemic led to opportunities for fraudsters. Merchants and banks have beefed up their antifraud responses over the past few years. That, combined with the Covid-induced reduction in offline transaction activity, made life more difficult for fraudsters. Tactics that used to work were not working and they adjusted on the fly, as they usually do, and opted instead to interact directly with their fraud victims via identity fraud scams.
Javelin reported that digital wallets and peer-to-peer (P2P) accounts were hit particularly hard, especially as many of those accounts were flush with economic stimulus payments and extended unemployment benefits.