The more things change, the more they stay the same.
That’s often true for financial cyberattacks, which have seen a steep rise in the impact of identity fraud, with criminals often sticking with or just reverting to “pre-pandemic” scams and techniques to steal sensitive data from financial firms and their customers, according to a recent report from Javelin Strategy & Research.
Identity fraud losses tallied $52 billion last year, affecting at least 42 million American adults, as hackers moved more aggressively into “hijacking victims’ online lives,” per Javelin Strategy and Research’s 2022 "Identity Fraud Study: The Virtual Battleground."
Raj Dasgupta, director of fraud strategy at BioCatch, which subsidized the identity fraud study, said he was most surprised by the whopping 90% increase in account takeover from 2020, to $11.4 billion, in 2021.
“With more people being forced to transact digitally because of the pandemic, the less digitally savvy among them are particularly vulnerable to fraudsters extracting confidential information from them and taking their account over," Dasgupta said.
And bad actors continued to prove that they are more than happy to continue perpetrating the same scams and intrusions, as long as they continue to work. Indeed, “traditional” identity fraud losses jumped by 79% to $24 billion, compared with 2020 figures. This so-called “traditional identity fraud” impacted at least 15 million Americans, while new account fraud hurt more than 4.9 million Americans, and tallied $6.7 billion of losses, per the Javelin Strategy & Research study.
“Criminals reverted to pre-pandemic tactics in 2021 by focusing on virtual attack vectors such as bots, malware and a variety of identity fraud scams,” said John Buzzard, Javelin’s lead fraud and security analyst, in the release regarding the report. “Further, the 2021 data has shown criminals will change strategies to evade detection and maximize the amount of information they can extract from victims.”
Identity fraud and the financial sector
Now in its 19th year, the study pointed out major shifts in the various forms of identity fraud, and how it impacts U.S. financial firms and their customers, especially regarding account takeover and new financial account fraud, which has more than doubled in one year.
The report also found that new account fraud increased 109%, with criminals in possession of consumer information, which allows them to open multiple unauthorized credit accounts. Fraud affecting existing credit cards rose 69%, while fraud on existing non-card accounts, including checking and insurance, jumped 73%.
The impact of identity fraud substantially increased, as the average per-victim loss from traditional identity fraud rose by $201 to $1,551, with identity fraud scams costing an average of $1,029 per victim. And that’s not even counting the time invested in rectifying identity theft issues; the report found that ID theft victims spent an average of nine hours resolving their issues.
“The 2021 losses are staggering and underscore how damaging identity fraud has become,” Kathy Stokes, director of Fraud Prevention Programs at AARP, said in a press release. “Institutions must show empathy for the financial and emotional toll that identity fraud takes on its victims, who expect — and deserve — to be treated with respect, regardless of their situation.”
The Javelin study also found that the majority of financial fraud victims (54%) want their financial institution to provide fraud prevention resources and help them resolve their fraud issues.
Javelin’s 2022 ID Fraud survey was conducted online among 5,000 U.S. adults over the age of 18, using a sample representative of the U.S. census demographics distribution. Data collection took place from Oct. 30 through Nov. 16, 2021.