One major trend is the resurgence of physical theft, with scammers capitalising on the delay before a theft is detected. In the period after a card is stolen, criminals often make quick purchases, such as gift cards or resalable goods, and may even initiate online money transfers using stolen card information. A related threat identified by Visa, termed ‘digital pickpocketing,’ involves using mobile point-of-sale devices in crowded areas to charge unsuspecting consumers.
There has also been an uptick in scams where fraudsters pose as government officials from agencies such as USPS, FBI, or IRS. In early 2024, losses from these impersonation scams averaged USD 14,000 per victim, with a total of USD 20 million reported in losses. As cash payments increase, Visa expects banks may notice a rise in larger cash withdrawals at ATMs as part of these scams.
Criminals are also bypassing two-factor authentication via sophisticated phishing tactics that involve sending convincing messages through various channels. This trend has been fuelled in part by advancements in generative AI, making fraudulent messages more believable and potentially compromising full account access.
The report outlines other scams affecting merchants and consumers alike:
Ransomware attacks have grown more sophisticated, with fraudsters increasingly targeting third-party service providers, such as cloud and web hosting services. While the report indicates a 12.3% decrease in overall ransomware attempts, attacks on third-party providers increased by 24%, affecting thousands of organisations and millions of individuals through a single breach.
This report marks the first edition under Visa's expanded Payment Fraud Disruption team, now part of the Payment Ecosystem Risk and Control (PERC) team, dedicated to protecting the global payment system through advanced risk controls and intelligence-driven responses.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now