Banks in the UAE have been able to build advanced cyber security intelligence and fraud risk mitigation capabilities.
From enhancing IT infrastructure, implementing sophisticated security protocols and advanced threat detection systems, to adopting multi-factor authentication, banks have remained committed to safeguarding customer data and transactions. These advances have made it difficult for fraudsters to defraud a bank.
Consequently, fraudsters have pivoted from trying to attack a bank to employing innovative ways to defraud a host of unaware customers.
In today’s fast-paced digital economy, payment fraud has emerged as a significant threat to individuals. As more people turn to online banking, shopping and other financial services, fraudsters are using increasingly sophisticated methods to exploit vulnerabilities.
Recent reports show a dramatic rise in payment fraud incidents, with both consumers and businesses falling victim to scams that can result in financial loss, reputational damage and long-term consequences.
As of 2024, global payment fraud has become a significant concern, with trends showing a marked increase in losses and incidents. According to the latest McKinsey report on payments, global losses from payment card fraud are projected to reach $400 billion over the next 10 years.
The estimates are frightening and urgently call for a joint commitment between banks and customers to stand united and fight back together.
What is payment fraud?
Payment fraud encompasses a wide range of illegal activities involving the unauthorised transfer of funds. It can happen in various forms, including credit card fraud, phishing, social engineering – where a person's trust is exploited – and business email compromise.
Whatever the form of fraud, the basic concept is either for fraudsters to steal your card or account information and move funds by themselves or force or trick you to initiate such payments – ultimately emptying your pockets.
With evolved digital technologies, criminals have advanced as well. Earlier, theft of the card, making copy of the card at the time of payment or putting skimmers on ATMs and point-of-sale terminals were the limited means to steal your information.
-
The use of technology in everyday lives has led to growth in scams and fraud. Reem Mohammed / The National -
Phishing is one of the most common methods used by fraudsters and it involves sending an unsolicited email that appears to be from a financial institution or online retailer. The National -
Smishing — the SMS equivalent of phishing — is where fraudsters falsify the telephone number so it appears to be a genuine text from a bank or well-known company. Chris Whiteoak / The National -
Vishing is the telephone equivalent of phishing and smishing. Fraudsters may pose as bank staff, police or government officials. Getty Images -
SIM swap involves fraudsters duplicating the SIM of your mobile number without your knowledge or authorisation, allowing them to conduct financial transactions with your bank. AP -
Identity theft is where someone illegally obtains your confidential information, through various ways such as theft of your wallet, bank and utility bill statements, computer intrusion and social networks. Getty Images -
Prize scams involve fraudsters claiming to represent well-known organisations. They contact victims to tell them they have won a cash prize and request them to share confidential banking details to transfer the prize money. -
Instagram influencer Ramon Abbas, known as Hushpuppi, used a technique known as business email compromise. -
The tax authority said some bank customers in the UAE have received phishing emails impersonating financial institutions. EPA -
Jenny Ross, Which? Money editor, says: ‘Scammers are relentless when it comes to wanting our personal information and ultimately our money.’ PA -
Netflix's The Tinder Swindler tells the story of three women who say they were conned out of $500. Photo: @simon_leviev_official via Instagram
Today, the techniques are more sophisticated where the fraudsters manipulate you in a certain way to divulge your account information. Phishing, for example, is used to obtain sensitive information such as card numbers and log in credentials, often by email or social media or through fake log-in pages or payment portals.
Fraudsters can go to the extent of creating a replica page of a known service provider and embed a fake payment link or send an email requesting a payment with a fake link, or call and ask you to confirm the last few digits of your IBAN number.
“Quick money” is a concept that reflects certain human desires, such as seeking immediate financial gain or instant gratification. Fraudsters have taken advantage of this to trap people through multiple types of scams, including bogus investments, work-from-home schemes and fake prizes and sweepstakes – where too-good-to-be-true financial gains are promised.
How can it be tackled?
Whether bank or customer, we all have a responsibility to take steps to combat payment fraud. As banks, we must invest in state-of-the-art technology to mitigate risk and safeguard customer data. We must leverage innovation, such as data analytics and behavioural analytics tools, to monitor user behaviour, detect anomalies and identify unusual activities that may indicate fraud.
We must use real-time risk analysis to assess the risk associated with each transaction before authorising it.
We must ensure our customers are aware of the types and trends of frauds so that they can take steps to avoid falling victim to fraud. Fraudsters often rely on a lack of customer awareness to succeed.
To avoid becoming a victim of financial fraud, you can take the following steps:
- Secure your personal and financial information by strengthening your online security, using strong unique passwords for all online accounts. Use two-factor authentication wherever offered and update your software and systems whenever an update is released.
- Be sceptical of unsolicited offers by avoiding phone calls, emails or messages from unknown sources that claim you've won money or prizes or are eligible for special offers.
- Consistently monitor your financial statements and report any anomalies to your bank or financial institution immediately.
- Safeguard physical documents and shred anything not needed. Use your smartphone to make contactless payments wherever possible.
- Protecting your digital footprint is crucial. Some of the measures include securing your social media profiles and never sharing your personal information online, using secure networks and not accessing sensitive accounts or conducting financial transactions on public Wi-Fi networks.
- Verify the legitimacy of websites before entering sensitive data and only contact your bank at the contact number given on its website.
- Stay abreast of the latest scams and fraud techniques reported in the news. Be vigilant when taking calls from anyone purporting to be from your bank or financial institution and never share your personal or sensitive data in any way.
Gurcharan Chhabra is head of fraud prevention and intelligence at Mashreq
