Fraudsters, disguised as valid merchants on e-commerce sites and platforms, are now scamming online users.
For example, they create fake profiles that appear legitimate, offering high-demand goods at significantly lower prices. Enticed by bargains, unsuspecting consumers submit their payment details, only to receive nothing in return. Often, these fake sites also harvest the buyer’s personal and financial information for further fraudulent activities.
The emergence of these new fraud types are posing greater risks to both consumers, businesses and financial institutions.
Carlos Tengkiat, chief information security officer of the Rizal Commercial Banking Corporation (RCBC), cautioned that millions of pesos can potentially be lost as online commerce expands.
“We’ve seen an increased usage of data breaches in social engineering and account takeovers,” Tengkiat said.
The current set of fraud also utilizes past data breaches, with fraudsters banking on people reusing the same usernames and passwords across different platforms.
For instance, fraudsters might access a list of compromised email addresses and passwords from a previous data breach and then use that information to attempt logins on various platforms, hoping some individuals have reused their credentials. Once they gain access, they can make unauthorized purchases, transfer funds, or even lock out the legitimate users.
Jericho Konrad Uy, head of RCBC Enterprise Fraud Risk, said that cyber criminals still use the same attack vector, phishing. The difference is that they use various tactics to gain their victims’ trust faster, such as ‘riding’ on the banks’ promotions and system migrations.
To combat these new fraud types, RCBC has implemented several measures including additional controls to prevent continuous fraud-like behavior in its apps and websites.
The bank participates in Bancnet’s program for faster tracing and alerting among member banks. Bancnet is the interbank network connecting the ATM networks domestic and offshore banks.
Uy added that the universal bank constantly updates its security control measures to remain current with existing and emerging fraud trends. Clients are made aware of recent fraud trends by sending them security reminders via different channels.
RCBC currently leverages advanced technology in its anti-fraud strategies. Artificial intelligence (AI) and machine learning analyzes large amounts of data related to account activities, flagging possible fraudulent behaviors.
