• Products

    Digital Trust & Safety Platform

    Fight fraud without sacrificing growth

    Learn more

    Platform solutions

    • Payment Protection
    • Account Defense
    • Dispute Management
    • Content Integrity
    • Sift Connect
    • Passwordless Authentication

    Sift innovations

    • PSD2 Solution
    • New Releases & Enhancements
  • Industries

    One solution, any industry

    Learn how Sift can work for your industry

    Learn more

    Featured Industries

    • Fintech
    • Payment Service Providers
    • Retail
  • Customers

    Case studies by industry

    See how leading brands succeed with Sift

    Learn more

    Featured Customers

    • DoorDash
    • Uphold
    • Paula’s Choice
  • Partners
  • Fraud Center
  • Resources

    Fraud-fighting resources

    Explore fraud trends and insights

    Learn more

    • Blog
    • Demos
    • Infographics
    • Ebooks & Reports
    • Videos
    • Podcasts
    • One-Pagers
    • Webinars
    • Trust & Safety University
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more

    Our mission: Help everyone trust the internet

    • About
    • Careers
    • News & Press
Request a demo
Products
  • Digital Trust & Safety Platform
  • Payment Protection
  • Account Defense
  • Dispute Management
  • Content Integrity
  • Sift Connect
  • Passwordless Authentication
  • PSD2 Solution
  • New Releases & Enchancements
Industries
  • Fintech
  • Retail
  • Payment Service Providers
Customers
Partners
Fraud Center
Resources
  • Blog
  • Ebooks & Reports
  • One-Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Company
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a Demo Sign In
  • Blog Home
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

News roundup 5/6: Fraudsters target e-commerce, hackers find an ADP loophole, & more

By Sarah Beldo  / 

6 May 2016

By 2020, online payment fraud could be worth $25.6B

We’ve heard it (many times) before, but new findings from Juniper Research are raising warning bells again: the introduction of EMV in the U.S. is pushing more fraud online. A new study from the research firm claims that by the end of the decade, the value of fraudulent online transactions could double – from $10.7 billion to $25.6 billion. To put it another way, $4 out of every $1,000 will be fraud.

fraudsters

E-commerce retailers, we’re afraid the news isn’t pretty. Juniper predicts that eRetail will make up 65% of fraud by value, at $16.6 billion. E-gift cards are a particularly vulnerable area (sounds familiar – at Sift Science, many of our customers, like OpenTable, use us to prevent exactly this type of fraud). Meanwhile banking will make up 27% ($6.9 billion) of fraud by value in 2020, and airline ticketing will be at 6% ($1.5 billion).

Crafty fraudsters get a hold of ADP tax and salary data

There’s always a loophole, right? That’s what fraudsters and cybercriminals are banking on when they go in search of data they can exploit and resell. This time, hackers used a public-facing corporate ADP website – plus some handy personal data – to get a hold of tax and salary data, security researcher Brian Krebbs reports.

So, what happened? Basically, ADP offers an external website to corporate clients – and employees access it for the first time using a special code. In the case of more than a dozen clients (including U.S. Bank), hackers got a hold of these codes, and then used them – in conjunction with personal information from other sources – to register as first-time users. They were then able to view and download W-2 forms.

For the record, ADP told CNN Money that “publishing unique registration codes to an unsecure website is not common practice.” The payroll company added, “ADP actively advises against this practice, notifies clients of the potential risks, and has temporarily disabled access to the registration portal for those clients that continue to publish company registration codes in this fashion.”

Cybersecurity? People are the problem

Speaking of which…technological advances can only do so much when it comes to cybersecurity. According the Verizon 2016 Data Breach Investigations Report, the biggest vulnerability is good ol’ human nature.

First of all, the average company is not staying on top of fixing stuff. In fact, 85 percent of successful breaches resulted from the top 10 known vulnerabilities. Yikes. Another area where most folks continue to fall short is passwords – 63% of exploits could be traced to using weak, default, or stolen passwords.

Although ransomeware was highlighted as a rising area of concern (up 16%), some tried-and-true methods of attack are gaining strength. For example, phishing. Despite multiple warnings about suspicious emails, Verizon reveals that recipients opened 30% of phishing messages they received – and 13% even clicked on the attached file or link. Surprised? There’s been more research lately suggesting that phishing isn’t just for fooling the n00bs or easily duped. Never let down your guard!

Related

cybercrimee-commercefraud

Sarah Beldo

Sarah Beldo was the Director of Content Marketing at Sift.

  • < prev
  • Blog Home
  • next >
  • Company
  • About Us
  • Careers
  • News & Press
  • Partner With Us
  • Blog
  • Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
  • Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
  • Social

Don’t miss a thing

Get industry trends, insights, and actionable fraud-fighting tips.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.
Do Not Sell My Personal Information

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift Science, Inc. All rights reserved. Sift and the Sift logo are trademarks or registered trademarks of Sift Science, Inc.
Privacy & Terms

Secure your business from login to chargeback

Stop fraud, break down data silos, and lower friction with Sift.

  • Achieve up to 285% ROI
  • Increase user acceptance rates up to 99%
  • Drop time spent on manual review up to 80%
Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.