When it comes to financial crime, most of us still have a quaint, old-fashioned mental image of the traditional bank robber. A group of shady-looking men would arrive in a getaway car and empty the safe. It was easy to see them coming, and when they left, we knew they were gone. They even looked like we expected: dark clothes, masks and weapons drawn. If only fraudsters fit that classic stereotype.
Thanks to technology today, so much of what we found familiar in previous decades – even crime – is being supplanted by the unfamiliar and unexpected. Financial criminals today are far more likely to sit behind computers, and it’s never possible to physically see them coming, let alone know where they’ve gone after they leave. It’s not even possible to assume they’ve left the premises, as many cyber-criminals leave traces on computer systems that allow them to continue bilking their victims indefinitely.
“I’ve Got a Laptop and I’m Not Afraid to Use It”
The modern financial criminal is a very different creature than in decades past. He or she is far more likely to be a member of an organized cybercrime ring rather than a lone wolf. Thanks to globalization, the criminals may even be on the other side of the world and be very skilled at hiding their digital tracks from law enforcement that simply isn’t able to or interested in pursuing financial scammers across international borders. These criminals hide behind computers, spoofed telephone numbers and “phishing” schemes in which spam is used to induce customers to reveal their personal details via e-mail or text.
Today, credit and debit card fraud represent 40 percent of all financial crimes, according to a Federal Trade Commission study completed last year. The remaining 60 percent of financial crime is made up of corporate financial crime, securities and commodities fraud, mortgage fraud, embezzlement, check fraud and insider trading. It is credit and ATM card fraud, however, that is most likely to touch the lives of ordinary Americans. Ten percent of Americans have already been victims of credit card fraud, with a significant portion of these crimes happening alongside identify theft. Other Americans have fallen victim to this type of crime through stolen credit and ATM cards, “phishing” via e-mail and SMS and telemarketing scams.
The Most High-Profile Debacles
While smaller breaches seem to happen on a daily basis, the previous year has seen a record number of very high profile crimes, including:
- In December of last year, retail giant Target was hit by a data breach that exposed the private financial information of 110 million customers. Information lost included credit and debit card numbers and personal customer details.
- In May 2014, eBay was targeted by hackers in a breach that resulted in the loss of personal financial information of 145 million people. The data exposed included encrypted passwords, customer names and e-mail addresses, mailing addresses, phone numbers and dates of birth.
- In September 2014, Google experienced a breach that risked exposure of five million user names and passwords that could be used to access customers’ private financial information.
- Also in September, Home Depot was hacked, losing 56 million credit and debit card numbers.
- In October 2014, financial giant JPMorgan Chase saw hackers run off with names, addresses, telephone numbers and e-mail addresses – the type of information that might be used to authenticate a customer’s identity – of 76 million people.
The Fallout
The results of these high profile data breaches have the potential to be enormous. Target was forced to lower its full-year 2014 earnings forecast because of the data breach, and there is no sign that the negative effects will end anytime soon. The company’s stock price has taken a large hit. The full fallout of the Home Depot breach, which targeted payment terminals, is yet to be known. The company has estimated that it may cost $62 million just to cover the costs of the investigation, credit monitoring service, call center staffing and other considerations, according to Forbes. Analysts are already predicting that Home Depot revenue could be affected for many quarters (if not years) to come. While the practical fallout from the JPMorgan Chase breach has yet to manifest, the company is already taking a barrage of criticism that it failed to notify customers and regulatory authorities in a timely way.
There’s More Than Money at Stake
While all these companies, and countless more that have been hit with smaller breaches, are feeling short-term financial losses, they have lost something that is potentially far more valuable: customer trust. Most customers are becoming accustomed to the process of receiving a letter in the mail and enrolling in credit monitoring due to data breaches. Wary customers may conduct fewer online transactions and be more likely to use cash in brick-and-mortar stores (which will inevitably lead to lower spending.) Promises of data security by companies will be met with customer skepticism unless organizations begin doing more than simply making promises they’re not sure they can keep.
It Will Only Get Worse
While computer security firm Symantec reports that many cyber-criminals are getting bolder and more sophisticated in their large-scale attacks, there is also evidence that small-scale, opportunistic financial crimes are on the rise as lone-operators look for the “low-hanging fruit” by targeting seniors, employing telemarketing scams and attempting to gain access to individual customers’ accounts.
In the next post in this series, we’ll discuss the ways fraudsters are specifically using contact centers to engage in financial crimes, and address the various ways companies can protect their organizations and their customers against this type of crime.
