Spotlight Series
Money Movement
Trust & Security
Inclusive Growth
Data and Insights
No Results Found
Relevance Date
Spotlight Series
Money Movement
Trust & Security
Inclusive Growth
Data and Insights

How to use Visa Navigate

Swipe down to share

Swipe left or right to next page

Swipe up to read

Would you like to continue to open links from Visa Navigate in the default mail app or switch to Microsoft Outlook (if installed)?

Keep using the Default
Use Microsoft Outlook

Visa Navigate

November 2024

 

5 - 7 Minutes

Unveiling Emerging Risks and Trends: Highlights from Visa's Biannual Threats Report

Visa's Biannual Threats Report provides an overview of the top payments ecosystem threats within the past six-month period (January – June 2024) as identified by Visa Payment Fraud Disruption (PFD).

In the December 2023 Biannual Report, Visa PFD noted an interesting shift in threat actors’ organization, access to tools, and target choice, with threat actors increasing in their scope of abilities and sophistication given advances in technology. The past six month period saw a continuation of these expanding trends in cross-sector collaboration and ingenuity, with a specific targeting two aspects of the ecosystem:

  1. System misconfigurations and vulnerabilities
  2. Cardholders

Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes. An example of this impact is the erroneous approval of fraudulent transactions. These transactions are approved due to a mishandling of the authorization process and are used to initiate Purchase Return Authorization (PRA) attacks. Visa PFD opened a record number of PRA investigations over the past six months, an 81% increase from the previous six-month period. Per successful attack, each of these fraud operations have resulted in potential losses of nearly US$184K for Visa’s issuing partners.

Enumeration attacks remain a popular vector for threat actors to validate and compromise payment credentials, resulting in significant follow-on fraud. Over the past six months, the US region increased as the most heavily targeted region from the issuing side (58% of total issuer enumeration, increase of 16% from the same period in 2023), but decreased from the acquiring side (61% of total acquiring enumeration, decrease of 3% from the same period in 2023).

From January through June 2024, Visa PFD continued to identify ransomware and data breach attacks that were opportunistic in exfiltrating data. Overall, Visa PFD observed a 12.3% decrease in the number of individual ransomware and data breach incidents tracked by the team as compared to the prior six-month period, within this figure, Visa PFD identified a continued trend of targeting of third-party service providers, as Visa PFD observed a 24% increase from the previous six-month period in third-party service provider cases.

Digital skimming attacks remain prolific and consistent threats to the payments ecosystem. Over the past six months, the number of compromised websites detected by PFD remained relatively consistent. The expansion and use of Artificial intelligence (AI) technology remains a top interest for threat actors. Visa PFD continues to track threat actors’ interest in use of AI technologies to facilitate fraud and continues to note spikes in the volume of threat actor discussions in underground communities related to the release of new AI technology to public and underground marketplaces.

As threat actors are targeting identity data to perpetrate various fraud schemes, Visa PFD is identifying malicious enrollments and registrations of prepaid payment accounts. In addition to identifying individual instances of fraud, Visa PFD noted trends in registration information, which has resulted in the identification of larger fraud rings. Equally, threat actors are also increasingly turning their focus to cardholders, using advanced social engineering techniques to facilitate elaborate and well-designed scams.

Over the past six months, Visa PFD identified new scam tactics targeting retailers’ digital wallet programs, evolved and increasingly complex impersonation scams, and a continuation of targeting authentication data, such as onetime passcodes (OTP). An interesting and seemingly contradictory tactic to the scams using innovating technology is the identified uptick in physical theft of cards and devices, with some threat actors turning back to the use of cardpresent transactions using physically stolen EMV® chip enabled cards.

In response, the Visa Risk Operations Center (ROC), Visa’s 24x7 team responsible for working in conjunction with clients to triage and analyze large-scale fraud-related incidents globally, implemented pre-emptive, targeted blocks in coordination with impacted organizations on 68% of these incidents to mitigate fraud without impacting legitimate transactions. These instituted blocks of presumed fraudulent transactions from January through June 2024 resulted in over 51.8M declined transactions for US$11.8B.

This report includes an overview of notable payment ecosystem threats, best practices to mitigate, prevent and disrupt these threats, and how Visa Risk is combatting these threats to better protect the entire payments ecosystem.

Stay current with the latest payments insights from Visa Navigate CEMEA - subscribe today.

All brand names, logos and/or trademarks are the property of their respective owners, are used for identification purposes only, and do not necessarily imply product endorsement or affiliation with Visa.

Read Next



East Meets West: key learnings from the rapid rise of mobile payments in mainland China

January 2019, The War for the Customer
Read More
Share
 

News & Views

January 2019, The War for the Customer
Read More
Share
 

Start-Up Stories: Epicery - bridging the digital divide

January 2019, The War for the Customer
Read More
Share