The 2018 Payment Threats and Fraud Trends Report provides an overview of the most important threats in the payments landscape, including:
- social engineering,
- advanced persistent threats (i.e. sophisticated targeted malicious attacks aimed to a specific individual, company, system or software, based on some specific knowledge regarding the target),
- mobile device related attacks,
- denial of service attacks,
- botnets (i.e. a network of private computers infected with malicious software and controlled as a group),
- threats related to cloud services and big data,
- threats related to internet of things
- threats related to virtual currencies
- multi-vector attacks.
For each threat, apart from a definition and description, an analysis is made on the impact and context and suggested controls and mitigations are described. A summary listing the threats with the corresponding main controls and mitigation measures is provided in an annex.
The report further contains a section that elaborates on card related fraud, automated teller machine (ATM) fraud, Credit Transfer () (including instant) and Direct Debit () fraud, while general conclusions are presented in a final section.
The report attempts to create awareness in order to allow stakeholders involved with payments to decide on possible mitigating measures to address threats.