The 2018 Payment Threats and Fraud Trends Report provides an overview of the most important threats in the payments landscape, including:

  • social engineering, 
  • malware, 
  • advanced persistent threats (i.e. sophisticated targeted malicious attacks aimed to a specific individual, company, system or software, based on some specific knowledge regarding the target), 
  • mobile device related attacks, 
  • denial of service attacks, 
  • botnets (i.e. a network of private computers infected with malicious software and controlled as a group), 
  • threats related to cloud services and big data, 
  • threats related to internet of things
  • threats related to virtual currencies
  • multi-vector attacks. 

For each threat, apart from a definition and description, an analysis is made on the impact and context and suggested controls and mitigations are described. A summary listing the threats with the corresponding main controls and mitigation measures is provided in an annex.

The report further contains a section that elaborates on card related fraud, automated teller machine (ATM) fraud, Credit Transfer ( ) (including instant) and Direct Debit ( ) fraud, while general conclusions are presented in a final section.

The report attempts to create awareness in order to allow stakeholders involved with payments to decide on possible mitigating measures to address threats. 

Document download