The 2019 Payment Threats and Fraud Trends Report provides an overview of the most important threats in the payments landscape, including:
- social engineering,
- advanced persistent threats (i.e. sophisticated targeted malicious attacks aimed to a specific individual, company, system or software, based on some specific knowledge regarding the target),
- mobile device related attacks,
- denial of service attacks,
- botnets (i.e. a network of private computers infected with malicious software and controlled as a group),
- threats related to cloud services and big data,
- threats related to internet of things (IoTs),
- threats related to virtual currencies.
For each threat, apart from a definition and fraud description, an analysis is made on the impact and context while suggested controls and mitigations are described before some final conclusions are made. A summary listing all the threats with the corresponding main controls and mitigation measures is provided in an annex to the document.
The description of the threats is followed by a section that elaborates on card related fraud, automated teller machine (ATM) fraud, Credit Transfer ( ) (including instant) and Direct Debit ( ) fraud. It also contains a section that explains how fraudsters monetise their illegal gains. A final section presents the general conclusions of this report.
The report attempts to create awareness amongst stakeholders involved with payments to allow them to decide on possible mitigating measures in this respect.