The “2021 Payment Threats and Fraud Trends Report” provides an overview of the most important threats and other “fraud enablers” in the payments landscape, including:
• social engineering,
• malware,
• advanced persistent threats (APTs),
• denial of service,
• botnets,
• monetisation channels.
For each threat, an analysis is made of the impact and context and suggested controls and mitigations are described. An overview matrix listing the threats with the main controls and mitigation measures is provided in Annex I.
The description of the threats is followed by a section that elaborates on how the identified threats impact payment-relevant processes: On-boarding/ Provisioning, Invoicing/ Request-to-Pay, Initiation/ Authentication, and Execution.
The types of fraud related to specific payment instruments (cards, Single Euro Payments Area (SEPA) schemes - SEPA Credit Transfer, SEPA Direct Debit, SEPA Instant Credit Transfer - and mobile wallets) and supporting schemes such as SEPA Request-to-Pay, are described in the following section while conclusions are presented in the final section.
The report attempts to create awareness amongst stakeholders involved in payments to allow them to decide on possible mitigating measures to prevent fraud.