Deep fake technology for identity fraud: This technology will be used to attack call centers and for business email compromise scams.
ID Mules: Identity mules are real people who wish to boost their credit score, new-to-credit users like students and immigrants who wish to build a good FICO score, etc. They’ll knowingly or unknowingly give their identity to cyber criminals to open fake accounts. The result may be similar to current synthetic ID schemes but based on a completely legit starting point.
FinTech companies will be the next big target: The fintech sector, which has largely escaped the abuse of fraudsters, will begin to see a sharp increase in online fraud.
Chatbot and voice assistance payment fraud will rise: As soon as these 24/7 convenience technologies begin to functionality that can move money from a user’s account – they’ll be targeted by criminals and will need to be protected against account takeover.
P2P fraud increases: P2P attacks will escalate as social engineering imposters will be at the receiving end of P2P money transfers. This will result in real users suffering from higher friction as fraud levels surge.
Business Email Compromise will include more Direct Deposit Fraud: A fraudster will trick an HR or Payroll employee to update direct deposit information in order to re-route an employee’s paycheck.
The US will join the UK to protect authorized push payment victims: Victims in authorized push payment scams will get their money back, even if the victim was somehow at fault.
Wire fraud grows and becomes harder to detect: FBI data shows a 700% growth in this area over the last five years.
Account takeover will increase: Account takeover is essentially doubling each year as criminals become more technically savvy and automated. For example, mobile account takeover through SIM swap fraud doubled from 360,000 cases to more than 680,000 cases in a year. With billions of records being leaked each year online, cybercriminals are using sophisticated bots to automate account takeover attempts.
Fraud makes its way into pop culture and social networks: Popular culture and social media are making fraudulent methods more common and easier to access, leading to more fraud attacks against banks, lenders and finance companies.
Synthetic identity will continue to rise: Synthetic identity theft is the fastest-growing financial crime in the US.
Fake check scams: Fake check scams are up 65 percent since 2015 and this trend will continue to rise. Most fake check scams involve a job offer, an income opportunity of some kind or involve selling items online.
Imposter scams rake in the most money: Phishing/Vishing/Smishing/Pharming are the methods used for the most profitable scams. This includes: BEC/EAC, Confidence Fraud/Romance and Spoofing.
Targeted ransomware attacks on the rise: In 2020, we will witness an increase of targeted ransomware attacks. Criminals will use the dark web to gather intelligence on employees and organizations with poor cyber hygiene.
IoT devices under attack: The huge number of IoT devices, along with the 5G networks roll out, will dramatically increase the number of attacks against smart devices.
AI-based attacks: Criminal hackers will use A.I. to adapt in real-time to the defense responses of the organizations they are attacking.
Compromised credentials and data breaches: Credential stuffing will become a popular money-making method for cybercriminals.
Cybercrime-as-a-service: Among the numerous services offered in the cybercrime underground, ransomware-as-a-service platforms, DDoS-for-hire platforms and spamming services will facilitate the emergence of new criminal organizations and speeds up the operations of existing ones.
Phishing kit developers will offer more refined products: Phishing kit developers will offer more refined products, further lowering the skill required to launch a phishing campaign. Attackers are improving the quality of their phishing campaigns by minimizing or hiding common signs of a phish.
Ransomware attacks: Ransomware developers will make their code more evasive so that they can establish a foothold in a system, encrypt more data without being noticed, and possibly scale operations to other networks.