The 2018 Identity Fraud Study released by San Francisco-based Javelin Strategy & Research, revealed that the number of identity fraud victims increased by eight percent (rising to 16.7 million U.S. consumers) in the last year, a record high since Javelin Strategy & Research began tracking identity fraud in 2003.
The online survey of 5,000 U.S. consumers found that despite industry efforts to prevent identity fraud, fraudsters effectively altered course to net 1.3 million more victims in 2017, with the amount stolen rising to $16.8 billion. With the adoption of EMV cards and terminals, the types of identity fraud continued to swing to online and away from brick-and-mortar stores. Crooks are beginning more new accounts as a means of compromising accounts consumers already have.
While credit card accounts remained the most prevalent targets for new account fraud, there was substantial growth in the opening of new intermediary accounts, such as email payments and other internet accounts by fraudsters. These accounts help fraudsters transfer funds from the existing accounts of their victims.
The study also found for the first time ever, Social Security numbers (35 percent) compromised more than credit card numbers (30 percent) in breaches. Data breaches cause consumers to shift the perceived responsibility for preventing fraud from themselves to other entities, such as their financial institution or the companies storing their data.
The study found four significant trends:
- Record high incidence of identity fraud. In 2017, 6.64 percent of consumers became victims of identity fraud, an increase of almost one million victims from the previous year. non-card fraud and account takeover drove this increase.
- Account takeover grew significantly, tripling over the past year, reaching a four-year high. Total ATO losses reached $5.1 billion, a 120 percent increase from 2016. Account takeover continues to be one of the most challenging fraud types for consumers with victims paying an average of $290 in out-of-pocket costs and spending 16 hours on average to resolve.
- EMV is driving more fraudsters to seek online channels for fraud. Card Not Present Fraud is now 81 percent more likely than point of sale fraud.
- Fraudsters are getting more sophisticated in their attacks and using more complex and difficult to detect monetization schemes. One and a half million victims of existing account fraud had an intermediary account opened in their name first.
With rising fraud incidence and extensive media coverage of the Equifax breach, the proportion of consumers who are concerned about fraud rose from 51 percent in 2016 to 69 percent in 2017. Breaches rank at the top of identity-related threats facing consumers according to those surveyed. Javelin found 63 percent of consumers report that they are ‘very’ or ‘extremely’ concerned about the threat of breaches, but many are unsure that they have the ability to effectively protect themselves. Cynicism about breach notifications rose dramatically, with 64 percent of breach victims indicating they believe that breach notifications do little to help protect them and are principally about providing legal cover for the breached company. All of this combined, caused consumers to shift the perceived responsibility for preventing fraud from themselves to other entities, such as their FI or the companies storing their data.