The state of transactional fraud report

How prepared are CCaaS and CPaaS providers?

How prepared are CCaaS and CPaaS providers?

The surge in transactional fraud

Fraud is an umbrella term covering a great variety of tactics used to exploit companies’ and customers’ vulnerabilities. As interactions between customers and companies evolve and take different forms – calls, A2P, rich messaging, chatbots – so do the ways in which fraudsters can get the better of users to obtain sensitive information.

  • The results show that this is, in fact, the case. CCaaS and CPaaS providers are experiencing a significant increase in fraud attempts. An overwhelming 63% of respondents say their business has been the victim of a transactional fraud attempt in the last 12 months.

  • In the face of rising fraud, companies are gearing up to increase their fraud protection efforts: the vast majority (80%) of respondents say that fraud prevention will be a more important issue for their company in the next 24 months. This is especially true in companies with 500+ employees, 84% of whom say fraud prevention will be a more important issue in the next 24 months – unsurprising considering the volume of fraud large companies have to face.

Fraud, the great shapeshifter

New fraud techniques emerge on a seemingly daily basis, but the old “classics” of the genre remain popular. Identity theft and smishing/phishing – long-time online fraud techniques – were familiar to the vast majority of respondents.

  • There seems to be a direct correlation between how known a type of fraud is and how concerning companies find it. The most dangerous types of fraud were:

  • fraud

    Identity theft (77%)

  • SMS_fraud

    Smishing/phishing (65%)

  • fraud_prevention-analytics

    Account takeover (55%)

  • These results were largely unanimous across geographies and age groups. There is a slightly bigger split between seniorities: business owners are equally concerned by identity theft and smishing/phishing, while for senior managers, identity theft is overwhelmingly the most concerning type of fraud.

Understanding AIT fraud

Some types of fraud are understood to be dangerous. Others are almost completely unknown and, therefore, represent a larger risk.

  • IoT_fraud_white

    Artificially Inflated Traffic (AIT) consistently ranked as the least well known and the least cause for concern across age groups, seniority, and service types.

  • The results might come as a surprise considering the significant mark AIT has already left on the industry, and the tech sector in general.

    This points to one of the greatest issues in today’s fraud protection landscape. New and increasingly dangerous types of fraud are arising almost every day, with fraudsters devising creative ways and exploiting companies’ vulnerabilities for their gain. It is nearly impossible to stay on top of fraud trends and remain protected against new forms without expert help.

What is AIT?

Artificially Inflated Traffic (AIT) or SMS pumping is a technique used by fraudsters to create large volumes of traffic via mobile apps or sites. Fraudsters design bots to create fake accounts, which then trigger OTPs (one-time passwords) to be sent to mobile numbers. A third party is then used to intercept the inflated traffic without delivering messages to the end-user. Together, they claim the revenue, while the affected company reports losses.

Artificially Inflated Traffic (AIT)

Take action against fraud