Visa has unveiled its Holiday Edition Threats Report which anticipates heightened scam activity during the holiday season across both card-present (CP) and card-not-present (CNP) transactions.
The new report identifies popular fraud tactics expected between November 2023 and January 2024 due to the rapid increase in ecommerce activities and in-person spending across retail and hospitality. Visa also recently released its list of top 10 habits consumers can follow to practice safe and secure shopping.
Historical data and transactions show that threat actors prey on consumers during the holiday season. In fact, Visa’s data shows that for the top merchant categories targeted by fraudsters, 2022 holiday fraud rates increased 11% over their non-holiday fraud rate – and saw an increase of 8% over the previous year during this time. The Holiday Edition Threats Report warns that threat actors will seek to exploit consumers’ increased interest and urgency in finding deals and one-of-a-kind gifts.
Highlights of the report’s findings include:
Phishing and Social Engineering: The advancement of artificial intelligence (AI) over the past year provides threat actors with the ability to create highly customised phishing campaigns, making it harder for consumers to spot fakes. Fraudsters also create phishing websites, often using malvertising (malicious advertising) and other illicit search engine optimisation (SEO) tactics on retail or service websites to entice victims.
OTP Bypass and Provisioning Fraud: Visa identified many one-time-passcode (OTP) bypass schemes to gain access to cardholders’ accounts. In this scheme, OTP templates are sent to the consumers that appear to be associated with desired purchase.
Physical Theft: Threat actors may attempt to physically steal payment cards and/or phones from unsuspecting consumers in crowded retail stores, shopping malls, or parking lots.
“Crooks prepare all year for the holiday shopping season, taking advantage of increased activity and consumers who let their guard down searching for the perfect gift,” says Paul Fabara, chief risk officer at Visa. “At Visa, we are committed to security and reliability with a promise of 24/7 threat monitoring, even during the busiest time of the year. Consumers can rest easy this holiday season knowing Visa’s team of experts is working around the clock to stop fraud in its tracks.”
10 Habits to Help Consumers Shop Securely
Visa’s10 Habits for Good Security Hygiene can guide consumers who are planning to shop this holiday season on best practices to stay safe. Key highlights from Visa’s tips include:
Shop from Reputable Retailers: Stick to trusted and well-known retailers. If you’re considering a purchase from a store, you’re not familiar with, do some research to check their reputation and authenticity.
Secure Your Personal Information: Make sure the website uses secure technology. When at the checkout, the website address should start with ‘https://’. The ‘s’ stands for secure and means that your data is being encrypted and sent over a secure connection.
Always Check Details in the OTP Message: Before entering the OTP, verify the purpose of the OTP (eg. is it for a purchase or issuance of a device token) and review the purchase details such as the merchant name and transaction amount. Finally, you should not be disclosing your OTPs over the phone, email, or messenger.
Avoid Public Wi-Fi for Shopping: Public Wi-Fi networks are often unsecured which makes it easier for hackers to steal your information. Always use a secure, private Internet connection when you’re making purchases.
Beware of Deals That Are Too Good to Be True: Offers on websites and in unsolicited emails can often sound too good to be true, especially extremely low prices on hard-to-get items. Consumers should be suspicious of such deals, as they often are.
Visa says security and reliability is a top priority year-round. Over the past five years, the company has invested more than $10-billion in technology including to reduce fraud and increase network security. More than a thousand dedicated specialists protect Visa’s network from malware, zero-day attacks, and insider threats 24x7x365.
In fact, in the first six months of 2023, Visa helped to proactively block $30-billion in fraud, preventing many from ever knowing they were at risk of a potential fraudulent transaction. It says it encourages consumers to stay alert during this season and think about where they are shopping and who they are sharing their information with to keep it safe.