Andrew Sever is the CEO of Sumsub, a full-cycle verification platform that secures the whole user journey.
AI and digitalization have boosted business growth, but they’re also posing new risks. I’ve already explained why know-your-customer (KYC) approaches alone can’t keep you safe anymore (spoiler: 70% of fraud activity occurs past the onboarding stage). This time, let’s take a closer look at the six most threatening fraud trends you should be aware of in 2024.
Six Most Threatening Fraud Trends
1. AI-Generated Fraud
According to the results of our internal research, published in Sumsub’s 2023 report, deepfakes increased over 10 times between 2022 and 2023. The most impacted regions were North America and Asia-Pacific, showing an increase of 1,740% and 1,530% respectively.
Rapidly growing AI fraud is leading to huge losses. Recently, a Hong Kong multinational lost over $25 million when AI was used to impersonate the company’s CFO. According to the police, this crime was pulled off using deepfake technology.
Unfortunately, we can expect more AI-generated fraud on the horizon. For example, the technology can be used to impersonate legitimate financial institutions, deceiving victims into sending payments to them. According to Visa, 1 in 3 consumers is a victim of such a scheme, called authorized push payment (APP) fraud. This scheme resulted in customers’ total losses of 239.3 million pounds (approximately $303 million) in the first half of 2023.
Regulators worldwide are confronting the spread of AI-generated fraud. The U.K. is developing its AI white paper, and the EU has recently passed the EU AI Act, to name just a couple.
2. Fake IDs
Generative AI technologies are also leading to an increase in forged identity documents, with fake IDs up by 163% in growing markets. Creating fake IDs is now easier than ever, with websites like OnlyFake that create believable fake IDs in minutes. These services are frighteningly cheap, which now means that anyone can create a fake ID in no time.
Moreover, fake IDs made on sites like OnlyFake are managing to fool KYC systems. A 404 Media article reported that an OnlyFake-generated ID passed verification at OKX, a crypto exchange. This is why it’s essential for companies to go beyond simple KYC checks, implementing advanced technologies that can spot AI-generated images throughout the customer life cycle.
3. Money Muling
Money muling is when criminals use other peoples’ legitimate banking credentials to launder illicit funds—and cases are on the rise. In 2023, Europol identified 10,759 money mules and 474 recruiters, totaling 100 million euros in reported losses. In the U.S., one person single-handedly managed to launder over $2.8 million over three years on behalf of a fraudster he met online.
We expect money muling cases to continue growing worldwide, with young people being especially vulnerable. According to U.K. nonprofit Cifas, 23% of reported money muling cases involved individuals under 21.
Still, there are ways that businesses can fight back against money muling. To start, consider risk-scoring applicants, analyzing users’ behavior and monitoring transactions.
4. Account Takeover
Sumsub’s internal statistics show that global account takeover cases grew by 155% in 2023. Just recently, Ripple co-founder Chris Larsen had his personal accounts hacked, leading to losses of $112 million. Luckily, Larsen spotted the takeover quickly and notified authorities. Often, however, the outcome can be even worse, with grim consequences across all industries.
There are two key contributing factors to increased account takeovers: human vulnerabilities (e.g., when a person actually believes a scammer and falls victim as a result) and weaknesses in platform ecosystems (e.g., absence of additional authentication checks), which allow criminals to steal virtually any account. To fight back, we need to widely implement multifactor authentication, biometric checks, login attempt limits, notifications to account owners over suspicious behavior and IP address monitoring.
5. Forced Verification
This is when someone goes through verification against their will. They may be unconscious (sleeping, for example) or physically forced to enter the platform under threat of violence. Although this scheme isn’t as widespread as the others, our internal statistics showed that, from 2022 to 2023, forced verification increased by 305%. These cases usually can be spotted through a liveness check—or by detecting suspicious background noises and atypical user behavior.
6. Fraud Networks
Also known as fraud rings, fraud networks are detected when there are interconnected groups of people who commit fraud together. Sumsub internal data shows that in 2023, an average of 1% of global users of digital platforms or services belonged to fraud networks. They may be found anywhere in the world, but regional differences are noticeable: In Europe and the Americas, the percentage of users involved in fraud networks is only 0.3%, whereas in Asia, it’s 2.6%. To spot fraud rings, businesses should use AI-driven methods of detecting suspicious user behavior, transactions and applicants’ connections.
Conclusion
Detecting fraudulent activities is a difficult task. That’s why companies need to secure the entire user journey instead of simply focusing on the onboarding stage. They should create comprehensive fraud prevention strategies that go beyond traditional KYC solutions. The complex approach has to consist of behavioral anti-fraud measures, transaction monitoring and support from a legal team. This should go hand in hand with providing regular employee training and employing advanced user authentication methods.
Moreover, companies should implement machine learning algorithms, which can analyze vast datasets and spot fraudulent activities where humans can’t. This way businesses will be able to fight AI-driven fraud by implementing AI-powered solutions, making it more difficult for fraudsters to bypass the security systems. If all of this gets implemented properly, securing the system from every angle, it’s more likely that fraudsters won’t be able to succeed in their endeavors.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
