We now read about data breaches happening more frequently and on a larger scale that affects more and more people. And it’s not just retailers that are in the crosshairs of cybercriminals.
Other industries, such as government, health, insurance, financial services, and travel, are also vulnerable to cybercrime. For instance, private health insurers such as Anthem and Premera have joined the ranks of businesses that have fallen prey to hackers.
With tax season fast approaching in the U.S., many people are concerned about a high number of false state income tax returns that have already been submitted using Intuit’s TurboTax software. Although Intuit claims that it did not suffer a data breach, the fact that there has been an increase in suspicious filings is disconcerting. As a result, the Internal Revenue Service (IRS) has begun issuing written letters to taxpayers asking them to verify their identities using a secure IRS website.
What can businesses and organizations do to protect themselves from the impending onslaught?
Fortunately, there are some tell-tale indicators that can help businesses and organizations to detect possible fraud. CRN and Visa have provided lists of warning signs. Here is a compilation of the most helpful tips:
New order from firstname.lastname@example.org!
Make sure that the contact email address matches the domain name for the company placing the order. Watch for clever variations in domain name spellings that could be used to trick you, such as an extra dash or other character.
Can I call you back?
Scammers can now easily create phone numbers that use the same area code as legitimate companies, thanks to technologies like Voice over IP (VoIP). If you have cause for suspicion, it always pays to call back the number given to make sure.
How old is the website?
If a company website is given, check to see when the domain name was registered. Fraudsters will often set up new websites to make it appear as though their company has been operating for some time.
Where was the website registered?
Find out where the website domain is registered. If a company is not multinational, be wary of domain registrations from foreign countries. Fraudulent companies often make use of offshore or privately hosted sites.
All your base are belong to us!
Many scams originate in countries where English is not the first language. A very poorly-written email in broken English is often a good indicator that you are dealing with someone trying to rip you off.
I want it yesterday!
To avoid being caught in the act, fraudsters will often aggressively insist on expedited shipping on their orders. That way, they can quickly receive their goods and disappear before the fraud has been detected.
A quick way to check if a mailing address is legitimate is to look it up using Street View in Google Maps. If the order is supposedly from a big company, and the address appears to be a residential building, watch out.
Everyone’s got a history.
Sometimes a customer may be hiding a shady past. For example, they may claim to be an established multimillion dollar company, but a bit of research on the corporate website may reveal that they recently changed their line of business and contacts. This could indicate that the company is struggling and looking for lines of credit with no intention of repaying them.
Let’s roll the dice!
Fraudsters may try to use computer-generated accounts, resulting in transactions with similar-looking account numbers.
All roads lead to Rome.
Businesses should watch for a high number of cards being used from the same Internet address, since it could be a fraud scheme.
It is important to keep in mind that spotting any single one of these behaviors does not necessarily mean that online fraud is taking place. However, when businesses and organizations notice several of them at any given time, proceed with caution.
Online identity verification (IDV) is an effective tool for fighting online fraud. By using frictionless online IDV, businesses and organizations can increase their acceptance rates for new customers and users, keeping the bad guys out while allowing legitimate customers in without burdening them.
Not only does IDV help detect identity fraud and theft, but businesses can also verify mailing addresses. Address verification is another step that businesses and organizations can take to ensure that written communications are being delivered to the correct people, as in the case of the IRS attempt to verify taxpayers.
As occurrences of online fraud become increasingly common, businesses and organizations need to become more savvy and aware of the warning signs to avoid becoming the next victim. Taking the necessary precautions, such as using identity verification and training staff, can mitigate the risk.
Do you have any tips to share on how businesses can better prepare for online fraud?