• Friday, May 24, 2024
businessday logo

BusinessDay

Visa report underscores importance of cybersecurity amid shifting threats

Stakeholders back Tinubu on suspension of cybersecurity levy

A new report by Visa – digital payments company has highlighted the importance of cybersecurity amid shifting threats.

The report shared an updated look at how fraud has evolved since the height of the pandemic, with criminals simultaneously targeting online and offline vulnerabilities as lives return to a blend of in-person and e-commerce experiences.

“As in-person commerce returns to pre-pandemic levels, crooks are back to exploiting the physical points of vulnerability in stores, while continuing to capitalize on e-commerce through malware, ransomware, and phishing attacks, among others,” said Paul Fabara, chief risk officer at Visa in a statement.

“In fact, we continue to see high rates of skimming, growing over the already elevated levels of the winter of 2021, where fraudsters are jumping on the rise of in-person activity,” Fabara added.

Read also:Nicole Perlroth: Making sense of cybersecurity reporting

Two new pieces of research – the latest Visa Biannual Threats Report and an MIT Technology Review Insights study ‘Moving Money in a Digital World,’ released recently in partnership with Visa – highlight new and returning threats to the post-pandemic economy.

While fraud early on during the COVID-19 pandemic was concentrated on online scams, in-person attacks are now trending higher as criminals widen their scope to once again capture physical targets.

The past year experienced an increase in card-present threats such as physical skimming on ATM and point-of-sale terminals – a trend that will likely persist. For instance, from June – November 2021, Visa saw a 176 percent increase in physical skimming devices over the previous 12-month period.

Still, the digital commerce environment – vastly accelerated by the pandemic – remains the richest target for cybercriminals.

Nearly three-fourths of fraud and data breach cases investigated by Visa’s Global Risk team involved e-commerce merchants, often social engineering and ransomware attacks. Digital skimming attacks targeting e-commerce platforms and third-party code integrations are common.

According to Visa, these attacks shine a light on the need for stringent security controls on merchant websites and checkout pages, ensuring external code is not enabled in sensitive cardholder environments.

Similarly, 42 percent of respondents in the MIT Technology Review Insights report say security measures are important for their customers, with 59 percent acknowledging that cybersecurity threats are the biggest challenge to expanding digital payments.

Many are prioritizing advanced security capabilities like digital tokens (32 percent), artificial intelligence and enhanced authorization (43 percent).

Beyond attacks on traditional currency, threat actors are employing new tactics to defraud cryptocurrency users, including new malware focused on browser extension wallets for crypto users as well as innovation in phishing and social engineering schemes.

Crypto bridge services are also a target. From January through February 2022, three sizeable thefts exploiting vulnerabilities in various bridge services netted cyber thieves over $400 million.

While cybercrime persists, Visa has increased its efforts to mitigate fraud. Over the past five years, Visa has invested more than $9 billion on network security. Visa employs more than a thousand dedicated specialists protecting Visa’s network from malware, zero-day attacks and insider threats 24x7x365.

Also, Visa deploys AI-enabled capabilities and always-on experts to protect its ecosystem, proactively detecting and preventing billions of dollars of attempted fraud.

In addition, Visa’s real-time monitoring with AI blocked over $4.2 billion in fraudulent payments volume in the last 12 months, preventing many from ever knowing they were at risk of a potentially fraudulent transaction.