EPC: 2019 Payment threats and fraud trends report

09 December 2019

The 2019 Payment threats and fraud trends report provides an overview of the most important threats in the payments landscape, contributes to the creation of awareness on payment threats and fraud trends, and to help payment stakeholders decide on possible actions.

Main threats included in report are:

• social engineering,
• malware,
• advanced persistent threats (i.e. sophisticated targeted malicious attacks aimed to a specific individual, company, system or software, based on some specific knowledge regarding the target),
• mobile device related attacks,
• denial of service attacks,
• botnets (i.e. a network of private computers infected with malicious software and controlled as a group),
• threats related to cloud services and big data,
• threats related to internet of things (IoTs),
• threats related to virtual currencies.

For each threat, apart from a definition and fraud description, an analysis is made on the impact and context while suggested controls and mitigations are described before some final conclusions are made. A summary listing all the threats with the corresponding main controls and mitigation measures is provided in an annex to the document.

The description of the threats is followed by a section that elaborates on card related fraud, automated teller machine (ATM) fraud, SEPA Credit Transfer (SCT) (including instant) and SEPA Direct Debit (SDD) fraud. It also contains a section that explains how fraudsters monetise their illegal gains. A final section presents the general conclusions of this report.

The report attempts to create awareness amongst stakeholders involved with payments to allow them to decide on possible mitigating measures in this respect.

Full news on EBF

Full report on EPC

© EPC