With more payment options becoming readily available, fraudsters and hackers are now committing a variety of crimes to try and steal confidential payment information. Unfortunately, the damage caused by fraudsters and hackers can cause detrimental harm to businesses of all sizes.
Let’s take a further look at some of the main ways fraudsters and hackers are attacking the payments industry.
Probably the most prominent form of a security threat is a data breach. Data breaches are incidents where confidential, sensitive information is stolen or used in a malicious manner that is unauthorized. Typical information that is stolen within the payments industry includes:
- Social Security Numbers
- Date of Birth
- Member Identification numbers
- Banking Account numbers
- Credit/Debit Card Information
- Claims information
Many are under the impression that larger businesses are more susceptible to a data breach, when in reality small businesses are the most likely to experience a breach. In fact, 71% of security breaches target smaller businesses. Of these small businesses, 67% of the breaches that occur happen to restaurants and retailers.
There are two main reasons small businesses pose a higher risk for experiencing a data breach. First, many small businesses use outdated technology and struggle with the financials of upgrading their payment technology on a consistent basis. Out of all payment solutions, outdated terminals create the largest security risks. Second, small the medium sized businesses fall at a higher risk of employee’s not updating passwords, clicking on emails with attachments that have malicious software, or leaving payment equipment unattended.
Another main payment security threat that can cause detrimental damage is identity theft. Identity theft happens when an unauthorized person obtains access your personal information and exploits the information for their own personal gain. Examples include stealing ones social security number or opening a credit card or loan in someone else’s name. The information obtained can be used to steal merchandise and services in the name of the victim. In extreme cases, a fraudster may provide to police false identification and leaving either outstanding arrest warrants or forming a criminal record of the person whose identity was taken.
Take a look at some statistics referring to identity theft:
- During 2016, 15.4 million U.S. consumers fell victim of identity theft with over $16 billion stolen.
- Within the past 6 years, over $107 billion has been stolen by identity thieves.
- The main forms of identity theft fraud are employment or tax-related fraud (34%), credit card fraud (32.7%), or phone fraud (13.1%).
Ransomware occurs when hackers send out e-mails that look to be normal and legitimate, but actually contain malicious links or attachments upon opening. After a user downloads or clicks on the items, the malware compromises the computer hardware and the user no longer has access to their computer. Hackers will then send out a ransom request ranging from a small amount up to thousands of dollars in order to obtain access to the computer hardware again.
Here are some statistics regarding the damage ransomware can cause:
- During 2016, approximately 48% of businesses experienced a ransomware attack.
- Every 40 seconds, a business is hit with a ransomware attack.
- The main industries to experience a ransomware attack are Education (23%), IT/Telecommunications (22%), and Entertainment/Media (21%).
- 1 in 4 companies that have over 1,000 employees will fall victim to a ransomware attack.
- The average ransom demand in 2017 was $1,077.
Since a variety of payment threats still remain a constant issue, it’s imperative for businesses and consumers alike to remain diligent at keeping their personal information confidential and practicing safe payment techniques. Doing so will ensure the safety and protection of their business and/or identity long-term.