National Cyber Security month: raising awareness of fraud in payments

Since October is National Cyber Security Month, we thought we’d put together an article on how businesses in this day and age should protect themselves and their customers against fraud.

While the data breaches like the one at British Airways get all the headlines (and the fines), for retailers the real risk is the downstream effect of these hacks. Overnight there is a new supply of clean credentials and credit card details available on the dark web ready and waiting to be used by fraudsters to attack legitimate businesses.

The two biggest trading days for retailers are also quickly approaching, with Black Friday and Cyber Monday seen as the perfect opportunity for fraudsters to use the volume of transactions to hide their illegal purchases.

So what should retailers look out for? When does fraud become a real problem? If you’re familiar with our podcast series, you may already know that we actively ask these questions to our guests to gain insights into different industries. So most of the commentary in this blog post is from our podcast series, which if you’re interested can listen to them here.

Is there enough discussion happening about fraud? Or is there’s a negative stigma towards the subject?

Fraud can be an intimidating topic. In the past businesses have tried to keep keep fraud on the down low, hoping it results in minimal reputational damage and no big headlines. Nowadays however, businesses need to be a lot more transparent with what’s happening and let their customers know of any security breaches and whether any personal credentials has been taken. This has opened up a lot more conversation on security.

Philip Green, former CFO of Deliveroo however disagrees: “I don’t think that there’s enough proactive discussion happening on fraud - it only gets discussed when someone recognises a problem.”

On the other hand, David Parker, CEO of Polymath Consulting believes that we should talk about the subject openly and acknowledge that it’s happening and focus on preventing it instead. “There’s not a negative stigma about fraud, people know it’s there and that it’s happening.

“And if you don’t want any fraud to occur, then you simply only have one option: to turn down every single transaction,” continues Parker.

“That’s not really an option for any business.”

How should businesses protect themselves around fraud?

Terry Runham, who was a founder of Hailo (he’s now left and works in Insurtech at IOMA), says that a start-up should “use experience and knowledge” in the fight against fraud.

“My advice would be - if you’re starting to see the fraud, then you’ve got a problem. Manual intervention can only go so far. Once your database of users becomes thousands and tens of thousands, you’re going to start seeing a lot more suspicious activity that you can’t deal with manually.”

Runham continues: “If your business model is 24/7 - you can’t sit in front of a computer and monitor it. You need a systems change.”

To retain revenue, businesses should know their customers, know their employees, know their assets and know their suppliers.

An article by Action Fraud UK states that “No business is too small to be targeted. This means that the revenue, reputation and long-term health of your business could be at risk unless you take action.”

And recent findings in PwC’s 2018 Global Economic Crime and Fraud Survey shows that while there is growing awareness of the perils of economic crime, too few companies are fully aware of the individual risks they face.

How has fraud changed over the years?

“I think as more and more business are online, there’s more fraud happening online for sure,” said Philip Green.

According to industry body UK Finance, the face of fraud has changed dramatically and the organised criminals behind it have become far more sophisticated.

“With fraudsters increasingly conning customers into divulging their details through scam phone calls, texts and emails, it’s vital the industry also does all it can to help people know how to stay safe,” UK Finance adds.

What are the long term strategies for defeating fraud?

“Building out a well-rounded smart team is key,” says Philip Green, ex-CFO at Deliveroo.

“When an e-commerce company first starts out, fraud isn’t actually that big of a deal. The company isn’t very well known. Once the brand becomes popular, fraud accelerates at an incredible pace. By the time you realise it’s a problem, it’s a huge problem.”

“Equally, fraudsters rob our peace of mind and confidence to conduct our business safely. And in these challenging times people’s confidence in our economy, at home – and abroad, has already been affected. This change of heart needs to be addressed,” she adds.

“A long term strategy for defeating fraud is knowing what’s in your data. The sooner you start the data gathering process the faster you’ll be able to spot it,” adds Philip Green.

To learn more about online payment fraud visit our insights page.