Cybercriminals are increasingly exploiting the latest technologies in their efforts to gain access to products, services or information. Mobile spoofing is one such tactic that has become a growing threat to organizations of all sizes. As more and more companies report extensive data breaches, you may wonder – does a data breach have any link to the rise in mobile spoofing attacks? A recent study by ThreatMetrix says yes. Cybercriminals are increasingly performing transactions while impersonating those individuals whose personal details have been exposed in data breaches – and more than ever in a mobile environment.
ThreatMetrix found that mobile spoofing or impersonation attacks are now the most common threat – especially when it comes to new account creation. Mobile spoofing using data obtained in a breach continues to be a risk for organizations, especially financial institutions. So, what does this all mean?
First of all, what is Mobile Spoofing?
Mobile spoofing is the act of cloaking a mobile number and falsifying a new number to that of a justifiable consumer. This can be utilized by cybercriminals to fraudulently impersonate legitimate customers open new customer accounts, gain access to existing accounts or complete fraudulent transactions.
A major point of focus for institutions addressing mobile fraud threats such as mobile spoofing, is in the account origination process, where thorough identity verification is needed to ensure that a potential customer is who he says he is and not an imposter. ThreatMetrix reported that although new account creations rates were lower than other transaction types in Q4 2014 and Q1 2015, they had a two times higher instance of fraud.
Data Breaches Contribute to Mobile Spoofing
When data breaches occur, personal and private information such as Social Security Numbers, addresses, phone numbers, emails, payment details and more are exposed to cybercriminals. These criminals are then able to recreate legitimate identities that are then used to defraud companies – in many cases employing mobile spoofing tactics to do so.
Since there is an abundance of information available to fraudsters following a data breach, particularly on the Dark Web, organizations must employ robust id verification and fraud prevention programs to effectively deter fraud. And, finding a platform that also delivers a frictionless, streamlined experience for real customers is equally essential.
As the rise in data breaches drive a surge in mobile spoofing attacks, finding an enhanced identity solution for mobile commerce is critical. Find out how IDology’s ExpectID Mobile solution can help you assess mobile risk, deter fraud and improve the user experience by creating and maintaining persistent mobile identities that you can trust.