What Lazio’s €2 Million Transfer Payment Scam Teaches us About Modern Payment Fraud

Matthew Attwell

Risk & Client Service Director at ai corporation

Views 709

What Lazio’s €2 Million Transfer Payment Scam Teaches us About Modern Payment Fraud

04.04.2018 08:00 am

Own goal?

Last week saw Lazio (the Italian football club) fall victim to a brazen online scam, resulting in the club paying the final €2million instalment for the transfer of a player, Stefan de Vrij, to fraudsters using fake Feyenoord FC email account. Lazio received an email that appeared to be from the Dutch team asking for the €2million, along with their ‘supposed’ bank account details, and duly sent the money.

The trouble is Feyenoord never received the payment and claim to have no knowledge of the email. Painful, but it is a great example of how modern fraudsters are evolving their ability to detect vulnerabilities in systems and shifting their targets to those weak links. Lazio officials were apparently fooled because the scam email had an official Feyenoord logo on it – easily available on the internet.

According to the UK Trade body, UK Finance, a total of £236 million was lost last year as individuals and businesses were tricked into transferring money to a fraudulent account, via authorised push payment (APP) scams. Authorised push payment (APP) scams were the subject of a "super-complaint" made by Which? in September 2016 to regulators, which called on banks to take more responsibility of the wide spread issue.

  • UK Finance's figures show there were 43,875 reported cases of APP scams in 2017
  • Nearly nine in 10 (88%) of this total were consumers, losing an average of £2,784
  • The remainder were businesses who lost on average of £24,355 per case
  • Financial providers were able to return £60.8 million (26%) of the authorised push payment scam losses in 2017

The complex process of trying to claw money back can be made even more difficult when there is more than one scammed person, a football transfer fee involved or the funds in the scammer's account are insufficient or comprise of both ‘clean’ and the ‘scammed’ money. Of course, scammers will often immediately transfer funds out upon receipt, through a chain of additional accounts.

So, whether you are a multi-million-pound football club, an individual or a business, it is crucial to verify any new payment or changed payment details. My team and I would always recommend two-factor checking on any payment; verifying the original request via an alternative communication method. A simple verification phone call would have saved Lazio FC from a costly own-goal.

Unfortunately, this type of fraud is a rapidly increasing occurrence in other business areas. Also known as ‘CEO’ fraud, as fraudsters often impersonate high ranking employees to increase the importance of the payment, the FBI estimates the cost to business is more than $500m a year. There is pressure on banks to do more on this fraud type. Either by compensating victims or implementing further checks on wire transfers and corporate payments, as they do with consumer accounts.

How Artificial Intelligence can help

Developments in machine learning and artificial intelligence in the past few years has facilitated the decrease of payment fraud. Artificial Intelligence (A.I.) can be a valuable tool for banks in detecting anomalies in payment details or fraudulent receiving accounts. A.I., more specifically machine learning, is already helping organisations combat fraud in ways that just weren’t possible previously. It is an exciting time for businesses, with disruptive opportunities in virtually every market sector.

Organisations that want to defend themselves against these risks and thwart modern fraud attacks must be able to react in real time. To do this, they need powerful solutions that are responsive and dynamic, yet still easy to use and integrate into their existing systems.

Traditional rules-based fraud management engines are breaking down at this level of sophistication, speed and scale. What is needed is a paradigm shift in the tools used to fight multichannel commerce and banking fraud. A.I. solutions can replace high-maintenance, rules-based fraud management tools with self-learning algorithms, reducing ‘false positives’ by using big data to identify new fraud patterns. Ultimately, these capabilities enable managers to make better decisions related to fraud, and so significantly reduce fraud loss.

Even the data collected by fraud platforms is being used for more than just identifying fraud. The data from fraud platforms can be utilised in many ways, for ‘good’, as well as ‘bad’. For example, in analysing spending patterns amongst customer data and helping marketing teams to develop targeted marketing campaigns. Purchasing data can also help a brand to identify customer segments and establish target markets for advertising.

Expecting fraud teams to work through thousands of pieces of data and be spot on every time, is simply not practical. Machines need to be allowed to lead some stages of the tedious, repetitive processes – releasing human creativity. Utilising best of breed machine learning technology, our customers have significantly reduced the amount of time it takes to analyse data and have provided increased accuracy in fraud detection and a reduction in false:positives rates, meaning less declines and more transactions.    

There are many factors driving the requirements need for effective A.I. solutions for payments and transaction processing. Firstly, as technology evolves, online fraud is becoming more prevalent and damaging, with financial services and e-commerce companies especially vulnerable to attacks.

Modern fraudsters have evolved their ability to detect vulnerabilities in systems and are shifting their targets to those weak links. They are using new tactics too – using distributed networks, big data and the dark web to locate vulnerabilities and maximise the associated risk. Fraudsters are also devising multidimensional tactics that inflict damage by sequentially compromising more than one point of vulnerability.

Latest blogs

Noa Benari SecuredTouch

4 Mobile Banking Trojan Families to Fear According to McAfee

Mobile malware is becoming more sophisticated and evasive, making detection challenging. According to the McAfee Labs Threats Report for June 2018, mobile malware grew by 42% since last year. Read more »

Bo Harald ZEF, Transmeri, Demos, Real Time Economy Program

Has anybody calculated the value?

The Finnish Ministry of Finance has set as a target to make Finland the first Real-time Economy in Europe. We are well on the way and now the MyData.org initiative is bringing in new dimensions. Read more »

Patrick Bermingham Adflex

Invoicing in the IoT: why connections are key to maximising business value

Start-ups and established companies alike are increasingly interested in the industrial internet of things (IIoT), but many are missing a trick when it comes to payments. Businesses face many challenges when designing and implementing their own IoT Read more »

Chris Larsen Ripple

How Can Merchants utilize Blockchain based Payments Technology to expand to new markets and increase revenue?

This statement might be the summary of it all. The world is constantly changing, and with this change, new technologies and approaches are revealed, defining the future business and communications. Global cross-border payments have been the main Read more »

Sabine VanderLinden Startupbootcamp

Who should be responsible for protecting our personal data?

Governments do not have the resources or the speed required to react to cybercrime. In most cases, businesses lack the incentives to focus on this topic. Consumers think they should be responsible for their own safety online, but most do not have Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App