Predictions season is upon us once again, and after our successful speculations for 2016, we’ve decided to take another Nostradamus-like crack at predicting will happen in the world of online fraud in 2017. Fraud and security are interesting areas in which to try to make predictions since the enemy is constantly evolving. Fraudsters are continually engaged in defying defenses and developing new ways to break—or break into—organizations across industries. Given what transpired in 2016, as well as what we see in our own data, here’s what we expect for fraud trends in 2017! ATO: The Worst is Yet to Come Account takeovers will continue to dominate fraud trends as the biggest challenge for companies trying to protect their users and themselves. Usernames and passwords for 167,370,910 LinkedIn accounts landed on LeakedSource in May, 427 million passwords stolen in 2013 from MySpace were released in June, and some 32 million Twitter users found their accounts locked after credentials were sold on the dark web—and that’s only a fraction of the breaches we’ve witnessed. These credentials are going to be tested and used everywhere in 2017, while companies scramble to identify who are and aren’t legitimate users. Posers Making Purchases: Fraudsters Get Increasingly Adept at Looking Legitimate For mobile games—or virtually any app—growing user numbers is a primary goal, and a primary expense. When looking at a growing user base, active users who are downloading your app, logging in regularly, and even making purchases, may seem ideal, but what if they’re not “real?” Advanced engagement by fraudulent users is going to be a much bigger issue in 2017 as advertisers and ad platforms adopt more sophisticated tracking technology and fraudsters become more experienced at mimicking the behavior of real users to game the system and gain big payoffs. Fake Accounts Have the Attention of your Board, and Here Comes the Crackdown Whether it’s insiders creating new accounts to meet sales goals or outside fraudsters committing identity theft, fake accounts are a huge problem for any company with users. Boards of Directors are increasingly aware of this, and they’re paying much closer attention to this type of fraud. Fake accounts hit the headlines in a big way after federal regulators revealed that Wells Fargo employees had been creating millions of fake bank and credit card accounts since 2011. The CEO resigned, the Treasurers of both California and Illinois stopped doing business with Wells Fargo, the banks was slapped with a $185M fine, and new account creation dropped by 27%. Unfortunately, as we’ve already seen with the decreased effectiveness of CAPTCHAs, fraudsters are now easily overcoming SMS and email verification barriers to continue opening new, and fake, accounts. In 2017, we anticipate increased scrutiny on account openings and the need for additional proof that a new account is legitimate. View posts by tags: fraud predictions | Fraud Trends Related Content: Formjacking: Trendy term, or legitimate threat? Bot attacks, and one airline’s battle to defeat them The Worrisome Rise of Credential Stuffing Stay up-to-date on the latest fraud insights and intelligence. Thank you for subscribing.