The past three months have seen a huge jump in the number of fraudulent applications for UK current bank accounts as cybercriminals continue to evolve their tactics, according to Experian.
The credit scoring firm claimed in a new report that the rate of fraudulent applications almost doubled – from 81 in every 10,000 in Q1 this year to 151 in 10,000 by the end of the second quarter.
To put this in perspective, the figure was just 48 in 10,000 at the end of 2013.
Identity fraud accounts for the majority of these illegitimate applications – rising from a share of 49% in Q1 to 69% in the last quarter.
There are several ways fraudsters can get hold of the information they need to do this, including buying breached personal and financial data on the Darknet; telephone scams; information stealing malware; and intercepting mail, or rooting around for discarded bank statements.
Experian UK&I director of identity and fraud, Nick Mothershaw, suggested the surge in account creation fraud was indicative of a “widespread organized attack” on financial institutions.
“The good news is that these figures relate to detected and prevented fraud so these large scale attacks are being blocked before the damage is done,” he added in a statement.
“However, it does reveal the fervor with which fraudsters are targeting current accounts and the dangers for both the individuals whose identities are stolen and the organizations trying to protect them.”
Stephen Moody, EMEA solutions director at fraud prevention firm ThreatMetrix, argued the surge is even larger than that described by Experian because much of this type of fraud is mis-classified as bad debt.
“We’ve seen some eye watering statistics for true fraud levels on new account applications recently – fueled by data breaches,” he told Infosecurity.
“This will continue until pressure is brought to bear on governments and companies to protect identity data to more exacting standards, similar to those used in PCI DSS, for example.”
ThreatMetrix analysed over three billion global transactions during the second quarter to compile its Q2 Cybercrime Report.
It found that although account creation accounted for just 3% of the total number of transactions during the period, 4.1% of these were identified as suspected fraud. The figure was lower (3.1%) for both payments and account log-ins.