At Fourthline we analyzed over 1.5 million bank account openings between June 2020 and June 2021, to reveal how humans get hacked for criminal gain. Social engineering attempts increased by 37% in Q2 2021 compared to Q2 2020 and almost half (47%) of the detected financial fraud attempts in Europe involved social engineering or people manipulation. Key data from the report:
Social engineering attempts increased by 37% in Q2 2021 compared to Q2 2020.
Social engineering represents 47% of all financial fraud attempts; 53% is ID and document fraud (Q2 2021).
Criminals are increasingly convincing unsuspecting people to take selfies, videos, and photos to open fraudulent accounts – assisted selfies increased by over 19 percent in Q1 2021 compared to Q1 2020.
Elderly and young people are the main targets of financial fraudsters (19.9% of people aged 61+ were ‘assisted’ in attempting to open a bank account).
How humans get hacked to open bank accounts
Social engineering fraud is a broad term that refers to the scams used by criminals to exploit a person’s trust in order to obtain money directly or obtain confidential information to enable a subsequent crime. Fourthline defines ‘social engineering’ as bank account opening applications where it can see two or more people actively involved in the taking of pictures/videos. Fourthline estimates social engineering to represent 46.73% of all financial fraud attempts across Europe in Q2 2020.
A treacherous selfie
Assisted selfie fraud involves a criminal assisting in taking a selfie of the account applicant to use for fraudulent purposes. Signs that criminals have been involved include fraud attempts when the geolocation or appearance of the assisted selfie (e.g., clothing or tattoos) has been spotted in more than one application. The percentage of assisted selfies, videos, and photos increased by over 19 percent in Q1 2021 compared to a year earlier. 19.9% of people aged 61+ who attempted to open a bank account were assisted by another person to take a video or selfie.
Account takeover fraud
Contact is often made through social media, but it is also not unusual for phone calls or real-life contact to be made. In the case of account takeover fraud, a bank account has already been created and the account takeover occurs after the victim has unwittingly set it up.
Krik Gunning, CEO at Fourthline, says: "Criminals are becoming more inventive to gain access to the financial eco-system: from deep fakes and silicon masks to social engineering and synthetic identities. We see a significant increase in individuals being targeted by criminals to launder their illegal money. It is important for society that crime does not pay. We have to work together with financial institutions to monitor financial crime patterns across borders to protect potential victims.”
The figures are based on an analysis of Fourthline’s data of over 1.5 million bank account openings across Europe between June 2020 and June 2021. Fourthline defines ‘social engineering’ as account opening applications where it can see two or more people actively involved in the taking of pictures/videos.