By Carl Eastwood, Fraud & Financial Crimes Domain Lead at SAS, and Katarina Garai, CFE - Retail & CSP Fraud Lead at SAS
Managing fraud risks in the Communication Service Provider (CSP) industry is no easy task, not least because of the speed at which fraudsters adapt to exploit new opportunities or pivot from methods that no longer work. An example of this is how quickly fraudsters ramped up scam calls, SMS and emails in 2020 and 2021 during highly-chaotic periods of the Covid-19 pandemic.
While 2022 was far from a serene and stable year globally, it did represent a return to some form of normality in the first half of the year in terms of shopping habits, with a partial move away from online back to the traditional bricks-and-mortar retail shops. But as the year progressed, supply constraint-driven inflation created a cost-of-living crisis that ushered in new economic turmoil that often drives fraud. Against this background, we look at the fraud trends that could shape the CSP industry in 2023.
Trend 1: Expect more elaborate methodologies to commit fraud
In mature markets like the UK, more traditional types of fraud that exploited the service have been declining for years. Several factors have driven this, including the ever-reducing termination charges for international and domestic calls. However, improved prevention and detection measures have also had a significant impact on deterring fraudsters.
The declining trend of usage fraud types in mature markets has coincided with increases in fraud that allows fraudsters to obtain high-value devices like the Apple iPhone. This includes subscription fraud, account takeover, sleeper/bust-out fraud, internal/dealer fraud and others. There has been an intersection between the rise in this type of fraud and scams (which we discuss later), which will continue in 2023. Expect the methodologies used to compromise peoples’ identities and commited fraud to become more elaborate.
Trend 2: Scams will remain a central theme
Last year, Citizens Advice found that more than three-quarters of UK adults had been targeted by scammers – an increase of 14% from the previous year. As with Covid-19, scammers have been quick to exploit the cost-of-living crisis, luring people in with messages most likely to resonate with them at the current time, such as help or advice relating to energy prices.
The onus is increasingly on providers to protect customers from any scam that involves abuse of the network, including those relating to banking, insurance, energy, tax, health or even their own CSP service (i.e., subscription fraud). This has led to the major UK CSPs signing a voluntary charter in November 2022 to work with the government and other industries to reduce the impact of scams.
Ofcom’s rules and guidance on spoof calls come into force in May, and there are already promising signs there will be an effective weapon based on reports from the companies who’ve already implemented them voluntarily. TalkTalk, for instance, has seen a 65% reduction in the number of complaints about scam calls, according to the regulator.
Despite this progress, we expect scams to remain a central theme of 2023, with methodologies shifting to increasingly targeted spear phishing. This includes phishing via voice calls (vishing) and SMS (smishing), along with the compromised information used to commit fraud in different ways than previously seen.
Trend 3: Opportunistic fraud will be on the rise
As well as dealing with a continuously innovating set of organised criminal fraudsters, the current economic climate will increase pressure (see the below fraud triangle) to commit fraud across the general population. In these times, people increasingly rationalise that committing fraud is acceptable to maintain their standard of living.
Whether this is first-party fraud – using their identity to obtain services and devices they have no intention of paying for – or employees committing internal fraud (i.e., Dealer Fraud) by turning a blind eye to organised crime in a store or by committing the fraud themselves. We expect to see more of these fraud types in 2023.
Trend 4: The AI reset – Empowering our subject matter experts
As we turn attention away from the fraudster and toward how CSPs will innovate to meet the fraudsters head-on, the first trend is the AI Reset. There has been a great focus by organisations worldwide on digital transformation and putting the right software, infrastructure and data science resources in place to lead the transformation. However, the role of the Fraud SME is often overlooked in helping to drive the adoption of these new capabilities. Fraud SMEs understand the data, the methodologies that the fraudsters use and ultimately, where the risks are.
This disconnect is one of the fundamental reasons why data science projects often result in low returns on investment. Going back to basics can help gain momentum in the quest for results from using machine learning. Taking small steps can allow respective SMEs (fraud and data scientists) to learn incrementally from each other by failing fast and iterating.
Trend 5: Enterprise decisioning – Streamlining the customer journey
Expect to see CSPs start to focus on the entire customer journey rather than individual touch points that currently result in siloed decision-making. This prediction builds on a prediction that Stu Bradley, Sr Vice President of Fraud & Security Intelligence at SAS, made in his 2023 Fraud and Financial Crimes trends blog, is Enterprise Decisioning.
Take customer acquisition and onboarding as a key example. While a customer expects a single and seamless process, marketing, risk and fraud departments often work in silos to manage this process despite the significant overlap in the data used by each department to make an offer, risk assessment, and fraud assessment an application. Digital Transformation has pushed AI, machine learning and automation to the forefront of this process – its full potential is more likely to be realised by leveraging common and trusted data and employing a consistent approach to the analytics lifecycle.
In a forthcoming blog post, we focus on breaking down the silos between departments by using a common platform for Enterprise Decisioning.
