‘Triangulation’ fraud on the rise, online shoppers beware, says expert
Having investigated electronic banking fraud in all its forms for years, Dane Nicholson is predicting another type of fraud by cyberscammers, referred to as “triangulation”, saying it will grow in significance in Jamaica as more persons are shopping online.
It is yet another method being used by scammers in Jamaica and globally to steal money from the accounts in financial institutions, said Nicholson, who is co-chair of the Anti-Fraud Committee of the Jamaica Bankers Association.
“In my view, triangulation fraud will be the next big thing,” said the fraud expert, while addressing the annual Jamaica Institute of Financial Services-JBA anti-fraud seminar in Kingston on Thursday.
Triangulation fraud occurs when a scammer acts as a secret middleman in online purchases. It involves the creation of a fake website resembling a legitimate website in which goods are offered for sale.
When a cardholder attempts to purchase an item from the fake website, the operators of that fake website obtain the cardholder’s banking information. The fake operator then makes the purchase from the legitimate website and delivers the goods to the customer but then defrauds the customer’s account. This situation leaves the customer blaming the legitimate website for the fraud when the fraud was committed by the holder of the fake website, who remains anonymous.
But while this type of fraud is growing in popularity, other types still persist, including point-of-sale network base attacks, which inject malware into the network, allowing significant amounts of information to be extracted, and several variations of e-commerce fraud including data breaches and account takeovers.
Thankfully, financial institutions have adopted new technologies to push back against these types of fraud, Nicholson said.
Meanwhile, the fraud expert is recommending that customers use cards with a chip rather than those that are swiped.
The swiping of cards allows for skimming, a process in which a scammer tampers with an ATM or payment device in order to steal card information during a financial transaction. This type of fraud occurs when an ATM or payment device has been compromised by a skimmer, which is a card reader disguised as part of the machine.
“My recommendation to financial institutions is to move away from making cards with that black (magnetic) stripe on the back,” Nicholson said. “New technology will cause skimming to die in Jamaica. In Europe, it’s dead because there are no magnetic stripe cards.”
The seminar was held under the theme “Fraud Prevention Trends and Tactics: Staying Ahead of the Game”.
The world is moving towards contactless chip cards and the transfer of funds using phones or wearables such as watches, Nicholson noted.
The Bank of Jamaica, in its Financial Stability Report 2023, stated that fraud reported annually in recent years ranged from $900 million as at November 2020 to $2.3 billion in 2023.
Throughout that period, deposit taking institutions, on average, reported bank fraud of $1.5 billion per annum, accounting for over 34,953 fraud incidents. This reflected an average yearly increase of 33.2 per cent ($0.4 billion per annum).
Notably, for the year ended November 2023, growth in fraud was above this average, with an outturn of 50.9 per cent ($0.8 billion). The general increase in fraud amounts was linked to the employment of traditional fraud methods, particularly cheque frauds, and the use of social-engineering techniques.