The amount of damage caused by fraudulent use of credit cards is the highest ever How to prevent damage?

According to the Japan Credit Association, the amount of damage caused by unauthorized use of credit cards last year (2021) was over 33 billion yen, the highest ever.

The amount of damage from January to the end of March reached more than 10 billion yen, which is the highest pace ever.

Against this backdrop, a meeting was held to discuss countermeasures with EC site operating companies, etc., and a new anti-fraud mechanism and the need for information sharing among companies were discussed.

Last year was the highest amount of damage ever.

According to the Japan Credit Association, the amount of damage caused by unauthorized use of credit cards last year (2021) increased by about 30% from the previous year (2020) to 33.01 billion yen. Since then, it is the highest number.

In addition, the amount of damage from January to the end of March this year was 10.01 billion yen, an increase of 35.8%, or 2.64 billion yen, compared to the same period of the previous year. It has the most pages.

Looking at the breakdown of the damage, the damage due to "number theft", which uses illegally obtained card numbers, accounts for 31.17 billion yen, or 94.4% of the total.

In particular, the amount of damage caused by card number theft increased by about 40% compared to the previous year (2020). It is believed that there is an increase in "phishing scams" that steal numbers and passwords.

According to the Anti-Phishing Council, the number of suspicious e-mails related to phishing scams has reached approximately 560,000 by the end of July, which is also the highest pace ever.

Recently, there have been many ``spoofed'' emails in which the sender is disguised as the same as the legitimate one. The methods are becoming more diverse and sophisticated, such as short messages that lead to phishing sites.

Successive arrests of phishing scams

There have been a series of incidents in which credit card information of others, obtained illegally through phishing scams, has been misused.

In March this year, two university students living in Tokyo were arrested for illegally purchasing over 150,000 yen including game consoles by registering other people's credit card information in an electronic payment application. , was prosecuted.

The owner of the credit card that was misused was a woman in her 40s in Osaka who was led to a fake website that looked like the homepage of a credit card company from a "phishing email" that arrived, and entered information such as the card number. That's it.

In addition, in May this year, two people were accused of misusing the smartphone payment service "Merpay" operated by the major flea market app "Mercari" to purchase products such as beauty serum with the account information of others and defrauding them. was arrested and subsequently charged.

The account information is believed to have been obtained by another person through a phishing scam.

In August, the Metropolitan Police Department concluded an agreement with an IT-related company that collects information such as phishing sites, in response to a series of damages caused by phishing scams.

Companies use AI (artificial intelligence) to monitor website trends, and the Metropolitan Police Department will receive such information and take measures such as using it for investigations in the future.

Public-private meeting for fraudulent use of credit cards

A meeting was held on September 1 to discuss countermeasures against the ever-increasing number of phishing scams and unauthorized use of credit cards. We talked about gender.

The meeting was attended by companies and organizations involved in EC site management and security, as well as the National Police Agency and the Ministry of Economy, Trade and Industry.

First, Toshiyuki Kiyokawa, Deputy Director of the Cyber ​​Planning Division, Cyber ​​Police Bureau, National Police Agency, said, "The number of phishing sites that the National Police Agency is aware of continues to rise. It's a trick to steal card information by sending an e-mail," he said, and about the introduction of a mechanism called "DMARC" used by criminals to prevent spoofing e-mails, "We are working to get many businesses to respond. I want to continue."

After that, companies and organizations that operate e-commerce sites, etc., reported on the actual damage and countermeasures for each, and among them, Yoshiro Fukuda, secretary general of the Cashless Promotion Council, said that code payments are likely to be targeted recently. , explained a fraud prevention mechanism that multiple companies are aiming to introduce within the year, and pointed out that "information sharing between companies is necessary."

Tatsuya Nakajima of the Safer Internet Association, which hosted the event, said, "It is not possible to prevent damage by just taking a steady approach from one company to another. More people involved in the industry will understand the current situation, and many services will be safe. I think it's beneficial for consumers to make it available for everyone. I hope that the industry as a whole can promote measures."

Mercari strengthens countermeasures against unauthorized use Damage amount is reduced to 1/10

According to Mercari, a major flea market site, the amount of unauthorized use has risen to 3.2 billion yen from January to the end of June.

The breakdown was 2.3 billion yen due to unauthorized use of credit cards, and it seems that someone stole the card number and name of the customer on the phishing site and used it to sell another seller on the flea market. There are many cases where products are purchased from

In addition, it is said that there are cases of 900 million yen in cases such as accessing with the account information of another person who seems to have been stolen and misusing the linked payment service "Merpay" to purchase products.

In response to this series of damages, Mercari set up a new department dedicated to fraud countermeasures across the group, introduced a mechanism to confirm the identity of credit card users, and implemented a system to detect fraudulent transactions. It means that measures such as strengthening the

As a result, the amount of fraudulent use in August was reduced to about 1/10 of what it was before the measures were strengthened.

Takaaki Shinohara, Mercari's executive officer and head of anti-fraud measures in Japan, said, "The perpetrators of fraud think about a variety of approaches in a complex way, so even if you solve only the issues that are recognized by individual companies, unexpected approaches will come one after another. It is important to share various cases both in Japan and overseas with the entire industry and update countermeasures."

Mitigation of damage with fraud detection system

An increasing number of companies are introducing systems to detect fraudulent transactions in order to prevent damage such as fraudulent purchases of products on shopping sites.

A security company in Tokyo has developed a system that uses AI (artificial intelligence) to monitor and automatically detect fraudulent transactions 24 hours a day.

The mechanism of the system is that when an order is placed on a shopping site, etc., the AI ​​compares the "rules" and "conditions" that have been set in advance and scores the "degree of fraud" of the transaction to make a judgment. .

For example, if the delivery address specified by the purchaser of the product is ``an address where damage has been reported in the past'' or ``an address that seems to be an empty house'', the score called ``NG score'' is used to determine whether it is fraudulent. It's expensive.

If the score is high, the site operator can prevent damage by stopping the transaction.

Hundreds of types of rules and conditions are set, and AI processes each case for scoring to determine whether it is fraudulent or not in 0.5 seconds.

This system has been introduced to more than 20,000 sites, and at a general retail shopping site, it was possible to reduce damage by about 90%, which was up to several million yen every month. is.

Manager Midori Nakajo of the Customer Success Department of Kakko said, "Since fraudulent order techniques change every few weeks, we are responding by increasing the detection rules according to trends. We are trying to reduce fraudulent orders. I want to keep upgrading as much as possible,” he said.