Move aside cash, e-wallets have arrived. With just a tap of a phone or wrist, e-wallets (also known as digital wallets) are revolutionising the way we pay. In fact, they’re being adopted at such a fast rate that by 2025, more than half the world’s population is expected to use them. Unfortunately, as e-wallets soar in popularity, they’ve also become more attractive to fraudsters.
Defrauding an e-wallet can earn fraudsters a lot of money. Like physical wallets, they contain personal information such as names, phone numbers and email addresses. Fraudsters that successfully get their hands on e-wallets can steal funds and illegally mine data.
There are many ways fraudsters can carry out e-wallet fraud. Let’s take a closer look at some of the more common tactics fraudsters employ.
Referral campaigns are a great way for e-wallets to bring in new customers. When a user refers a friend, they often receive rewards such as discount deals or free items. But incentives for users are also incentives for fraudsters.
The most popular way referral abuse occurs is through self-referrals. Say an e-wallet runs a campaign that offers $20 for every successful referral. A fraudster could create multiple fake accounts to rack up rewards, skewing analytics and causing financial losses.
Fake e-wallets are designed to look identical to real ones. They’re usually uploaded on app stores with helpful reviews and pictures to lure users into thinking they’re legitimate. But unlike real e-wallets, fake ones often contain malware. Once installed, fraudsters could use fake e-wallets to carry out a wide range of malicious activities, such as stealing login information or conducting spam attacks.
But that’s not all. Fake e-wallets have been used to spoof in-person transactions as well. Fraudsters in India were able to con shopkeepers by using fake e-wallet apps to forge payment confirmation pages.
Account takeovers happen when fraudsters gain unauthorised access to accounts, typically to steal funds or personal information. These accounts are usually breached using stolen credentials obtained through social engineering schemes, phishing scams, and information sold online.
Fraudsters take over e-wallet accounts mainly because of the valuable user information they contain. This data can usually fetch a high price when resold on the dark web. Also, given that their contents are so valuable, e-wallet accounts can serve as a gateway to other malicious activity such as money laundering and identity theft.
Although one or two fraudulent transactions might not cause much damage, fraudsters tend to be repeat offenders. Fraud attacks are usually committed at scale, which can cause e-wallets to lose a lot of money, fast.
Financial costs aside, e-wallet fraud can also affect customer loyalty and damage brand reputation. It’s extremely important for businesses to protect their e-wallets from fraud, especially when it takes just a single fraud attack for users to switch to a competitor. Moreover, victims of fraud often take to social media to air their grievances, which can scare off potential customers.
Fraudsters will always look for ways to take advantage of e-wallets. But that doesn’t mean that they’re powerless against attacks.
Rather than waiting to find out what fraudsters have up their sleeves, e-wallets should take a proactive approach to protect their platforms. SHIELD’s mobile-first fraud prevention solution has helped many leading e-wallet companies safeguard their platforms by detecting all fraud and abuse, cutting fraudsters off at the pass.
