EXPLAINER: What is digital fraud and how do you protect yourself from scams?

MANILA, Philippines – Imagine this: you’ve been shopping around for a new pair of white sneakers from your favorite brand. Since you’re on a popular website that you trust, you order from the store with the best price. After all, they even describe themselves as an “authorized reseller.” But when the package finally arrives, the sneakers turn out to be a clear imitation – or worse, there are no shoes inside at all.

In either case, you may have just fallen victim to digital fraud.

From phishing emails to third-party scams, fraudsters are finding ways to deceive people in the digital landscape. According to a report by TransUnion, the Philippines had the third-highest rate of suspected fraudulent digital transactions among all countries and regions analyzed in 2022. As much as 8.7% of digital transactions in the country that year were suspected to be fraudulent.

Although the number of digital fraud attempts in the Philippines has actually dropped by 18% since pre-pandemic levels in 2019, experts say the risk of fraud remains high.

“Despite the return to the pre-pandemic levels, the Philippines’ digital fraud rate still stands at a much higher level than the global average, leaving no room for complacency,” Amrita Mitra, chief operating officer at TransUnion Philippines, said in a statement.

Where digital fraud is happening

The cyberworld is vast, and fraud infiltrates it to varying degrees. Globally, TransUnion observed that digital fraud attempts hit the gaming industry – online sports betting, gambling, and the like – and retail industry the most.

The story, however, is different in the Philippines, where logistics tops the list of industries targeted by digital fraud. Since 2019, the logistics industry in the country has seen an explosion of suspected digital fraud, with fraud attempts increasing by 133%.

The gaming and communities industries also saw a rise in fraud attempts, while the video gaming, retail, financial services, and telecommunities industries all saw a fall in fraudulent activity.

Here is the global rate of suspected fraud attempts among the 10 most targeted industries. The table below also shows the increase or decrease in the rate of attempted digital fraud in the Philippines from 2019 to 2022.

What digital fraud usually looks like

In a three-month period from September 2022 onwards, 71% of Filipinos said they had been targeted by digital fraud attempts through emails, phone calls, online messaging, or texts, according to a survey commissioned by TransUnion. Out of these, 11% of those surveyed admitted to falling victim to fraud.

Here are the three types of fraud schemes most commonly experienced by Filipinos, according to the survey:

Phishing (fraudulent emails, social posts, websites and QR codes) – 46%
Smishing (fraudulent mobile text messages) – 46%
Third-party seller scam – 33%
Identity theft – 25%

Phishing and smishing, which have similar intentions, are both attempts by fraudsters to trick you into sharing valuable information, like account passwords, credit card numbers, or one-time passwords (OTP). The government has tried to crack down on smishing with the SIM Card Registration Act.

Meanwhile, third-party seller scams happen when fraudsters – who may pose as official resellers or even the official vendor – sell fake products through a legitimate website.

Identity theft occurs when fraudsters steal your personal information and use it to withdraw money from your bank account, or open a line of credit under your name, among other possible scams. (WATCH: PAK, Check! Ingat sa fake gov’t registrations, mga vebs!)

How digital fraud is being prevented

Louis Smith, Visa’s chief risk officer for Southeast Asia, observed that the nature of fraud has changed.

“Face-to-face fraud doesn't really happen anymore. It's all digital,” he said during a media roundtable. “As the fraudsters became more sophisticated and figured out ways to abuse that, we had to adapt.”

In response, digital payments companies have had to readjust their security measures, such as using tokenization. Rather than storing an individual’s valuable financial information clearly – like his or her card number and card security code – it is instead“tokenized” so that even if a fraudster obtains that data, it can’t be read or used outside of a particular online marketplace.

“Our 16-digit card numbers, when fully exposed, they're invaluable to a fraudster. They can be used anywhere. But when they're tokenized, we can control where it can be used, how it can be used, how long it can be used, who can use it,” Smith said.

According to Smith, Visa also employs artificial intelligence to screen every transaction using 500 variables to look for patterns of fraud. The Visa Advanced Authorization system then lets the merchant and bank know whether the transaction is safe or not – a process which happens in a second or less.

How to stay protected as a consumer

Even with these security measures, Smith emphasized that consumers still need to learn how to keep themselves safe.

“A massive tool in the process of protecting transactions actually is education – helping consumers understand that your bank will never fool you and ask you for your one-time PIN, but a fraudster would,” he said.

Here are some tips from Smith on how to keep your valuable information secure in the digital age:

Never share. Never share your one-time passcode or card number on a telephone or any sort of clickable link. Your bank will never send you a clickable link. Your merchant should never send you a clickable link asking you for your bank credentials.
Stay where you’re safe. Educate yourself about the type of sites that you’re shopping at and whether they’re safe. High-risk environments like gambling websites are where the majority of fraud occurs.
Don’t send valuable information over chat. Credit card details sent over an unsecured messaging app could be stolen. Sending a photo of your card could similarly be dangerous.
Treat your digital wallet as you would your physical one. You wouldn’t leave your credit card lying around or with someone else you don’t trust. Protect the digital version of your payment credentials in the same way.