Dutch banks saw damage from phishing double last year compared to the previous year. This concerns both phishing for 2FA security codes and phishing for credit and debit card numbers, according to figures from the Dutch Banking Association (NVB).
In 2018, criminals were able to steal more than 3.8 million euros using phishing attacks, in 2019 this had risen to just under 8 million euros. In addition to e-mail, fraudsters use SMS, WhatsApp, Messenger, e-commerce apps like "Marktplaats" (marketplace) and Twitter to send phishing messages. "Many more attacks, through more changing channels and with new excuses, have resulted in a significant increase in damage," said the NVB.
The damage as a result of stolen or lost cards also doubled in one year, from 3.32 million euros to 6.61 million euros. According to the NVB, fraud with stolen bank cards often starts with a phishing email or SMS. In it, the recipient is social engineered to enter their bank card by and also submit the associated PIN on a phishing site.
The misuse of stolen credit card data amounted to around 2 million euros in 2019, an increase of five percent compared to the previous year. The NVB expects that this loss will decrease sharply as a result of the mandatory introduction of SMS control for online credit card payments in 2020, everywhere in the EU. The total damage from payment fraud amounted to 24.1 million euros last year. A year earlier that was still 12.6 million euros.
Stepping users and/or customers through new-school security awareness training can cut down on these losses dramatically.