The Association of Banks (ABS) says that major card issuing banks have prevented $53.9 million of losses in 4Q2024 after adjusting their fraud surveillance measures in response to the rise in phishing scams.
These banks have been working with mobile wallet providers such as Apple Pay, Google Pay, and Samsung Pay, and card service providers such as Visa and Mastercard, to tighten card provisioning processes.
Going forward, banks will require additional verification such as in-app controls or digital token
authentication for provisioning cards onto mobile wallets, and card issuing banks will implement such enhancements as soon as possible, with completion expected by July 2025.
In recent phishing attacks, ABS says that victims are first tricked into providing card details on a website, in which scammers then proceed to provide the card into a mobile wallet in the scammer’s device.
An SMS One-Time Password (OTP) will be sent to the victim’s phone, and the scammer authenticates and completes the provisioning using the OTP that the victim discloses. The scammer then uses the mobile wallet to make unauthorised purchases or transactions.
ABS says that customer vigilance remains key, and should be cautious when responding to deals.
