The threats to information and identity security are becoming increasingly complex. So far, you might have only heard of ransomware as a data fraud. But did you know that in Indonesia, there are at least four types of digital fraud to watch out for?
They are Deepfake, Social Engineering, Account Takeover, and Identity Theft & Document Forgery. Here’s the explanation:
- Deepfake
Artificial Intelligence (AI) has revolutionized many aspects of life, from science, entertainment, health, education, and more. However, AI also brings significant risks, particularly in the form of AI-generated fraud.
Deepfake fraud, which includes fake photos, videos, voice cloning, and other impersonation attempts, has skyrocketed. From 2022 to 2023, deepfake fraud in the Asia-Pacific region increased by 1540%.
Deloitte predicts that by 2027, deepfake fraud will increase to tens of billions of dollars globally. This surge is also a major concern in Indonesia, where deepfake fraud jumped by 1550% during the same period.
Have you ever seen a video of celebrity Melaney Ricardo promoting a slimming product? Well, that’s an example of deepfake. Although it may seem like entertainment at first glance, fake videos like that have the potential to deceive and spread misinformation.
This is one of the growing uses of deepfake, which is becoming more common. Yet, deepfake poses a threat to digital security. It can be used to deceive identity verification systems, especially those based on biometrics like facial recognition.
Cybercriminals can exploit deepfake technology to access accounts or conduct illegal transactions by pretending to be someone else.
- Social Engineering Threats
Social engineering, often referred to as "human hacking," is the manipulation of individuals to divulge confidential information.
In short, have you ever received an SMS or WhatsApp message from an unknown number containing an unfamiliar link? Never click on those links as they are social engineering attempts.
In Indonesia, social engineering attempts occur almost daily, with tactics like phishing, SMS Phishing (smishing), and Video Phishing (vishing) being the most common.
A recent study by KnowBe4 found that over 90% of all phishing attacks involve social engineering tactics. In Indonesia, this type of fraud accounts for 99% of phishing attacks.
For example, 311 students in Bogor fell victim to a fake investment and online loan scheme, resulting in losses totaling 21 billion rupiahs. These students were lured by promises of quick returns, only to find themselves scammed.
- Account Takeover
Account takeover fraud occurs when a fraudster gains unauthorized access to a user's account, whether it's banking, credit, e-commerce, or social media.
Two common vulnerabilities exploited for account takeovers are weak passwords and social engineering attacks. For instance, a business owner in Malang lost 1.4 billion rupiahs in savings after clicking a link sent via WhatsApp to their number.
In 2023, account takeover fraud globally increased by 150%. What about in Indonesia? In 2024, 97% of businesses in Indonesia faced account takeover attempts.
- Identity Theft and Document Forgery
Identity theft and document forgery are other significant threats, where individuals unknowingly become legally bound by contracts they never signed. Between 2022 and 2023, identity theft and document forgery fraud globally increased by 20%.
For example, someone discovered that their personal data had been used without their knowledge to apply for three credit items under a Paylater company.
These four types of fraud—Deepfake, Social Engineering, Account Takeover, and Identity Theft—are significant threats to today’s digital transactions.
Mitigating threats in digital transactions requires the involvement of various parties, from financial businesses, technology providers, and the government to users. The fraud cases that have occurred are proof that vulnerabilities in system security can be exploited at any stage of a digital transaction.
To address the increasingly complex fraud threats, a comprehensive security solution is needed. VIDA, as a technology company specializing in digital identity security, offers VIDA Identity Stack, a solution consisting of three main pillars: Identity Proofing, User Authentication, and Fraud Detection. These security pillars provide comprehensive protection designed to secure digital identities and safeguard system integrity from various fraud threats.
.png)
