1、Report 2024 Payment Threats and Fraud Trends www.epc-cep.eu 1/72 EPC162-24 Version 1.0 Date issued:22/11/2024 2024 Payment Threats and Fraud Trends Report EPC162-24/Version 1.0/Date issued:22 November 2024 Public 2024 Copyright European Payments Council(EPC)AISBL:This document is public and may be c

2、opied or otherwise distributed provided attribution is made and the text is not used directly as a source of profit Report 2024 Payment Threats and Fraud Trends www.epc-cep.eu 2/72 EPC162-24 Version 1.0 Date issued:22/11/2024 Abstract This new edition of the threats trends report reflects the recent

3、 developments concerning security threats and fraud in the payments landscape over the past year.www.epc-cep.eu 3/72 Report 2024 Payments Threats and Fraud Trends EPC162-24/Version 1.0 Table of Contents Executive Summary.5 About this document.5 Conclusions.5 1 Document Information.9 1.1 Scope and Ob

4、jectives.9 1.2 Audience.9 1.3 Contributors.9 1.4 References.9 1.5 Definitions and Abbreviations.10 2 Focus on Recent Attack Trends.15 3 Payment Threats and Fraud Landscape.17 3.1 Fraud Techniques.17 3.1.1 Social Engineering.17 3.1.2 Malware.19 3.1.3 Advanced Persistent Threats(APT).23 3.1.4 Distribu

5、ted Denial of Service(DDoS).27 3.1.5 Botnets.32 3.1.6 Third-party compromise,supply chain attacks and outages.36 3.1.7 Monetisation Channels.39 3.2 Fraud per Payment-Relevant Process.43 3.2.1 Introduction.43 3.2.2 On-boarding and Provisioning.43 3.2.3 Payment request and invoicing processes.46 3.2.4

6、 Payment Initiation&Authentication.49 3.2.5 Payment Execution.49 3.2.6 Mobile Wallets for Identification and Authentication.51 3.3 Fraud unique to Specific Payment Instruments.53 3.3.1 SEPA Schemes.53 3.3.2 Card Scheme.58 3.3.3 Mobile Wallets for Card Payments.66 4 Liability Shift Discussions relate