Identity Fraud on Caffeine! The Threat of the Coffee Shop For the Love of a Latte?

03 October 2013, Palo Alto & London – Jumio Inc, the next generation credentials management company, are calling for consumers to be wary which Wi-Fi network they are connecting to at their local coffee shop. The danger of fraudsters running bogus networks with the same name as the real Wi-Fi network is revealed in new research from Jumio in their soon to be released white paper, “The Fraudsters Playbook.”

In this white paper Jumio lifts the lid on five common tricks of the trade that fraudsters use to steal identities to enable them to go on to commit fraud.

David Pope, Director of Marketing and payment fraud expert at Jumio, asserts “Businesses and consumers alike must be aware that there are many disreputable networks posing as official networks – their only true purpose is to steal the personal details of unsuspecting Wi-Fi users.”

How does it happen?

One of the fraudsters’ latest ploys to steal identities is to sit in a coffee shop that offers free Wi-Fi to its customers and then use his or her laptop to broadcast a wireless network that’s named exactly like the venue’s official Wi-Fi. The fraudster will use that as a launching point to “get to know” their ID theft victim. Here’s how the fraudster does it:

WiFi ID Theft Step 1

WiFi ID Theft Step 2

WiFi ID Theft Step 3

WiFi ID Theft Step 4

Current fraud stats show that the US economy loses in excess of $100 billion annually to fraud1 pattern which is mirrored in other countries such as the UK. The UK economy lost £52bn in 2012 from fraud, 41% if which was accredited to online attacks2.

Mr. Pope continues, “At Jumio we’re dedicated to making online and mobile transactions quicker and safer. Our computer vision solutions enable businesses to transact with their customers as if they were standing right there in front of them. With Jumio, businesses utilise their customer’s webcam or device camera to scan and validate payment cards and identity documents and even check that the face on their identity documents is actually the same face as the customer behind the transaction.

Tony Sales, convicted fraudster turned fraud prevention consultant, said, “This is one of the fraudsters’ favourite ID theft exploits as it yields rich data that they can use to conduct fraud straightaway. They sit around in coffee shops for half a day and get 50 or so identities with passwords to their targets’ online grocery shopping, their online bank accounts and other transactional sites. Then it’s time to get back to base to leverage this data and get spending”

What places should consumers think twice about before connecting to an unsecure WiFi network? Here are the top five locations for online identity theft:

  1. Coffee shops and restaurants: Between interviews and lunch meetings, food and drink establishments are notorious for attracting both unsuspecting workers logging on to get work done and fraudsters looking for easy targets.
  2. Airports and other transportation hubs: The large amount of travelers making the most of their gate times online has become a goldmine for fraudsters.
  3. Hospitals and doctors’ offices: Given the potential of using a shared network to access or view personal information like medical records and payment records, medical offices can also serve as a prime spot for identity theft.
  4. Libraries and bookstores: Both of these establishments are places where people commonly go online to get work done, connecting to a shared network and putting their information at risk.
  5. Apartment buildings: While residents are often encouraged to password-protect their personal wireless networks, many people leave their networks free of password protection in favor of convenience. This choice often puts people at risk in their own homes.
1. Joint study by the nonprofit Center for Strategic and International Studies and the computer-security firm McAfee

2. Figures from Annual Fraud Indicator, National Fraud Authority – June 2013


Media Contacts:
(UK) SkyParlour PR
Angela Yore (SkyParlour)
Tel 0161 817 8710 / 07738 822956
Email [email protected]

Matthew Pears (SkyParlour)
Tel 0161 817 8711 / 07718 190 451
Email [email protected]

(USA) Dotted Line Communications
Stephanie Cooley (DLC)
Tel 760.414.9705 | m. 415.254.0318
Email [email protected]

About Jumio

Utilizing advanced computer vision technology. Jumio is a next generation credentials management company offering mobile & online payment and ID validation products designed to meet KYC requirements, reduce fraud and increase revenue by minimizing friction in customer transactions. Jumio’s products are widely used by leading retailers, marketplaces and financial institutions.

  • Jumio Netverify® is available for websites or mobile apps and supports real-time ID scanning and verification of passports, driver licenses and other documents to enable clients to meet a variety of know-your-customer requirements.
  • Jumio’s Netswipe® enables merchants to easily integrate credit card scanning and validation into their mobile apps and websites. This results in increased revenue, reduced fraud and a superior customer experience than offered in traditional checkout pages.
  • Jumio’s Face Match enables merchants to compare the face on their customer’s identity documents with the face that is captured during the transaction through their customer’s webcam or device camera. As a result, businesses can more effectively and easily identify customers and protect against fraudulent activity.

The company was founded in 2010 by CEO Daniel Mattes and is backed by top tier investors including Andreessen Horowitz, Citi Ventures and Facebook Co-Founder, Eduardo Saverin. Headquartered in Palo Alto, California Jumio operates globally with offices in the US and Europe.