The BBC has today reported that scams in which criminals trick bank customers into paying them money out of their bank accounts jumped by 45% in the second half of last year. Over the whole of last year, more than 84,000 bank customers fell victim, some losing tens of thousands of pounds. Banks say scam merchants are shifting their attention from trying to penetrate banking systems to conning members of the public directly. Business are being targeted as well, with a similar sharp rise to £209m in suspicious transfers unwittingly authorised by staff members.
Lisa Baergen, Director at NuData Security:
“The magnitude of these losses can’t help but have a dampening effect on the UK economy. It’s also bad news for customers, who often bear the brunt of many direct costs (especially in account takeover and identity theft). Fraud is becoming a tempting promise of high reward and low prosecution rates. Emboldened cybercriminals are becoming more technology savvy and are increasingly posing as banks or suppliers and then duping customers into revealing their personal details. These scams have also proved effective in targeting commercial organisations, as senior executives have been tricked into revealing sensitive information which enables access to a company network. The increasing volume of attacks globally has also been attributed to more data available on the black market and more financial institutions and merchants vulnerable to attacks.
To detect out-of-character and potentially fraudulent transactions before they can create a financial nightmare for consumers – and for companies – many institutions are adopting new authentication methods that hackers can’t deceive. Multi-layered solutions based on passive biometrics and interactional signals are leading the way to provide more safety for consumers and less fraud in the marketplace. These solutions identify machines from humans, and legitimate users from fraudsters by looking at their inherent behaviour – instead of relying on the static data presented. This process lets organisations fast-track the known and low-risk users for an optimal experience, saving the friction and traditional authentication methods for the highest risk users. These layers validate the user through information that hackers can’t replicate, securing the good user’s transaction at every step.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.