Fraud has reached epidemic levels in the UK and should be seen as a national security issue, according to think tank the Royal United Services Institute (RUSI).
<p>The numbers presented by the RUSI are certainly worrying and highlight the importance of equipping police forces with the best possible tools to identify and stop fraudsters. New technologies such as Machine Learning, which are already being used by banks and organisations to prevent monetary losses, should also be leveraged to reduce criminality as a whole. AI and ML engines, for instance, are now capable of attributing attacks to a specific criminal cell by analysing the signatures of certain behaviours.</p> <p> </p> <p>One particularly effective approach is fincrime convergence (FRAML), which combines fraud detection and traditional anti-money laundering (AML) operations by automating data sharing and fraud insights. This multi-pronged approach can combat the growing complexities of financial crime, but the focus must remain on feeding algorithm-based engines with the right data. In this context, Fairness, Accountability, Transparency, and Ethics in AI remains an important caveat to ensure these new technologies are utilised in the right context and with transparent outcomes.</p> <p> </p> <p>In their report, RUSI also calls for better information sharing between the private and the public sector, which is somewhat challenging due to GDPR restrictions. For this reason, regulators should aim to provide clearer guidance on what is permitted and legitimate so that sharing can occur without risk.</p>
<p style=\"font-weight: 400;\">The magnitude of these losses can\’t help but have a dampening effect on the UK economy. It\’s also bad news for consumers, who often bear the brunt of many direct costs (especially in account takeover and identity theft). Financial fraud offers a lucrative source of income for cybercriminals; with such tempting promise of high reward and low prosecution rates, emboldened cybercriminals have grown in their sophistication, exploiting the human-interest factor by posing as banks or suppliers and then duping consumers into revealing their personal details. These scams have also proved effective in targeting commercial organizations, as senior executives have been tricked into revealing sensitive information that enables access to a company network.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">The increasing volume of attacks globally has also been attributed to more data available on the black market and more financial institutions and merchants vulnerable to attacks. To detect out-of-character and potentially fraudulent transactions before they can create a financial nightmare for consumers – and for companies – we must adopt new authentication methods that hackers can\’t deceive. Multi-layered solutions are leading the way to provide more safety for consumers and less fraud in the marketplace. These layers validate the user through information that hackers can\’t replicate, securing the good user\’s transaction at every step for a holistic view and one that is not a static moment in time.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">The increasing volume of attacks globally has also been attributed to more fraudsters willing to commit the crime, more data available on the black market, and more financial institutions and merchants that are vulnerable to attacks. Plus, as more countries fully adopt EMV, fraudsters have switched their tactics online and fraud will continue its migratory path to all available online channels.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">To combat these types of attacks, consumers should always report emails to their banking provider. No legitimate organization will ask for security or banking details, so consumers need to be suspicious of any email that requests this information</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">Meanwhile, there are steps that consumers can take to help secure themselves:</p> <ul style=\"font-weight: 400;\"> <li>Shop with well-known companies online, or use safer payment systems such as PayPal, ApplePay, Android pay, to avoid providing your payment details directly to an unknown merchant.</li> <li>Use a strong, unique password at every site, and make sure to change your passwords regularly.</li> <li>Don\’t use public computers or free, unencrypted Wi-Fi to conduct financial or retail transactions or interactions.</li> <li>Don’t be fooled by branding or fake email addresses that seem to come from major businesses; ensure that the communication is valid before doing any correspondence.</li> <li>Don\’t fall victim to email and phone scams, where a consumer receives a call from \"their bank\" or service provider asking for personal, or financial account information.</li> <li>If it looks too good to be true, it most likely is. When in doubt, call the bank or business directly, based on the number printed on the back of your card, or official websites and statements.</li> </ul>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics