Following reports that banks may be leaving customers vulnerable to fraudulent spoofing attempts, I wanted to share commentary from Fabien Rech, SVP EMEA at Trellix, which demonstrates how financial services companies can defend against cyberattacks by bolstering their security. He discusses:
- Why financial services are a prime target for spoofing:the data-rich sector is highly lucrative for fraudsters, meaning it is a top target for malicious emails and other cyberattacks
- How the sector can mitigate against attacks by not only defending against fraudulent impersonations but taking broader steps to shore up their security measures
- The importance of adapting to new threats through living security, as malicious actors look to evolve attack techniques to target this data-rich sector
Rich in sensitive, personal information, there is no doubt that financial services are a data goldmine for cybercriminals, or that banks and their customers are prime targets for fraudulent spoofing attempts. In fact, recent research from Trellix found that financial services was the sector most impacted by malicious emails in Q3 2022, and while phishing remains the most common type of malicious email – accounting for around two-thirds (68%) of attacks – spoofing must remain a significant cause for concern.
“Cyberattacks are increasingly becoming more sophisticated and can often go undetected, meaning banks and other financial organisations need to keep up with this evolution or risk exposing their system, and therefore their customers, to threats. Organisations must not only take steps to defend against fraudulent impersonations via spoofing, such as drawing on Ofcom’s Do Not Originate (DNO) list, but also take broader steps to shore up their security measures, as malicious actors will always be looking for new routes into this data-rich sector.
“It’s no longer enough to simply put up a shield in defence of incoming attacks. Financial organisations need to be one step ahead of fraudsters to mitigate ever-evolving threats by implementing a living security strategy, turning the once static shield into an adaptable one. Extended detection and response (XDR) can provide businesses with a holistic ecosystem that consolidates all security products into an interconnected, constantly communicating platform. Taking this approach can enable the finance sector to adapt quickly to new threats and accelerate detection and correction through the entire defence lifecycle.