Cyber financial fraud in the shadows

Cyber financial fraud in the shadows

Organizations in the financial services industry are actively being targeted by threat actors who leverage customer information to steal profiles, drain funds, and commit identity #Fraud . This exploitation isn't limited to big banks or those dealing with credit card theft. It's happening pervasively in corners not previously considered a prime target.

There is an increase in exploitation against applications designed to help customers track down lost or forgotten financial assets. While not perceived to be as intense or high stakes as an application supporting daily banking, these applications coming under attack host equally lucrative information as a bank and pose similar risk to the organization.

The primary target is webpages that allow for account information or profile information lookup. This is where users could enter personal information to see if there is a record match inside the application. Upon successfully matching datapoints such as first and last name, social security number, insurance number, or date of birth, users are then offered an opportunity to re-claim their financial profile.

By leveraging bots, attackers can easily perform reconnaissance and build a list of targets in a matter of seconds providing the adversary with a targeted and confirmed list of accounts to compromise.

There are many situations where threat actors can target your data. Here are some examples:

1.???Not the usual suspects: Attackers know the odd of success are higher against an application that is not used daily – leaving the owner unaware that their funds have been drained.

2.???Identity theft: Attackers buy and sell the building blocks that make up our electronic identities to build up sets of stolen profiles to later be used against financial applications.

3.???Profile exploitation: Attackers spend most of their time conducting reconnaissance across the internet looking for profile lookup web pages that can be tested with their previously stolen profiles. Once the reconnaissance is completed, the attack happens within minutes and is over before anyone is even alerted of massive dollar impacts.

4.???Cash-out: With millions of undetected attacks happening over many weeks, even a small percentage of success leads to big payoffs for the threat actors. They collect, plan, execute he attack, and drain the funds before anyone is even aware of what happened.

What can these types of organizations do to reduce their risk?

  1. Establish #cybersecurity assessments of your applications by prioritizing security around profile lookups and logins. Consider technical vulnerabilities alongside potential flaws in business logic.
  2. Establish a contemporary security posture with revised technology and processes to counter botnets from the perimeter through to monetization.
  3. Employ digital risk protection capabilities like cyber threat intelligence to monitor criminal forums and marketplaces for activity concerning the organization or its customers.
  4. Improve your incident detection, management, and response process to ensure rapid detection, containment, and recovery from botnet exploitation.

Read the full article on BDO.ca ?to learn more about preventing cyber fraud in your company.





要查看或添加评论,请登录

社区洞察

其他会员也浏览了