This article was written by Hagai Schaffer, VP Product Management and Marketing, Bottomline Technologies, Cyber Fraud and Risk Management.
Cyber attacks will continue to menace financial institutions in 2016. Hacking attempts, losses, and prevention expenses are likely to increase with the rise in mobile banking applications, vulnerabilities of financial call centers, and the increased sophistication of social engineering attacks. Planning ahead is the best way to mitigate the risks.
Here are five of the biggest fraud risks we will see next year:
More Account Takeover and Identity Theft
The 2015 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 12.7 million U.S. consumers in 2014, resulting in a new identity fraud victim every two seconds. According to the Identity Theft Resource Center, over 175 million records were breached in 2015. Next year’s identity thieves, in addition to opening new accounts, will take over more existing banking or credit card accounts making many small transactions over time to stay below the radar. The number of attacks will increase as hackers target other types of accounts besides credit cards, including eBay, Amazon and PayPal. The potential losses are increasing since fraudsters have stolen large volumes of social security numbers and other personal information they haven’t used yet.
Increase in Fraud Rings
Fraud rings are already resulting in major financial losses. Earlier this year Kaspersky revealed that an international criminal syndicate was able to successfully impersonate bank officers at over 100 banks around the world to net as much as $900 million in stolen funds. Last year the Boleto Fraud Ring siphoned $3.75 billion from Brazilian banks. Fraud rings will be more difficult to detect as many of them may specialize in one aspect of fraud, for example, stealing identities or recruiting mules and then sell their services to another group.
Mobile Banking Fraud on the Rise
Smart phones, along with new and existing mobile banking applications, will increasingly become targets for hackers. Smart phone attacks will target the information on the device, as well as the information the device can access and the messages it receives. Additionally, the new payments systems using smart phones will be hit with malware attacks on the devices and the apps they are running.
What to Look for in a Liquidity ProviderGo to article >>
Rise in Social Engineering Fraud
Attackers using social engineering have found the phone channel to be the weakest link for corporations and consumers. This trend will continue in 2016 as fraud schemes become more and more creative. Hackers impersonating customer support people, IRS agents, and even security specialists claiming to have detected fraud will continue to be a source of stealing personal financial data. Creative schemes are likely to become more prevalent, like when fraudsters purchased similar numbers to a credit union’s 800 number to trick members into disclosing private information when they misdialed.
Proliferation of Social Media Increases Risk
As banks continue to compete for the best customer experience, they are becoming more forward thinking by using social media platforms to engage their customers and enhance their service offerings. However along with the benefits, comes the added risk. For example, Turkey’s DenizBank offers their customers access to their accounts via Facebook. One of the largest private sector banks in India recently launched a multi-social payment app that allows customers to transfer money through social media channels.
Hackers are becoming increasingly sophisticated and are likely to continue in 2016 to create new methods for taking over employee accounts and committing fraud. With the higher dependence on e-banking, mobile payments, and the ability to do banking using social networks, the risks will continue to rise. While opening new channels for banking, financial institutions will have to address the risk of hackers inflicting financial losses and damaging their reputation.