The Fraud Blog with Tracy Kitten

Faces of Fraud: New Survey Debuts

What Are the Top Threats to Banking Institutions?

How are banking institutions responding to increasing cross-channel fraud attacks, and where are they making their biggest investments to enhance authentication for online and mobile banking?

See Also: New OnDemand | Reacting with Split-Second Agility to Prevent Software Supply Chain Breaches

These are just two of the questions posed by our annual Faces of Fraud Survey, which we just launched. If you have not yet responded to this survey, please take a few moments to participate: 2013 Faces of Fraud: The Threat Evolution.

The cybersecurity landscape has changed quite a bit since we polled our readership in 2012. This time around, we're eager to see how banking institutions such as yours have responded to some of the emerging and evolving threats.

Over the past 12 to 18 months, we've seen U.S. financial institutions make strides toward conformance with the Federal Financial Institutions Examination Council's updated authentication guidelines for online banking transactions, issued in June 2011.

But we've also seen the emergence of customized online banking Trojans, such as Citadel and Bugat, which are attacking both desktops and mobile devices. Phishing schemes have continued to grow in number and sophistication, and as researcher Daniel Cohen of security firm RSA recently noted, they are expected to hit all-time highs in 2013 and 2014.

"Today a lot of banks will use a second factor out-of-band/SMS authentication, and the bad guys are trying to get around that," by developing mobile malware counterparts, Cohen says during a recent interview with BankInfoSecurity. "They [the Trojans] manage to get on your mobile device, and basically sniff your SMS stream. ... Any kind of authentication code that you get from the bank is being picked up by this malware and then forwarded to the bad guy, so that he can complete the fraudulent transfer. And we're seeing more and more of that."

Let's also not forget the ever-increasing card fraud risks we've seen affecting banking institutions and payments processors around the world. Malware attacks aimed at retailers' point-of-sale systems and networks played lead roles in the card compromises that this winter and spring affected Bashas' Family of Stores and Schnuck Markets.

ATM cash-out schemes, too, got renewed attention in mid-2013, as card brands warned issuers these attacks are becoming more prevalent.

Federal authorities' recent takedown of another cash-out scheme only reiterates how prevalent these global cyberheist attacks have become.

So, how are banking institutions expected to react as they take steps to curb payments and ATM-related fraud through enhanced transaction monitoring and migrations to stronger card technologies, such as EMV?

That's what we want to know.

We're also asking survey respondents to tell us about improvements they've made in fraud prevention and detection, and how those improvements have helped to reduce losses linked to ACH/wire fraud.

I encourage you to take a few moments to respond to this important survey now: 2013 Faces of Fraud: The Threat Evolution.

And be sure to look for our forthcoming in-depth coverage of the survey's findings.

About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.