Gary Newe, technical director, F5 Networks
Last month, industry watchdog, Financial Fraud Action UK released some worrying figures about how online banking fraud has increased by 71% over the past year. Phishing attacks are amongst the most common type of fraud threat that retail banks defend against. The sophistication of this attack type continues to grow, targeting specific individuals and creating the impression of a credible organisation to enable attackers to gain access to bank accounts, credit card information, or business systems.
Getting back to basics
Whilst banks and financial institutions do their upmost to protect their customers, consumers do have a responsibility in the information they share. You are accountable for your own data and need to be careful what you do with it, how you share it and where you store it. As we become more skilled at integrating technology into our lives, it’s easy to forget some of the more basic security measures. Easy tips such as updating your anti-virus software on your computer, blocking spam email and using up to date applications (such as your web browser) can help prevent online fraud.
Technology has also enabled the growth and prevalence of online fraud. For today’s fraud perpetrator, all you need is a laptop, internet connection and some knowledge of how to operate phishing emails. More alarmingly, most people would be surprised by the amount of social forums where fraud tips are actively shared across the online community. But on the flipside, technology is also at the heart of modern customer service for banks. Financial institutions need to authenticate consumers in non-face-to-face channels to provide them with the level of online customer experience they demand,
Staying one step ahead
So how can banks (and consumers) ensure that they can make the most of what technology has to offer without opening up to threats? To overcome this problem, financial institutions can introduce some security measures that don’t rely on customers putting a piece of security software on their devices. There are many solutions available to banks that allow them to detect phishing attacks earlier and shut down phishing proxies even before convincing emails are sent to customers.
These products are specifically designed to go beyond recommended security measures to analyse user behaviour, identify infected users or devices and encrypt information at the app layer. Financial institutions can gain an added layer of protection that more effectively identifies, scores and alerts of potential malware, while ensuring any information intercepted is render useless by an attacker.
Online bank fraud is a very real threat costing financial institutions billions of pounds a year. And this is just today’s picture. If companies do not try and get a better understanding of this new type of fraud and what can be done to tackle it, the financial services industry could end up losing out. Therefore it’s up to the financial institutions and consumers to work in tandem to prevent fraud and put in place the appropriate security measures.