Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Finance > EMEA FINANCIAL SERVICES ORGANISATIONS HIT BY GROWING WEB FRAUD THREATS – WHAT CAN BE DONE?

EMEA FINANCIAL SERVICES ORGANISATIONS HIT BY GROWING WEB FRAUD THREATS – WHAT CAN BE DONE?

Published by Gbaf News

Posted on July 18, 2015

4 min read

Last updated: January 22, 2026

protection zkUfDwDO

By Gary Newe, Technical Director, F5 Networks

Securing organisations against an evolving range of online threats is a requirement in today’s market. But businesses in all sectors are still struggling to protect themselves from the range of potential attack vectors. In particular, financial services organisations across EMEA are increasingly exposed to and concerned about the rising menace of web fraud threats. Our insights are drawn from a survey of more than a hundred IT decision-makers at financial services organisations across EMEA with more than 250 employees[1], which revealed that almost half of those surveyed have experienced notable financial losses in the past two years due to web fraud threats.

Financial institutions have the most high-profile, high-value assets on the internet: millions of bank accounts. The global nature of the internet means that these assets attract ambitious attackers from all around the world. Web fraud is where financial services institutions have customer or financial data compromised by means across the internet, such as phishing attacks, man-in-the-middle attacks or other Trojan-based activities such as web injections. These types of threats have been in the market for a number of years now but, as customers increasingly use online and mobile applications to manage their finances, the opportunities for attacks from hackers are also on the increase.

In the report, IT decision-makers revealed how they constantly face significant financial and reputational hits due to malware, phishing, credential grabbing and session hijacking attacks. For those responsible for protecting these financial organisations, the range of threats and the speed at which they are evolving can seem like an impossible task to counter.

Damage has already been done. The survey found that 48% of organisations had experienced financial losses between £50,000 and £500,000 stemming from online fraud within the last two years. A further 9% forfeited more than £500,000 and 3% over £1m. A significant 73% cited reputational damage as the main concern for such attacks, whereas 72% feared loss of revenue and the burden of requirements to conduct extensive security audits. Certainly we’ve seen a number of high profile hacking attacks at UK and international financial organisations in recent years, with varying degrees of success, but the reality is that most consumers will simply recognise that their bank may have lost their sensitive information, undermining the relationship with reputation damage and potentially causing lost business as consumers switch providers.

Historically, enforcing web application security and compliance policies across a variety of traditional and cloud environments has meant greater complexity, security gaps, and higher costs. As a result, a number of organisations chose to sideline protection for their businesses. The reality is that this is no longer the case and businesses must prioritise their security processes to ensure that they have measures in place to protect against all forms of attack. With the introduction of security tools available as-a-service, organisations are also in a position to benefit from tools which are updated regularly, to support them against the latest wave of threats and whatever format they may take. Once a time consuming and costly task, these types of services are also now available without lengthy implementations or significant cost investment.

For those looking to protect themselves, one of the challenges historically has also been in presenting security as a priority to the wider business, not only in securing sign off for any investment required, but also in educating employees as to how to best protect the business. With recent experiences in the sector, these conversations are increasingly coming to the fore and those responsible for implementing tools to protect the business must ensure that they have the most appropriate tools in place for their workforce and customers.

Whether it is phishing attacks, Man-In-The-Middle, Man-In-The-Browser or other Trojan-based activities such as web injections, form hijackings, page modifications and transaction modifications, the dangers of web fraud are unavoidable and extensive for many organisations. More than ever before, it is vital to understand the nature of the threats and to implement solutions that eliminate attacks before they do real damage. Those that get it right will be rewarded with customer loyalty and profit. Those that don’t risk incurring the very thing that they are most concerned about: damage to their reputation and, ultimately, a negative impact on the bottom line.

[1]Survey conducted by IDG Connect (www.idgconnect.com) with more than 100 IT decision-makers at financial services organizations with more than 250 employees. The survey captures responses from the UK, France, Germany, Italy, Spain, Netherlands, Sweden, Poland, the UAE and Saudi Arabia