Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

HOW FINANCIAL SERVICES CAN FIGHT PHISHING ATTACKS

HOW FINANCIAL SERVICES CAN FIGHT PHISHING ATTACKS

Craig Riegelhaupt, Director, Product Marketing, Mobile Solutions at Tangoe 

Every organisation has been exposed to mobile malware at some point, as it is a lot more common than most will admit. However, for financial service firms, the increasing adoption of mobile technology to enhance their customers’ experiences and empower their employees means that they will encounter these issues more than some other verticals.

Craig Riegelhaupt

Craig Riegelhaupt

A recent report shows just how serious these attacks have become, with an average of 54 malware attempts per company over the course of a year, the numbers are excepted to rise. Yet, the attacks are not random.Based on research from PhishingLabs, financial services is the number one industry that receives most attacks, which makes sense if you think about what is at risk. While the overall phishing attack volume grew 41% between the first and second quarters of this year, the financial industry was the largest target, making up 33% of all phishing threats between April and June of 2017.

Phishing through mobile devices

No one can deny that we use our mobile device very differently from any other type of technology.Mobile phones feel more personal in nature than computers or even tablets do, whether they are personal or corporate owned. As a result, phones are better trusted, which makes them a natural breeding ground for phishing attacks.

Additionally, alongside the changes in how people use their devices, mobile web traffic has increased in volume in comparison to web traffic to desktops. It is not surprising that mobile phishing attacks are the biggest security risk to financial services going into 2018.  As indicated by a report from Wandera, 85% of organisations have suffered phishing attacks whether they were aware of it or not, with increased mobile access to social media accounts being one of the major factors.

Organisations have been caught somewhat blind due to the focus on preventing traditional computer email phishing, and are leaving their organisations open to mobile phishing, which is often much harder to detect. Another statistic by Wandera has 81% of phishing attacks that occur on a mobile taking place outside of email.

While email phishing attacks are still very common, it is not the primary phishing technique used for mobile. In early November, there was an attack campaign targeting Android users in Austria using three different techniques: a web page, app overlay and credit card phishing screen. As well as social media, gaming, direct text messages and missed call scams are also prevalent and growing. Research from Proofpoint has shown over a 500% increase in social media phishing attacks in 2016, but the majority (more than 25%) still stem from gaming domains.

Prevention is better than cure: getting ahead of the phishers

Phishing, Smishing and other types of Malware are not going anywhere and the risks are only going to rise as mobile becomes a primary device for employees. Therefore, financial services firms need to get ahead of the issue rather than responding to the threat once it is inside their network.

To avoid these types of attacks, the first step IT teams need to take is to identify the types of threats they could be faced with. This is a difficult exercise as scammers are constantly changing their approaches to reduce the chance of detection. Providing up to date training, not only for security teams but also for the broader workforce on the latest phishing techniques is the best way for preventing an infection, once the threats are known. Although no one can prevent the attacks, all organisations can put training in place to prevent a successful breach.

For example, end-users should only access accounts directly from the source site and never from a text message – whether that message looks legitimate or not. Accounts should also be checked on a regular basis.  Stagnant accounts are a key tool for phishing legitimacy.  If you or your end-users are not keeping accounts up to date, there is a good chance someone else is using them to reach out to your company’s contact list.

It is important that any training also provides an easy feedback loop. By training employees in what to look out for, they can also become your first line of defence by reporting on any suspicious emails, texts, links and contacts. One of the key identifiers is still the generic introduction: “Dear Customer.” Train your employees to report back on these communications and you will be well on your way to preventing an attack.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post