Banks must learn more about customers than cyber-crims can: ThreatMetrix

Financial institutions must get more proactive about collecting data on customers' digital behaviour to fight financial losses through criminals' growing use of cross-channel fraud, ThreatMetrix has warned.

Citing the increasing use of man-in-the-middle, Web-injection attacks like Ramnit to inject fraudulent messages and fields into online Web forms, ThreatMetrix warned that such compromises were facilitating the theft of funds from online banking accounts using a range of cross-channel compromises.

Cross-channel attacks are continuing to be effective because many banks are offering a broader range of customer self-service capabilities but have still failed to integrate the different systems supporting the various customer contact channels they offer – meaning that there is no way to detect and correlate suspicious behaviour across these channels.

“In an effort to accommodate customer demands for speed and convenience, banks rely heavily on information technology capabilities where automated processes use rules to validate a person's identity and approve a transaction,” the company warns in research highlighting the company's analysis of customers' transactional information.

ThreatMetrix outlines a scenario in which a cyber-criminal plants a Trojan using a targeted spearphishing attack, planting malware that steals the user's email ID and password. This information is then used to log in and check on the user's activity, with social-media research used to collect personal information about the victim.

Phone calls to the bank allow the perpetrator to offer correct responses to the bank's challenge/response questions – paving the way for full online access to be granted, a new account to be created online, and money transferred from the victim's account into the new account.

Because many of these steps have been automated in the name of efficiency, gaps in the bank's security profile leave many institutions exposed to cross-channel attacks.

“If a security breach occurs, forensic research focuses only on the point of failure, not the interactions leading up to it,” the report warns. “If a cybercriminal successfully penetrates one channel, the smart thief can then navigate through other channels without setting off any security alarms.”

Such risks, ThreatMetrix warns, highlight the importance of developing security analytics capabilities that span all customer-facing channels rather than treating Web, mobile, contact centre and branch processes as completely separate entities.

The key to preventing this, the report advises, is for banks to leverage analytics capabilities to “One key way to stop cross-channel fraud is for a bank to have a more complete profile of their customer than a cybercrook could possibly obtain,” it continues.

This involves the use of analytics to understand each customer's online behaviour over time, where they are likely to be located, what devices they use, and what activities they normally execute.

“As fraud patterns get more sophisticated and cross more organisational silos,” says CTO Andreas Baumhof, “banks need to invest in integrated analytics as well as traditional channel security.”

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags ThreatMetrixcyber crime

More about CSO

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts