April 17, 2017 By Steven D'Alfonso 2 min read

Have you ever been phished? Would you know the difference between a phishing website and your bank’s legitimate website? We all hope we could identify the difference between our financial institution’s domain and a phony one. However, statistics indicate that 30 percent of phishing emails are opened. To make matters worse, more than 400,000 fraudulent sites were visited each month and more than 13,000 new phishing sites cropped up daily in 2016. Based on an internal study, IBM researchers determined that 70 percent of credentials are collected within the first hour of a phishing attack.

It is no secret that cybercriminals are dynamic in their attack methods. In the last decade, phishing has undergone a profound transformation, and fraudsters have developed sophisticated tools to gain access to unsuspecting victims’ banking information through fake emails and websites. These advanced tactics and compelling lures trick a large number of people who land on these pages. Victims often inadvertently disclose their login credentials or payment card information, making phishing a lucrative pursuit for cybercriminals.

Phishing in Troubled Waters

Financial institutions aim to keep all their customers’ information and funds safe from fraud. They often have multiple security systems, external services, and internal fraud and security teams. However, phishing attacks occur outside of online banking sessions. Most banks use phishing takedown services to try to keep pace with the growing number of attacks, but these services, while effective in taking down the threat, may take hours or days. By then, it is often too late.

Read the white paper: Adapt to new phishing threats and assess websites automatically

IBM Trusteer’s new cognitive approach, developed by IBM Trusteer Research and the IBM Cyber Security Center of Excellence at Ben-Gurion University, Israel, is incorporated in IBM Trusteer Rapport using patented machine learning and advanced analytics to monitor unstructured website data including links, images, forms, text, scripts, document object model (DOM) data, URLs and more. Sophisticated algorithms evaluate many variables, generate highly accurate threat scores that indicate which brands are under attack and separate legitimate sites from phishing traps.

Additionally, the technology learns with each interaction, giving it the ability to keep up even as phishing tactics change. When you add these new and robust features to existing analytics and other global security intelligence data, IBM Trusteer Rapport can help financial institutions protect their customers like never before.

Reel In Phishing Attacks With IBM Trusteer

But detecting a phishing site is only half the battle. When the IBM Trusteer Rapport solution identifies a suspicious site, it can rapidly notify or block the end user to help prevent the theft of credentials and payment card data.

Traditional anti-phishing takedown services are generally unable to shut a site down before it infects others, since it only takes about 82 seconds from the moment phishing attacks are launched for the first person to fall victim. Furthermore, phishing sites have a median uptime of 10 hours.

By combining machine learning and advanced phishing detection capabilities with client-based fraud protection, IBM offers a huge leap forward in the area of fraud prevention. Due to its advanced capabilities, IBM Trusteer Rapport continuously learns so it can adjust accordingly when cybercriminals change their attack methods.

There’s an easier, faster and more effective way to combat financial fraud due to phishing. To learn more about IBM Trusteer Rapport’s phishing detection solution, please contact your IBM representative or IBM Business Partner, or download the white paper, “Adapt to New Phishing Threats and Assess Websites Automatically.”

More from Fraud Protection

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today