Light Dark
February 22, 2017 By Assaf Regev 2 min read
Fraud Protection
Artificial Intelligence

Fighting Fraud With Adaptive Security

The “2017 Identity Fraud Study” by Javelin Strategy & Research revealed that the number of identity fraud victims has increased by 16 percent, rising to 15.4 million U.S. consumers.

The study also found that despite the ongoing efforts to prevent these breaches, fraudsters were able to steal a total amount of $16 billion last year, up $1 billion or 6.67 percent from 2015. One interesting example is the resurrection of account takeover (ATO) attacks, which rose 61 percent to $2.3 billion in total losses, marking a major comeback since the 2015 report.

All in all, 2016 was a very successful year for cybercriminals, who largely abandoned areas with heightened security in favor of less fashionable techniques such as card-not-present (CNP) fraud and successfully exploited the path of least resistance.

A Swinging Trapeze Act

With a growing number of digital interactions and the variety of new malware configurations released on a daily basis, keeping up with the countless trends can feel like a swinging trapeze act, one that requires continuous training, split-second timing and teamwork.

Organizations are required to securely manage digital identities. This poses a dilemma: How can IT teams provide a seamless experience to real customers while maintaining cybersecurity mechanisms to keep fraudulent activity out?

On the one hand, the growing number and variety of daily events requires substantial manual analysis, which can force the organization to increase its security team’s headcount. On the other hand, successfully verifying digital identities sometimes incurs additional security measures, which may ultimately have a negative impact on the customer experience and overall usability.

Using Adaptive Security as a Safety Net

In the early days of the circus, flying trapeze acts often performed without safety nets or were pulled in during high-risk maneuvers. Nowadays, IT leaders must provide a safety net to end users in the form of adaptable security measures across various stages of the digital journey.

The key lies in the organization’s ability to protect itself and its customers in a constantly changing risk environment while leveraging adaptive security and intelligence mechanisms. Just as not all trapeze artists agree on taking the same risks, financial organizations often have differing levels of risk tolerance.

https://www.youtube.com/watch?v=cUdZPSvK0LA&feature=youtu.be

IBM Trusteer leverages cognitive fraud detection across different security layers to identify and analyze large amounts of previously untapped unstructured data. By using machine learning, statistical analysis, graph analysis and more, IBM Trusteer continuously analyzes banking sessions while comparing them against previously analyzed patterns. This means that organizations can now make use of these adaptive security measures to further improve customers’ online experience.

Learn more about how Cognitive fraud detection fuels adaptable intelligence

 |  |  |  |  |  |  | 
Assaf Regev

More from Fraud Protection
July 25, 2024

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

March 13, 2024

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

March 7, 2024

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature