The Use of Offensive Tactics to Stop Fraud

Criminals engage organizations that manage customers’ assets in a “battle of wits”: They exploit technological and human weaknesses to commit financial crimes and fraud, leaving the organization and its customers holding the bag. A holistic approach to fraud protection should consider both offensive and defensive measures to combat criminals and fraud schemes. In part one of this two-part blog, we will explore the use of offensive tactics to stop fraud at the source.

 

Offense: Going for the Source of Fraudulent Transactions

The best way for a criminal to initiate a fraudulent transaction is in the shadow of a legitimate customer. This could be accomplished via a malware infection on a device that a legitimate customer uses to conduct business, a form filled with the victim’s stolen personal information or a phone call into an unsuspecting call center rep with the correct answers to security questions.

Seeing Fraud Coming Is Hard, but Preventing It from Taking Hold Is Harder

This is a pivotal moment in a fraud scheme. Preventing criminals from getting the fraud off the ground will reduce the amount of work needed to defend against fraud down the road. Delay would involve finding and verifying a fraudulent transaction among numerous genuine transactions.

Fraud protection at the source isn’t trivial because it is hard to consider all the possible ways in which fraudulent transactions can be created. It is even more difficult to extend the reach of the organization’s security measures in such a way that they can be present at the source of fraud. Thus, knowing a fraudulent transaction is coming is the next best thing.

Cyber Protection Is Key to Stopping Fraud at the Source

Customers can choose from many ways to engage the enterprise. The convenience and speed of online and mobile customer engagement channels has shifted a significant portion of offline customer activity to these channels. Also note the rapid adoption of online and mobile banking over the past few years.

With ease of use and convenience comes higher fraud risk, enabled by malware and phishing. These threats enable criminals to collect credentials and personal information and to operate undetected from customer devices. This data is used by criminals to operate in the “shadow” of the user when transacting across all channels.

Frustrate the Fraudsters by Making Fraud a Costly Endeavor

The organization can stop criminals from getting this valuable data by using a set of offensive measures, including malware and phishing protection, account takeover detection and more. Offense forces fraudsters to go back to the drawing board and change their tactics. This is costly and has real implications for their productivity. That said, offensive measures require up-to-date intelligence of criminal plans and tools. This evolving intelligence is essential to match their shifting tactics.

Fraud Protection: An Ounce of Offense Can Save You a Pound of Defense

Offense is a way to wreak havoc among cyber criminals. It reduces effective attack surface area and creates an early barrier that stops the attack before it reaches the enterprise back office. However, offense comes at a cost and requires highly flexible, intelligence-driven operations that can closely match criminals’ evasive maneuvers.

To create a truly holistic approach to fraud protection, strong offense must be complemented by effective defense. We will cover this in part two of this blog.

 

More from Banking & Finance

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today