I am often asked why clients should invest in cyber fraud protection when fraud losses are “under control.” In fact, some clients will invest in cyber fraud protection beyond the fraud losses they attribute to the online channel. The reason is that the impact of fraud goes far beyond actual money lost. Fraud compromises customers’ identities and assets, overloads the enterprise’s internal resources and could ultimately hurt the brand and lead to customer churn. In the simplest sense, forward-thinking enterprises see taking extra measures to secure assets held in their care as a key part of their commitment to customers.

What are the business drivers for fraud protection? In this article, I will explore online (cyber) channel fraud that impacts the primary way customers transact with financial, health care, retail and government organizations. The examples herein will focus on the banking industry.

Cross-Channel Fraud Losses (or the Link Between Online and Offline Fraud)

Our increasingly online lives enable criminals to use technology to steal our credentials and personal data to take over our accounts, often via phishing and malware, resulting in fraudulent transactions. But criminals can also harvest critical information that enables cross-channel fraud, such as check and phone fraud. Criminals no longer need your purse or wallet to know “you;” they simply use information stolen from online systems, such as social security numbers, addresses, phone numbers and check images, to authenticate themselves as their victims and act on their behalf. While this activity isn’t “online,” the online channel makes this information more accessible than ever before.

Fraud Protection Costs (or Who Needs This Headache?)

To deal with fraudulent activity, an enterprise must set up an elaborate process across customer relationship managers, technical support, fraud analysts and criminal investigators. When suspicious activity is detected — often by anxious customers — a deep analysis is required to determine the cause and nature of the incident. Bank personnel immediately engage in attempts to recover the stolen funds, and customer support staff need to work with the victim to restore access to banking services when the customer environment (computer, mobile device and network) is deemed safe. If this sounds like a lot of effort, that’s because it is.

Legal and Regulatory Exposure (or Keep Our Name Out of the Newspaper)

In many cases, fraud is initiated on the end-user device due to less-than-adequate security employed by the victim. U.S. regulators required banks to compensate retail customers for fraud losses no matter how negligent the customer was, however; this is different in other parts of the world, especially in Europe. When corporate customers are involved, there is no legal obligation for a full refund of fraud losses. The law has chosen to view both parties in the case as capable of taking measures to prevent fraud. In some fraud cases, banks choose to go to court with customers over the extent of the refund. No matter the outcome, such publicity, expense and distraction isn’t good for business. Ultimately, some banks have chosen to require business customers to deploy anti-fraud measures on their devices to be granted access to online banking services. This reduces the likelihood of these damaging scenarios playing out.

Brand Impact and Customer Churn (or Customers Can Get Really Upset)

Clients experiencing fraud could lose trust in the enterprise security, even for no good reason. If losses are not fully covered, litigation and bad PR can follow. Even at a smaller scale, fraud incidents are shared by unhappy customers on social networks. All of this “collateral damage” can impact the enterprise brand and lead to customer churn. Fraudulent activity also invites deeper regulatory scrutiny on processes and procedures that further distracts line of business and IT resources.

For all of the above reasons, many clients take the ‘an ounce of prevention is better than a pound of cure’ approach. Clients deploy a layered defense that prevents the initiation of fraudulent activity (described in this article as “offensive” measures) as well as a robust back-end process to quickly address fraudulent activity (described in this article as “defensive” measures). Such approaches will harden enterprise fraud defenses and reduce the tangible and intangible costs of fraud.

More from Banking & Finance

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today