Catch Criminals Before the Damage is Done - Mitigating Account Takeovers
Online account takeover occurs when an unauthorized party gains access to an existing bank account by stealing the access credentials and is followed almost invariably by the illegal movements of funds. In today's increasingly connected world, the growth in connectivity, convenience, speed, technology adoption, and payment options allows people and businesses to conduct online financial activities more easily and efficiently. Consequently, fraudsters have developed the means to take advantage of this burgeoning attack surface through the increased use of smartphones to access the internet, malicious malware, socially engineered account takeovers, and other means. As we become more connected, attacks are becoming more sophisticated.
See Also: The View from Inside: Intelligence-Driven Approaches to Cyber Detection of 'Unknown Unknowns'
Learn how to defend yourself in this rapidly evolving digital world. Register for this round-table discussion and learn first-hand from M&T Bank, Aite Group and RSA Silver Tail:
- The global economic impact of account takeover in the next five years
- The most effective way to respond to Man-in-the-Middle and other account takeover attacks
- How financial institutions are detecting customers from criminals with leading edge technology solutions
The total number of Account Takeover attempts reported by financial institutions has more than tripled since 2009, according to the Financial Services Information Sharing and Analysis Center. Moreover, global losses from account takeover are expected to reach $794 million by 2016. Not only are incidents of account takeover are on the rise; they are also increasing in frequency and scope.
Anatomy of an attack
Thieves steal online banking credentials to access a customer's account and conduct unauthorized transactions, change contact information and gather information on the account's history to commit other crimes. Cyber thieves target employees and businesses of all sizes through phishing and socially engineered attacks with the goal of enticing them to download and spread malware that will allow unauthorized access to financial accounts and other sensitive information.
A complete solution set requires a multi-layered approach that prioritizes behavioral analytics, authentication and anomaly detection. Additionally, financial institutions must protect themselves by investing in the right technology, developing a plan to remediate threats, and also educating their clients about the risks associated with account takeover.
- Julie Conroy, Research Director at Aite Group
- Matthew Speare, SVP, Information Security at M&T Bank
- Jason Sloderbeck, Director of Product Management at RSA Silver Tail
You might also be interested in …