The Digital Threat to Finance Organisations
Financial organisations are expanding their online presence across web, mobile, and social channels at a pace that is unprecedented. Overall this is great, as it provides increased access for customers and levels the playing field by allowing organisations of all sizes to broaden their reach and cut costs. However, this expanding digital presence also comes […]
Financial organisations are expanding their online presence across web, mobile, and social channels at a pace that is unprecedented. Overall this is great, as it provides increased access for customers and levels the playing field by allowing organisations of all sizes to broaden their reach and cut costs. However, this expanding digital presence also comes with increased risks, as it enlarges the attack surface that can be exploited by cybercriminals and increases the number of legitimate digital channels they can impersonate to dupe customers. To this last point we are seeing increasingly creative ways of leveraging digital brands to target organisations and their customers.
The threat of brand impersonation
Organisations can no longer afford to ignore any of their digital channels as an opportunity for brand impersonation; domain infringement, phishing, rogue mobile apps and fake social media accounts all form part of the adversary’s arsenal. As it goes, financial organisations are especially vulnerable – our recent report**, which details trends in phishing activity, revealed that financial institutions are almost always the target of the highest volume of attacks – capturing 40% of all phished brands.
Cybercriminals continually adapt their tactics in an effort to stay ahead of recent developments in the cybersecurity industry. Many are currently exploiting the interconnectivity of today’s digital world to maximise their reach through multiple channels to conduct fraud, distribute malware and carry out other abusive activities. That finance organisations get targeted so often is no surprise. Not only does the sensitive and valuable nature of the data that they are entrusted with naturally attract malicious actors, but since many companies operate in multiple countries they also tend to lack visibility across all their digital assets and find it difficult to react quickly to potential brand impersonation threats. More often than not, significant numbers of customers end up getting scammed before social threats are identified and properly remediated.
A recent example of this is the phishing campaign observed during TSB’s recent IT meltdown – during which the bank itself warned customers about fraudsters posing as TSB and attempting to trick people into handing over sensitive information in order to steal their money. Mitigating against these types of threats should be a top priority for organisations across the finance sector.
Security and fraud prevention strategies
The nature of targeted attacks has changed. Not only are we seeing a multi-channel approach from malicious actors, the short duration of many of these campaigns makes them difficult to detect and respond to. For example, it’s not uncommon to see phishing campaigns that last less than a day. Identifying potentially infringing digital assets across the vastness of the Internet in a timely manner requires internet scale automation and sophisticated machine learning to be effective.
Maintaining up-to-date asset inventories across web, mobile and social platforms enables security teams to quickly distinguish fake domains, web pages, mobile apps and social accounts from legitimate ones that may belong to different parts of the organisation. Today it is quite common for corporate IT and security teams to lack visibility into as much as 30 % of their organisation’s publicly exposed digital assets.
Once an infringing asset has been identified, organisations need to ability to quickly respond, no small challenge given the number of domain registrars, hosting providers, mobile app stores and social media platforms there are to deal with. Automation can play a key role here in sending out legal notices, monitoring responses and escalating when necessary. Once taken down, automation can continue to monitor for the reappearance of offending assets.
To benefit from these advances, financial organisations will need to adopt new technologies and modify working practices. Many have already established dedicated external threat management teams that work alongside other security teams to ensure that the organisation has a holistic view of threats, both within their corporate networks and out on the open Internet.
When it comes down to it, customers entrust financial organisations with highly valuable and personally identifiable data and ensuring that they continue to do so requires there to be a high level of trust in the organisation’s brand. Counteracting brand-related threats is therefore key to any organisation that wishes grow its customer base going forward.