Online fraud and how to prevent it


From debilitating online attacks on major corporate websites to data breaches designed to influence elections, cybercrime has dominated the headlines in 2016. Threats and attacks are becoming more frequent, more sophisticated, and more effective every day.

They are also becoming more profitable for the cybercriminals. Today’s global cybercrime is big business. Attacks currently account for more than $400 billion in financial losses annually.

Cybercrime business

In fact, cybercrime is now the second fastest growing global economic sector and is on track to be the most lucrative soon. From the perspective of organizations that are the victims, cybercrime results in huge losses. Experts predict that annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021.

Most common online fraud attacks

There are two main ways cybercriminals are able to gather customer data. First, they can redirect customers to fraudulent bank sites. Second, they can inject malware into customers’ systems which changes the behavior of the legitimate site to facilitate the cybercrime.

online fraud prevention, phishing and malware detection

In the first type of attack, fraudsters will clone a legitimate bank site and create a fake one that directs customer traffic to the malicious servers. This is done through:

  • Phishing schemes, where customers open up a malicious email that appears to be from a bank or business and click a link that directs them to a cloned impostor site. Typically, such emails mimic the design (logo, signature, etc.) used by the bank (or store) to communicate with you regularly.
  • Pharming attacks that trick the domain name server to redirect a user (who has typed in the correct address) to the impostor site. Once the customer reaches the cloned site, cybercriminals can either steal from them, copy their login credentials for future theft, or use them as “mules” to unwittingly transfer money or data from the bank to the malicious servers.

Other types of cybercrime, such as man-in-the-browser (MITB) attacks, infect a customer’ device and are triggered when a particular site is visited through the browser. These attacks inject malware code designed to compromise interactions on the legitimate bank sites.

Conclusion

As malicious hackers become increasingly savvy and greedy, it’s more important than ever for banks and other organizations to reassure customers that their data and assets are safe in order to protect their customers and avoid a bad reputation.

That´s why buguroo has developed a next generation online fraud solution. bugFraud provides a new level of transaction security, protecting organizations and their online customers from all types of attacks and fraudulent schemes.

Unlike current signature-based solutions, bugFraud relies on signature-less technology generating custom countermeasures in real time, using a proprietary pattern similarity-based mechanism that can detect new malware campaigns that interact with the victim’s browser like MITB threats, regardless of whether or not the interaction matches a known malware signature.

Posted by Jose Carlos Corrales

José has a track record of more than 10 years in the different areas of cybersecurity, boasting experience in managed security services, anti-fraud services, reverse engineering, malware analysis and many others, working as a middle manager, a project manager and a presales engineer in companies such as Telefónica and Deloitte, mainly in banking customers. He currently analyses the market to detect new functionalities that ensure our solution stays on the cutting-edge of anti-fraud and serves to solve our customers’ present problems.

Did you like it? Share in your social communities

 
We recommend you...

What did you think about this topic?

Leave your comments

 

Need to reduce fraud in your online banking?

Discover our holistic vision applied to online detection

Request demo