Taming Digital Risk with Managed Services
Eric Kraus | Vice President and General Manager of Fraud, Risk and Compliance, FIS
October 10, 2019
Financial service providers invest to improve customers experiences through engagement on social media and digital platforms to promote solutions, extend new services, provide servicing and more. But along with increased digital engagement come new risks as fraudsters shift their attacks to digital theft of customer data, financial fraud and social engineering scams. Unfortunately, education only goes so far in protecting customers, and sometimes employees, from increasingly sophisticated threats
Digital fraud attacks at epidemic proportions
Numerous password breaches have perpetrated fraud-as-a-service schemes enabling nearly anyone with bad intent to enter the arena. Key threats in 2019 include digital fraud, social media scams and phishing attacks.
Startling statistics from RSA underscore the rapid rise in cyber fraud:
- Phishing accounted for the largest share of fraud attacks – 37 percent – in the first half of 2019 and increased by 6 percent year-over-year. Phishing attacks enable financial fraud and erode trust as fraudsters continue to gain expertise in mimicking legitimate communications. They rely heavily on impersonation of trusted individuals such as a company executive or a trusted brand such as your financial institution to make attacks look authentic.
- Accounting for 29 percent of fraud attacks, fraud from rogue mobile apps soared 191 percent year-over-year while fraud attacks from financial malware increased 80 percent and social media attacks rose 37 percent in the first half of 2019.
- Forty-seven percent of card-not-present (CNP) fraud originated from the mobile channel in Q:2 with the average value of a CNP fraud transaction in the United States at $352.
The fallout from cyber fraud for institutions can be devastating and result in loss of data, customer trust, reputation and revenue as well as incurring compliance violations. In a study on the psychology of waiting, 61 percent of respondents said they would leave their bank if the financial institution failed to report a fraudulent charge before they did.
The urgency to reverse the tide
Rapid detection of a digital attack or identification of information leaked across social media or the deep and dark web translates to reduced monetary loss exposure and hours saved for both consumers and fraud investigators.
Actions required to reverse the rising tide of digital fraud include:
- Identifying threats during the attack planning stage via visibility into digital channels where attackers congregate and gather intelligence on threats. Such channels include: social media, domain registries, email and Slack, mobile app stores and the deep and dark web.
- Determining where to focus protection – brand, products, executives, financial accounts, payment cards, other monetary assets, for example.
- Creating a plan for remediation services that quickly inform customers of digital threats and remove them.
Few financial service providers have sufficient resources to accomplish these tasks. However, new managed services such as the Digital Risk Protection Platform will monitor activity across digital channels to identify risk, protect an institution and its customers and remediate threats. When your institution is ready to evaluate managed services for digital risk mitigation, look for:
- A secure web browser-based monitoring platform for a wide range of digital channels
- Complete digital visibility and protection
- Digital visibility into threats outside of the institution’s firewall
- An option to customize your list of assets under protection
- Automated email alerts when a risk to a protected asset is presented on social or digital channels
- 24/7 access
- Remediation to remove threats