Cyber financial fraud in the shadows

December 1, 2022 BDO CANADA

Organizations in the financial services industry are actively being targeted by threat actors who leverage customer information to steal profiles, drain funds, and commit identity fraud. This exploitation isn't limited to big banks or those dealing with credit card theft. It's happening pervasively in corners not previously considered a prime target.

Organizations are being attacked at an increasing frequency and seldom realizing the impact until a substantial amount of funds have been drained from accounts. In this case, it is an increase in exploitation against applications designed to help customers track down lost or forgotten financial assets. While not perceived to be as intense or high stakes as an application supporting daily banking, these applications coming under attack host equally lucrative information as a bank and pose similar risk to the organization. Although there are smaller dollar amounts per transaction, the volume of transactions provides adversaries an opportunity to make out with millions of dollars in stolen funds.

The primary target is webpages that allow for account information or profile information lookup. This is where users could enter personal information to see if there is a record match inside the application. Upon successfully matching datapoints such as first and last name, social security number, insurance number, or date of birth, users are then offered an opportunity to re-claim their financial profile.

For attackers, this kind of profile lookup page is ideal. By leveraging bots, they can easily perform reconnaissance and build a list of targets in a matter of seconds providing the adversary with a targeted and confirmed list of accounts to compromise.

There are many situations where threat actors can target your data. Here are some examples:

What can these types of organizations do to reduce their risk?

  1. Establish cybersecurity assessments of your applications by prioritizing security around profile lookups and logins. Consider technical vulnerabilities alongside potential flaws in business logic.
  2. Establish a contemporary security posture with revised technology and processes to counter botnets from the perimeter through to monetization.
  3. Employ digital risk protection capabilities like cyber threat intelligence to monitor criminal forums and marketplaces for activity concerning the organization or its customers.
  4. Improve your incident detection, management, and response process to ensure rapid detection, containment, and recovery from botnet exploitation.

BDO can help you achieve peace of mind knowing that your organization is far less vulnerable and more resilient to this lurking and pervasive threat. We can help you build detection capabilities, and model scenarios for early detection before funds are drained.

Have questions? Contact us for more information or for a risk assessment with our industry experts.

Rocco Galletto
Rob Philpotts
Dishank Rustogi
Sacha Blasiak-Priestley
Mark Zuzarte

Previous Article
What the future of financial services looks like; AI-powered, data-driven, and risk-managed
What the future of financial services looks like; AI-powered, data-driven, and risk-managed

Learn how six data and AI trends will shape the future of financial services, according to BDO Canada’s lea...

Next Article
White paper – A cybersecurity modern approach
White paper – A cybersecurity modern approach

This white paper explains how evolving technologies and smart processes pave the way for cybersecurity capa...