Intsights, a cybersecurity company that provides tailored threat intelligence and automated security action, has released a new report about online fraud in the banking and financial services sector.
The report, “Banking and Financial Services: Cyber Threat Landscape,” shares original research the company conducted into the tactics cyber criminals, laying out how cyber thieves currently attempt to infiltrate the corporate defense networks of banks and other financial institutions.
“[These] cybercriminals are after the substantial financial assets each bank or financial institution is responsible for, but data leaks can also provide them with customer information, records, and credentials that allow them to diversify their attacks and spread security teams thin,” the company states in the report.
The report reveals that financial services institutions were the target of 25% of all malware attacks in 2018, the highest percentage of 27 industries tracked. In addition, it discusses the implications of a number of other research findings, all of which show an unsettling trend of fraudsters enjoying increasing success at stealing the critical customer data stored by financial institutions.
The data points include:
- A 129% year-over-year increase in leaked credentials
- A 212% increase in leaked credit cards
- A 23% increase in released documents
Banking & Financial Services Fraud Trends
In addition to the data, the report also lists the most common types of fraud attacks – many of which are the same tactics used in a number of types of eCommerce fraud – experienced by the Banking and Financial Services sectors. Specifically, it singles out mobile application security as a critical point of concern where most institutions remain vulnerable.
“Most financial institutions build mobile applications to give customers access to their assets remotely,” the report states. “While such apps might appear to be secure on the surface, they are, in truth, vulnerable to sophisticated cyberattacks because they lack the security features necessary to protect users.”
To place the problem in context, the report discusses the methodology of a number of different “banking trojans” fraudsters currently use to commit their mobile attacks.
For institutions with an international presence, the research also lays out fraud trends in emerging markets, emphasizing the elevated risk for organizations in developing nations and laying out some of the fraudster methodologies they should watch for.