The ability to visually see behavioral patterns within the Guardian Analytics solutions offers greater insight into normal session patterns and calls out the anomalies that may indicate fraudulent activity. While a failed login attempt may not seem like a major trigger into suspicious activity, it certainly should not be ignored.
As Same Day ACH offers a progressive step toward faster payments, there is a bigger question revolving around how this will change the dynamics of ACH frauds.
Just recently a customer of Guardian Analytics experienced a fraud case that mirrored the tech scam with one of their account holders. A victim received a call from a “Microsoft Technician” and asked if they could remote access into their system. Call it perfect timing for the criminal as the victim was in fact having computer issues and gave permission to the criminal. This gave the criminal access to place malware on the victim’s computer, and then later gain access to personal information which he used to login to the victim’s online banking account.
With online banking a user doesn’t interact with a bank employee in-person, a user is identified solely through a username and password. These credentials can be, and often are, easily stolen by fraudsters via various phishing and social engineering scams. Security analysts realize that every online session that uses the correct username/password combination cannot be blindly trusted, and there is a need to use additional attributes to verify that the session being conducted is in fact, by a legitimate user.
Banks concerned about the recent SWIFT breaches look to Guardian Analytics to immediately alert banks to suspected intrusions. In these intrusions, news reports detail the thieves obtained fraudulent user credentials and used them to submit fraudulent SWIFT messages that correspond to money transfers out of the bank. Further, the criminals used malware to mask their activities by inserting the Trojan into the PDF reader that validates the transaction – the rule based PDF reader verification was defeated by the criminals and could not detect the fraudulent transaction. The user credentials and rule based systems provided inadequate protection for the banks, as the criminals demonstrated.