Magazine Button
Experts explain how businesses can protect themselves from fraud

Experts explain how businesses can protect themselves from fraud

AnalysisEnterprise SecurityIndustry ExpertTop Stories

It’s International Fraud Awareness Week this week.

While the current COVID-19 crisis has brought many businesses and operations to a standstill, one area it hasn’t diminished is fraud. The sad truth is that fraudsters don’t stop their crimes because of a pandemic. In fact, they often seize the immense change that comes with an event like this to ramp up their activity – targeting individuals and businesses while they are at their most vulnerable and least protected.

In fact, recent data covering the first six months of 2020 showed that £208 million was stolen in reported ‘authorised push payment fraud’, where victims unwittingly send their money to a criminal-controlled account. Losses from Internet banking fraud, when a fraudster gains access to a customer’s bank account through online banking and makes an unauthorised transfer of money, jumped by 32% to £64.3 million, compared with the same period in 2019. These figures are what makes this year’s Fraud Awareness Week more important than ever before.

Five experts below explain what it means for the industry and how consumers and businesses can protect themselves from fraud.

Brett Beranek, VP & General Manager, Security and Biometrics at Nuance Communications, said: “This year’s International Fraud Awareness Week acts as a timely reminder to businesses and consumers alike that fraud prevention tools are no longer optional. From social engineering to email phishing and the creation of bogus websites, fraudsters are taking advantage of any lowered defences during our current pandemic. Now, more than ever, it is essential to look to experienced security and fraud solutions that demonstrate a strong track record of protection against cyberthreats.  

“Traditionally, we’ve relied on knowledge-based credentials to prove we are who we say we are – the use of names and addresses or passwords or PINs, for example. Yet these means of identification are even more susceptible to social engineering in today’s climate.

“Biometric technologies could provide an answer for organisations looking to keep malicious actors at bay and ensure the security of both their customers and employees. For example, voice biometrics are able to leverage more than 1,000 unique speech characteristics – from pronunciation to size and shape of your nasal passage. Meanwhile behavioural biometrics measure minute details – such as how a person holds their phone or even how they pause once they finish a task. Security systems that incorporate these authentication tools are considerably less susceptible to hacking. 

“When it comes to fraud, prevention is always better than a cure. Without question, businesses and consumers need to be one step ahead and education around the most effective security solutions – like biometrics – is key.”  

Petter Nylander, CEO at Besedo, said: “With time spent online during the pandemic hitting the highest levels on record according to Ofcom, and fraudsters continuously shifting and refining their scamming techniques, the urgency for marketplaces and online platforms to invest in protecting their users has never been more important.  

“The second wave of the pandemic, combined with the run up to Christmas, will almost certainly fuel a surge in activity on to the Internet once again. This year’s International Fraud Awareness Week acts as a reminder of the ever-changing fraud landscape and the importance of taking action now, as scammers’ methods grow more sophisticated by the day. Many marketplaces see an increase in fraudulent activity at this time of year, and our recent research revealed that 15% of ads related to some of the bestselling goods, across six popular UK online marketplaces were, in fact, scams.

“Businesses need effective solutions that use technology as well as human techniques to stay one step ahead in the prevention of scams and ensure the safety of users. For example, automated content moderation filters, coupled with human content moderation, can protect users against forms of harassment and prevent the display of personal details, particularly at a time when a significant number of UK citizens are isolated at home. A content moderation solution built around platforms’ specific requirements which uses both of these methods will ensure that harmful content that does not adhere to the rules is removed so that users can have a better, safer, user experience.  

“Businesses should also consider the training and development of their content moderation teams to ensure they are continuously updated on the ever-evolving tricks of fraudsters. Only with a team of highly trained experts coupled with intelligent automation rules will companies be truly efficient at keeping end-users safe.”  

Gus Tomlinson, GM of Identity Fraud, Europe at GBG, said: “You can’t trade with people you don’t know – but the Internet was built without ‘identity’ in mind. That means the complex set of data points which shape our identity are now vital in keeping the wheels of commerce turning. They create digital trust, allowing people and providers to interact safely without opening the floodgates to fraud.

“Our first GBG Identity Fraud Benchmark will shine a light on that problem this week. The research shows that not only is identity fraud already affecting one in five consumers, the ‘trust gap’ it creates poses a risk to industries which will depend on digital trust if they are to thrive in 2021 and beyond. A third of consumers are more worried about fraud, as a result of COVID-19 – most prominently banking (36%), followed by voting (11%) and online shopping (10%). 

“As Brits keep one eye on their finances while rushing to get their festive shopping done early, International Fraud Awareness Week is an important reminder: for consumers to adjust to our digital-first new normal, and for businesses to truly prosper online, we must keep pushing on the technology and education required to make those online interactions fraud-free and frictionless.” 

Malcolm Murphy, Director, Solution Architects at Infoblox, said: “This year has been full of unprecedented changes in all areas of life, and cyber fraud is increasing, as well as cybercriminals looking to take advantage of people when they’re most vulnerable. Our recent cyber report shows that over the last few months, the pandemic has been one of the key themes used by fraudsters to exploit victims, with COVID-19 themed email campaigns and socially engineered attacks going through the roof. 

“As employees continue to work outside their corporate security parameters, threat actors are moving aggressively to leverage new opportunities to attack vulnerable devices. Fraud is also becoming increasingly sophisticated; attacks are harder to detect by nature and sometimes even careful users can fall into the trap. As per our report, fraudsters are increasingly hijacking social issues, such as racial justice protests, in addition to the pandemic for fraud schemes. The aim of these attacks is to victimise companies by manipulating workers’ emotions.

“Phishing, a technique involving emails with a clickable link that appear to be from a trusted source, but are not, is an example of such fraud and it remains one of the most prevalent online cyberthreats. Research shows that incidents involving payment and invoice fraud increased by a staggering 112% between Q1 2020 and Q2 2020. Moreover, the average cost of a successful phishing attack to a mid-sized company is £1.4 million, posing a significant financial risk. 

“Global pressures resulting from remote work and Digital Transformation are real issues that aren’t going to disappear anytime soon. It is key that companies rethink their fraud protection by building user awareness, creating backup and recovery strategies and implementing internal controls.” 

Espen Knutsen, CISO, Puzzel, said: “During the COVID-19 crisis, fraud cases have been soaring, with bad actors targeting organisations and their customers’ key credentials and information. It is critical that those managing customer services remotely – whether on phone lines or through digital channels – offer robust safeguarding measures, such as two-factor authentication, to ensure customer data security.

“Organisations should combine such technology deployments with employee awareness training, to ensure staff know about the threats that exist and are fully equipped to identify and mitigate them. This will help agents spot the triggers of fraudulent attempts and enable them to put the right follow-up safeguards in place to protect the integrity of customer information.”

Click below to share this article

Browse our latest issue

Intelligent CISO

View Magazine Archive