Banking Bots: The Good, the Bad and the Ugly

Digital fraud continues to flourish, with recent surveys finding that security breaches have increased 67% since 2014 and 11% since 2018. Casualties of these breaches in the first half of 2019 alone include 4.1 billion personal records exposed in a variety of ways: 52% through hacking; 33% via phishing; and 32% through social engineering, with many involving more than one method.

Organizations and security developers are investing billions of dollars in fighting these fraud attempts. Worldwide spending on security systems is projected to hit $131 billion by the end of 2020, and $174 billion over the next two years. Artificial intelligence (AI) and machine learning (ML) applications often form the core of these cybersecurity systems and are being deployed across banks, retailers, telecommunications companies and many other businesses.

The March edition of the “Digital Fraud Tracker®” explores recent developments, including the use of AI and ML to fight application fraud, the importance of separating good bots from bad bots, and the potential impact of the new coronavirus on the cybersecurity industry.

Developments From Around the World of Digital Fraud

The cybersecurity market is seeing record investments financially, but it faces a crucial talent gap. A recent survey found that the industry needs at least 4 million new cybersecurity personnel to effectively fight digital fraud worldwide on top of the 2.8 million people already employed by the industry. This 4 million figure is a 33% increase over what was needed last year, highlighting the fact that the growth of digital fraud is exceeding that of the cybersecurity industry.

One factor potentially contributing to the growth of digital fraud is the outbreak of COVID-19, the disease caused by the coronavirus, which is stretching cybersecurity resources thin as more experts work from home. The European Central Bank recently warned that an additional virus-related factor contributing to the cybercrime threat is the fact that many more customers are engaging in digital banking rather than visiting physical bank branches. The ECB recommended that banks work with third-party security contractors to keep themselves safe for the duration of the pandemic.

Email fraud is just one method that cybercriminals leverage in their schemes, but a recent study from threat intelligence firm Digital Shadows found that it is also the most profitable due to its high margins. Phishing scam tutorials and website templates are available on dark web marketplaces for less than $30 each, and fraudsters using them stole more than $1.7 billion last year. In contrast, a fake website targeting online banking services costs $67.91. These resources not only train hackers on how to conduct digital fraud, but can also give them ready-made tools with which to do so.

For more on these and other digital fraud news items, download this month’s Tracker.

Axos Bank on How to Separate the Good Bots From the Bad

Automated bots can overwhelm banks’ cybersecurity teams, but many bots are actually beneficial, like Google Search aggregators. The challenge is separating the good bots from the bad and countering fraud attempts of the latter.

In this month’s Feature Story, PYMNTS spoke with Raghu Valipireddy, senior vice president and chief information security officer for Axos Bank about the company’s multilayered approach to identifying bad bots, and why financial institutions (FIs) are often overzealous with their anti-bot firewalls.

Deep Dive: New Technology Makes Application Fraud a Looming Menace

Fraudulent loan and credit card applications are a well-worn practice, with bad actors either applying for them with their own names and then absconding with the case or using stolen information to deceive lenders. New efforts in recent years, such as synthetic identity scams, have made application fraud much more sophisticated, however, and FIs are scrambling to counter this threat.

This month’s Deep Dive explores application fraud’s many forms and how FIs can leverage revamped authentication procedures and AI- and ML-powered tools to fight it.

About the Tracker

The monthly “Digital Fraud Tracker®,” a DataVisor collaboration, offers coverage of the most recent news and trends in the fraud prevention space.