Up until recently, he said, “you needed to have a certain amount of technical expertise to craft a malicious code. You needed to build your own toolkit.” Cybercrime had been the domain of well-organized, well-funded gangs.
“But now there’s been a democratization” of fraud, Jabbara said. Now, anyone can go onto the Dark Web and buy the tools and the tutorials they need to carry out successful attacks — taking advantage of ransomware as a service and other low-cost attack methods.
In the bid to help ward off would-be fraudsters, he said, all manner of enterprises must adopt what he termed “frontline education of the employees who are more often the entry point” of the malicious injections.
But it’s also critical for companies to make sure that they’ve set up the right endpoint protections to filter out malicious emails and gain a good understanding of their network maps to see whether there are vulnerable points of entry — including even decommissioned servers … and the security of their third-party service providers.
The introduction of crypto through the last several years, said Jabbara, has been among the factors that have made ransomware a key favorite of criminals, because it allows for the fast monetization of those attacks. Jabbara noted that there’s been significant adoption of new analytic tools that help exchanges, financial institutions and law enforcement track the funds received in a ransomware attack, and stem the flow of funds.
Identify verification represents another tool in the arsenal against ransomware and other attacks, he said, even as advanced technologies have been enlisted by malicious actors to create deep fakes and synthetic identities. The fraudsters, he said, have been busy opening accounts, making purchases, paying down credit cards over time, all in an effort to appear legitimate.
But by moving robust ID verification to the “top of the funnel,” so to speak, with IP addresses and biometrics and AI, makes it all the harder for fraudsters to be onboarded in the first place.
“We can stop the lifestyles of the synthetic profiles before they are monetized,” said Jabbara.
And as he noted to PYMNTS, artificial intelligence (AI) “has a huge role on both sides of the fight — though in different ways.” The attackers are using large language models to generate malicious code or create more robust synthetic IDs. On the defensive side of the equation, he said, AI can help harvest data and turn that data into signals that provide actionable intelligence.
AI, he said, is “the superpower that gives us the ability to detect that proverbial fraudulent needle in the overall haystack of legitimate interactions — and then build the automation necessary to carve out the fraud while letting the authentic transactions go through.”
In the background, as always, is the need to balance speed and security, said Jabbara, especially as real-time payments gain ground. Faster payments, he said, will make it possible for the fraudsters to monetize their schemes more quickly.
“They’re running a business, they’re looking to increase their ROI as much as possible, and they’re looking for the most optimal channels to do so,” he cautioned. Visa, in one example of shoring up client firms’ defenses, has been investing heavily in a capability called RTP Prevent, in pilot with Pay UK, to provide deep learning models that score these real-time payment transactions and send that information over to issuers so they can approve or decline a transaction, lowering fraud rates and boosting authorization rates (the latter by more than 28%).
In the months and years ahead, he said, “what we’re seeing right now is just a tremendous amount of complexity, innovation, and investment in the fraud space from the threat actor side. And so what we need to do is make sure that the conversation around investing in fraud and cyber capabilities across people, data and processes is a business-wide conversation on top of mind for the C-suite and for the board.”
As the ransomware and other digital attacks proliferate, he said, “it’s a never-ending battle.”