In the report, Easy Solutions fraud experts provide analysis on what the company considers the most treacherous attacks observed this year, including search-engine ad poisoning, social media attacks, rogue mobile apps, SWIFT network attacks, ransomware, credit card breaches, synthetic identify fraud and corporate email takeover and spearphishing.
The company's fraud experts compared device-threat analytics data from its own clients with that of 12 Fortune 500 organizations and found that those whose mobile applications lack protection features (i.e., multi-factor authentication, jailbreak detection, etc.) experienced four to nine times more rogue applications than companies that incorporated protection features into their mobile applications. When it comes to mobile, any kind of protection is better than none.
Easy Solutions also found that:
Organizations not using multi-factor authentication experience three times more phishing attacks on their web portals than those who do.
A large portion of the more than 80 million fake profiles on Facebook, Twitter and Instagram are used to launch social media attacks.
Banks that use the SWIFT system should reinforce usernames and passwords with such extra authentication factors as biometrics, push messaging, or hard or soft login tokens.
Credit card fraud has evolved in response to new security measures such as EMV chip-and-pin cards, with card-not-present fraud spiking to new highs. Banks need to improve their anomaly detection capabilities and develop more sophisticated tools for identifying fraud patterns and checks on criteria such as IP, geolocation and transaction amount.
“As we move into 2017, the concept of digital trust will gain significant relevance as criminals are motivated to contaminate any type of digital interactions with banks and enterprises in pursuit of relevant information that will enable them to successfully launch and monetize fraudulent attacks,” said Ricardo Villadiego, CEO of Easy Solutions. “In this report, our fraud experts provide a strategy and recommendations to help organizations manage and preserve that trust. To do so, organizations must be able to transparently deploy security and
make it simple for users to integrate higher levels of protection into their online systems. It is these companies that will be the ones poised to make headlines for their business acumen, and not because they fell victim to the crafty tactics of fraud actors.”