Fraudsters are more than just shadowy figures lurking on the dark web. They can be small-time crooks or part of a large, international ring. During International Fraud Awareness Week, I sat down with Ashley McAlpine, TMG’s fraud prevention manager, to discuss the latest technologies, scams and traps fraudsters are deploying today.
Ashley described how large institutions are not always fraudsters’ primary targets. Smaller-scale institutions can be equally vulnerable. Fraud rings use sophisticated technology that scans for insecure systems. Think of it as someone driving around the neighborhood looking to jump on an open WiFi network. Once fraudsters find an open system, they enter it. They don’t differentiate between, say, a major Internet company and a credit union. Both house the valuable data they’re after.
The methods fraudsters use to extract data can vary, Ashley says. For some, phishing and whaling schemes may be go-to practices. For others, devices like false overhead speakers, convex bubble mirrors and deep-insert skimmers to steal PIN information are preferred. Fraudsters perfect many of these techniques in Eastern Europe before bringing them to the U.S.
Cyberattacks also pose a threat to organizations – both big and small. Just last month, a targeted cyberattack took down several major corporations including Amazon, Visa and Twitter. Ashley noted attacks on more low-target victims, like apartment buildings, can be a probe for a larger hacking effort.
As financial institutions (FIs) focus their efforts on cybersecurity, there are a number of strategies they can implement to keep themselves safe. The first step, Ashley says, is to understand what a Distributed Denial of Service (DDoS) attack looks like. These types of attacks force the targeted systems to shut down, thus denying legitimate users system access. A spike in network activity can indicate an ongoing DDoS attack.
FIs should also ensure firewalls and routers have the latest software updates and secure passwords. WiFi routers and other network equipment may come with default passwords. When left unchanged, these passwords can be an easy “in” for fraudsters.
To hear more from Ashley, take 15 minutes to listen to the podcast “International Fraud Awareness Week.”
If you’d like to receive updates on future podcasts, follow our channel at blogtalkradio.com/tmgglobal.