Connect with us

Finance

BOT ATTACKS IN THE FINANCE SECTOR: FRAUDSTERS ARE USING AI TOO

Published

on

By: John Briar, COO and co-founder, BotRx

 

The use of Artificial Intelligence (AI) and automated processes in the finance industry is growing. From using AI-enabled chatbots to communicate with customers, to using Robotic Process Automation to eliminate tedious tasks in payroll and accounts receivable, financial organisations are making the most of this up-to-the-minute technology. Indeed, a report by McKinsey found that current technologies can fully automate 42% of finance activities and mostly automate a further 19%. As progress continues to be made in automated technology, this number is only likely to increase.

The problem is that cybercriminals are also using AI. With AI tools at their fingertips, fraudsters are developing and deploying sophisticated automated attacks, namely in the form of malicious bots. These bad bots masquerade as legitimate users to conduct malicious activities against financial organisations, such as stealing Personally Identifiable Information for illicit activities like fraudulent credit card applications and account takeover. This trend has only increased during the coronavirus pandemic, as cyber adversaries look to take advantage of the disruption caused by the outbreak. Indeed, financial fraud increased 33% during lockdown, according to Experian.

 

John Briar

AI-enabled fraudsters are on the loose

Fraudsters are becoming increasingly reliant on automated bots, and using credential stuffing as one of their favourite tricks. Credential stuffing attacks work by taking advantage of the fact that people tend to have poor cyber hygiene and reuse the same usernames and passwords across all of their different online accounts. Cybercriminals then launch automated bots to complete repeated password-guessing attempts to log into secure user accounts on hundreds of different websites.

After the fraudsters have sifted through millions, sometimes billions, of login credentials, and have found a login match for a specific website, they normally sell these verified credential pairs to other cybercriminals that launch follow-on attacks. Once they have access to the account, cybercriminals begin committing a variety of fraudulent activities.

Account takeover fraud is a common endgame for bad actors, and almost always begins with credential stuffing. This attack allows fraudsters to access an individual’s account. Once inside, they can conduct unauthorised activity, and depending on the attack, even change login and personal information. KPMG found a  57% increase in UK financial account takeover cases last year, with account takeovers even making the news, like Marriott’s March 2020 data breach where login credentials of two Marriott employees were used to access guest information, affecting over five million guest accounts.


It’s time to fight back

Financial institutions must look to better protect themselves and their customers from these automated bot attacks. There are numerous solutions out there, though organisations must take note of the strengths and weaknesses of each one. The biggest challenge for financial organisations is being able to combat the dynamic nature of automated bot attacks, which fraudsters change on such a regular basis that it’s difficult to predict attack behaviours and recognise signatures.

Indeed, the hardest part of stopping bot attacks is that bots can very easily outmanoeuvre static network infrastructures. Currently, most solutions don’t have a dynamic nature. Firewalls and Intrusion Prevention Systems for example, are ineffectual because they cannot detect changing attack patterns. Web Application Firewalls on the other hand struggle to pick up attacks that mimic normal behaviours, which is exactly what these automated bots do. Threat intelligence, which gathers intelligence on new threats only after an attack has happened, also aren’t bulletproof as they allow early attacks to go undetected.

AI and Machine Learning (ML) based solutions are a better match for automated bot attacks, as they are playing fraudsters at their own game. However, even the most sophisticated AI and ML solutions can be outsmarted by fraudsters who take the time to gather intelligence so that they can plan a future attack. Because AI systems rely on the information they’re fed, they require manual intervention to classify if the anomalies identified in the traffic patterns are real or false events.

Then there are new solutions like Moving Target Defense (MTD), which has recently surfaced as malicious bots’ new foe. Coined by the US Department of Homeland Security, MTD is unique because it is a proactive approach to stopping malicious bot attacks, unlike traditional detect-block solutions. It works by making the attributes of a financial institution’s network dynamic rather than static, obfuscating the attack surface. This reduces the window of opportunity for fraudsters, making it extremely difficult for them to infiltrate a network, and allows financial organisations to take back control of their IT infrastructure by always being on the front foot.

 

A proactive approach  

Continuing to rely on the detect-block methods simply isn’t sufficient to stop malicious bot attacks. While each of the above defence methods have their merits, financial organisations shouldn’t rely on any one of them alone, as the growing number of automated attacks will always be looking to take advantage of static infrastructure and other weaknesses.

It shouldn’t be surprising that, as financial institutions increase their use of automated processes, so too are cybercriminals. Financial organisations must therefore look to new solutions that will redefine the power balance between defenders and attackers. MTD is a promising approach to the equation, enabling them to protect their networks and their customers in the long-term.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

THREE STEPS TO ENSURE RECOVERY OF COVID LOANS GOES SMOOTHLY

Published

on

By

In the wake of the pandemic, the government acted quickly to provide financial Covid support packages to help struggling businesses. With the economy now recovering, Mike Hampson, CEO at Bishopsgate Financial explores the range of options available for banks to ensure that those loans are repaid.

 

Since the start of the pandemic, businesses have raised over £75bn[1] from banks and financial markets, through interest-free emergency support schemes. But the harsh reality is that not all loans will be honoured as the economy recuperates.

As a result, banking professionals with client relationship management experience and skills in supporting clients to repay loans in a challenging business environment, will be in high demand.

 

Mike Hampson

Setting up training capabilities for client support post-pandemic

Commercial bankers estimate 60% of new coronavirus scheme loans[4] will default or suffer other repayment issues that will drive previously unseen levels of non-performing loans. It’s a tough balancing act and one that demands careful management of the lending transaction lifecycle, from origination through to collection, recovery, and handling bad debts. Banks no doubt already have frameworks in place to manage these elements, but it’s highly important to make customer interactions as easy as possible and ensure their genuine concern for their customers is clear.

Subsequently, hundreds of workers at major banks including HSBC, NatWest and Metro Bank[5] are understood to be receiving training in how to deal with vulnerable customers and “demonstrate empathy” as the first wave of repayments for coronavirus loans fall due. Staff ‘sensitivity[6] training builds on client-support and workout capabilities, such as improving sensitivity to early-warning systems, developing short-term forbearance solutions and loan modifications, and providing guidance on alternative products.

This approach may further avoid the additional pressure on the UK’s mental health crisis as financial institutions prepare to call in loans issued during the pandemic.

HSBC, which now has 400 staff in its debt collection team,[7] said the aim was to ensure staff had a “consistent understanding of vulnerability” and are “aware of the factors that could make an individual vulnerable” when having repayment conversations with customers.

An executive at another bank said its expanded debt collection team was being trained in “empathy, vulnerability and listening skills”. The individual told The Telegraph: “Ultimately, we don’t want to damage the economy by being overly aggressive.”

A peculiarity of a crisis situation is that customers don’t always know what they will need until that need is pressing. Finding that their bank is prepared to help in unexpected ways will go a long way toward reassuring them.

[2] https://www.law360.com/articles/1355897/

[3] https://www.bishopsgate-financial.com/insights/the-change-perspective/the-change-perspective-2021

[4] https://www.grantthornton.co.uk/insights/how-to-manage-upcoming-non-performing-loans/

[5] https://industryslice.com/NewsLetter/8_33

[6] https://www.telegraph.co.uk/global-health/climate-and-people/covid-19-has-amplified-parallel-pandemic-poor-mental-health/

[7] https://www.msn.com/en-gb/money/other/bank-staff-get-sensitivity-training-before-calling-in-covid-debts/ar-BB1fNMte

Continue Reading

Finance

FOUR STEPS TO INTEGRATING INTELLIGENT AUTOMATION IN THE FINANCE DEPARTMENT

Published

on

By

Marieke Saeij, CEO of Visma | Onguard

 

It’s clear that Intelligent Automation (IA) is still very much an emerging technology, with one indication being that is has only been mentioned a handful of times on Twitter since the beginning of 2021. Results from our latest annual FinTech Barometer reveal a mixed picture in terms of awareness, with half of finance professionals having never heard the term before. Whilst this is unsurprising for a technology concept very much in the ‘early adopters’ stage, organisations can stand to gain real benefits from embracing Intelligent Automation now, particular within the finance department. With this in mind, we explore some of these benefits and share a step-by-step best practice to implementing it into business operations.

 

Intelligent Automation ensures a predictable order-to-cash process

Such is the speed of introduction of new technologies that it’s a challenge for businesses to keep pace. As the newest innovation in finance, Intelligent Automation is one that organisations can’t afford to let pass by. It truly takes financial process automation to the next level. In addition to helping maintain a high-quality customer service, it also complements the existing skillset of finance professionals in the industry.

Marieke Saeij

While Robotic Process Automation (RPA) and Big Data are key innovations for the sector, IA can be likened to an additional layer that enhances existing technologies. By combining applications, this layer is capable of independently assessing situations and determining the appropriate process sequence. It can, for example, fully determine the risk of a specific customer, and can also predict at an early stage which invoices will be paid late, or even not at all, ensuring that finance professionals can then plan accordingly. The result is a reliable and predictable order-to-cash process.

 

The four steps to an IA-proof organisation

While the benefits of IA are numerous, implementing the technology can prove complex, although some are already treading the IA path without knowing it. In this instance it’s crucial to become aware and begin the purposeful process to full integration. Below are the four key steps to becoming fully IA-proof.

  1. Exploring the potential: Brainstorm where automation can be applied

Step one is to examine the extent to which automation can help your organisation. Blue sky thinking is the key here. What is the ideal relationship with the customer? What does the ideal order-to-cash process look like? In this phase, involving multiple departments from within the organisation is key, from management to operations. The finance professionals who have the most contact with customers are likely to have the strongest knowledge of which processes they would like to see automated. With no limits to ideas, it’s best to explore all the opportunities in the entire order-to-cash process and describe broadly the potential value to the organisation.

 

  1. Decipher which data and technology is needed

The second step is to map out which data and technology is required. Working with a specialist, either external or from the internal IT department, is beneficial at this stage to see where the opportunities lie. In many cases, off-the-shelf solutions are already readily available to help make the difference, so it pays to do the research and gain advice where possible.

 

  1. Firm up the strategy

With the plan mapped out, it’s time to fit the pieces of the puzzle together. Which technology and accompanying software is proving most valuable? It’s vital at this stage to analyse the results the organisation is achieving from deploying the right technology and software. It’s also important to outline any limitations and emphasising the potential risk of failure. This is the business case and the basis for the elevator pitch that will be presented to internal stakeholders.

 

  1. Draw up the roadmap and start benefitting from agility

The fourth and final step is prioritisation. The roadmap will describe step-by-step how to move from the undesired current situation to the desired end goal. In the first step, choosing a subproject that is relatively easy to achieve will help gain support from other departments within the business, and provide invaluable experience that can be applied to the more complex components that follow later. This agile approach facilitates a learn-by-doing mindset and allows the following steps to be tackled in a smarter and simpler way.

 

Effective preparation is half the battle

Exploring the potential of automation, mapping the required data and technology, establishing the strategy and laying out the roadmap are the four crucial steps to ensure the foundation for Intelligent Automation. Effective preparation and estimating which technology and accompanying software is needed will help to create a streamlined and error-free order-to-cash process. To ultimately save time and costs, empower finance professionals and maintain customer loyalty, the time for Intelligent Automation is now.

 

Continue Reading

Magazine

Trending

Business1 day ago

HOW TO ENHANCE THE CUSTOMER EXPERIENCE IN YOUR RETAIL STORE

Do you own your own retail store? Are you hoping that 2021 is the year you are able to grow...

Finance1 day ago

THREE STEPS TO ENSURE RECOVERY OF COVID LOANS GOES SMOOTHLY

In the wake of the pandemic, the government acted quickly to provide financial Covid support packages to help struggling businesses....

News1 day ago

SALESFORCE EXPANDS ITS FINANCIAL SERVICES OFFERINGS WITH NEW PRODUCTS FOR CORPORATE AND INVESTMENT BANKING

Tailored tools integrated into Financial Services Cloud support the industry’s transition to digital-first, helping deals get done from anywhere New...

Finance1 day ago

FOUR STEPS TO INTEGRATING INTELLIGENT AUTOMATION IN THE FINANCE DEPARTMENT

Marieke Saeij, CEO of Visma | Onguard   It’s clear that Intelligent Automation (IA) is still very much an emerging...

Technology1 day ago

READING BETWEEN THE BUZZWORDS: DISCOVERING THE POWER OF INTELLIGENT AUTOMATION?

by Yad Jaura, Product Marketing Manager at Netcall    The nature of automation means that new technologies, ideas and solutions are frequently...

Finance1 day ago

FOR THE FINANCIAL SERVICES INDUSTRY TO THRIVE POST-COVID-19, AUTOMATION WILL BE KEY

By Anubhav Mehotra, VP and Head of Infrastructure and Cloud Services for Financial Services at HCL Technologies   The economic...

News1 day ago

CROWN AGENTS BANK ACCELERATES INNOVATION AND GROWTH PLANS WITH THE APPOINTMENT OF HEAD OF FINTECH AND CHIEF COMMERCIAL OFFICER

Industry leaders David Mountain and Joe Hurley appointed to Crown Agents Bank’s Executive Committee The new hires will drive forward...

Finance2 days ago

WHAT IS THE MOST IMPORTANT TECHNOLOGY TREND FOR 2021?

While our world seems to be undergoing lots of economic uncertainty, the world of decentralization is blossoming. And this does...

Finance3 days ago

A BRIEF GUIDE TO TRADING IN CRYPTOCURRENCY SECURELY

Trading in cryptocurrency is becoming increasingly popular in the financial world. Crypto’s huge rises in value over recent months has...

News3 days ago

CHECKMARX APPOINTS ROMAN TUMA AS CHIEF REVENUE OFFICER

Veteran security leader to oversee Checkmarx’s go-to-market strategy and drive demand for developer-centric AST solutions   Checkmarx, the global leader in developer-centric application...

News3 days ago

CASHFLOWS ANNOUNCES GLOBAL PARTNERSHIPS WITH IMX SOFTWARE AND EDYNAMIX TO OPTIMISE PAYMENTS ACROSS A WIDE RANGE OF INDUSTRIES

Each new partner will integrate Cashflows’ acquiring solutions to expand their payment methods, access data in real time to speed-up...

News3 days ago

LINE AND PT BANK KEB HANA INDONESIA LAUNCH LINE BANK IN INDONESIA

The launch of LINE Bank in Indonesia signals a significant expansion in LINE’s fintech business, following the successful launch of...

Business3 days ago

A GLOBAL ESG STANDARD IS ON THE HORIZON. IS UK INDUSTRY READY?

Richard Wall is the Founder and CEO of Emex, which provides ESG and EHS software solutions to businesses    Fifteen...

Finance3 days ago

2021: THE YEAR THE FINANCIAL SERVICES SECTOR WILL ENTER THE ERA OF BOUNDLESS CUSTOMER ENGAGEMENT

Steve Bell, VP EMEA Solutions Consulting, Verint Systems   It can feel like businesses lurch from one disruption to another....

Business3 days ago

HOW TO UP YOUR EMAIL MARKETING GAME IN THE FINANCIAL INDUSTRY

Sam Holding, Head of International, SparkPost   The secret to a successful marketing campaign, no matter the industry, comes down...

News5 days ago

ETRADING SOFTWARE’S DIGITAL TOKEN IDENTIFIER FOUNDATION ESTABLISHES TASK FORCE WITH ASSOCIATION OF NATIONAL NUMBERING AGENCIES ON DIGITAL ASSET STANDARDS

To examine synergies between the DTI and ISIN standards   Etrading Software (ETS), global provider of technology-led solutions designed for...

Finance5 days ago

WHY FINANCIAL SERVICES NEED TO ADOPT LEAN AND AGILE PRINCIPLES

By Philip Farah, AVP Head Digital Transformation Services, Global Accounts at World Wide Technology (WWT)   The financial services industry...

Finance5 days ago

HELP YOUR TEENAGER MANAGE MONEY BETTER

By Kerry Sutherland, certified financial planner at Alexander Forbes   Helping your teenager start good money habits now will serve...

Banking1 week ago

BANKS OF THE FUTURE WILL BE ASSEMBLED, NOT BUILT: HOW BANKS CAN EXPAND AND INNOVATE BY RETHINKING THEIR PARTNERSHIPS

Author: Kelly Switt, Senior Director, Financial Services Strategy, Ecosystem and Strategic Partnerships, Red Hat   The financial services business ecosystem...

Top 101 week ago

SKILLING AND METROPOLITAN X PARTNER TO OFFER ADVANCED TRADING EDUCATION PROGRAM

Skilling, a Scandinavian fintech providing online trading on a wide range of world markets, has announced a strategic partnership with...

Trending