Connect with us

Finance

BOT ATTACKS IN THE FINANCE SECTOR: FRAUDSTERS ARE USING AI TOO

Published

on

By: John Briar, COO and co-founder, BotRx

 

The use of Artificial Intelligence (AI) and automated processes in the finance industry is growing. From using AI-enabled chatbots to communicate with customers, to using Robotic Process Automation to eliminate tedious tasks in payroll and accounts receivable, financial organisations are making the most of this up-to-the-minute technology. Indeed, a report by McKinsey found that current technologies can fully automate 42% of finance activities and mostly automate a further 19%. As progress continues to be made in automated technology, this number is only likely to increase.

The problem is that cybercriminals are also using AI. With AI tools at their fingertips, fraudsters are developing and deploying sophisticated automated attacks, namely in the form of malicious bots. These bad bots masquerade as legitimate users to conduct malicious activities against financial organisations, such as stealing Personally Identifiable Information for illicit activities like fraudulent credit card applications and account takeover. This trend has only increased during the coronavirus pandemic, as cyber adversaries look to take advantage of the disruption caused by the outbreak. Indeed, financial fraud increased 33% during lockdown, according to Experian.

 

John Briar

AI-enabled fraudsters are on the loose

Fraudsters are becoming increasingly reliant on automated bots, and using credential stuffing as one of their favourite tricks. Credential stuffing attacks work by taking advantage of the fact that people tend to have poor cyber hygiene and reuse the same usernames and passwords across all of their different online accounts. Cybercriminals then launch automated bots to complete repeated password-guessing attempts to log into secure user accounts on hundreds of different websites.

After the fraudsters have sifted through millions, sometimes billions, of login credentials, and have found a login match for a specific website, they normally sell these verified credential pairs to other cybercriminals that launch follow-on attacks. Once they have access to the account, cybercriminals begin committing a variety of fraudulent activities.

Account takeover fraud is a common endgame for bad actors, and almost always begins with credential stuffing. This attack allows fraudsters to access an individual’s account. Once inside, they can conduct unauthorised activity, and depending on the attack, even change login and personal information. KPMG found a  57% increase in UK financial account takeover cases last year, with account takeovers even making the news, like Marriott’s March 2020 data breach where login credentials of two Marriott employees were used to access guest information, affecting over five million guest accounts.


It’s time to fight back

Financial institutions must look to better protect themselves and their customers from these automated bot attacks. There are numerous solutions out there, though organisations must take note of the strengths and weaknesses of each one. The biggest challenge for financial organisations is being able to combat the dynamic nature of automated bot attacks, which fraudsters change on such a regular basis that it’s difficult to predict attack behaviours and recognise signatures.

Indeed, the hardest part of stopping bot attacks is that bots can very easily outmanoeuvre static network infrastructures. Currently, most solutions don’t have a dynamic nature. Firewalls and Intrusion Prevention Systems for example, are ineffectual because they cannot detect changing attack patterns. Web Application Firewalls on the other hand struggle to pick up attacks that mimic normal behaviours, which is exactly what these automated bots do. Threat intelligence, which gathers intelligence on new threats only after an attack has happened, also aren’t bulletproof as they allow early attacks to go undetected.

AI and Machine Learning (ML) based solutions are a better match for automated bot attacks, as they are playing fraudsters at their own game. However, even the most sophisticated AI and ML solutions can be outsmarted by fraudsters who take the time to gather intelligence so that they can plan a future attack. Because AI systems rely on the information they’re fed, they require manual intervention to classify if the anomalies identified in the traffic patterns are real or false events.

Then there are new solutions like Moving Target Defense (MTD), which has recently surfaced as malicious bots’ new foe. Coined by the US Department of Homeland Security, MTD is unique because it is a proactive approach to stopping malicious bot attacks, unlike traditional detect-block solutions. It works by making the attributes of a financial institution’s network dynamic rather than static, obfuscating the attack surface. This reduces the window of opportunity for fraudsters, making it extremely difficult for them to infiltrate a network, and allows financial organisations to take back control of their IT infrastructure by always being on the front foot.

 

A proactive approach  

Continuing to rely on the detect-block methods simply isn’t sufficient to stop malicious bot attacks. While each of the above defence methods have their merits, financial organisations shouldn’t rely on any one of them alone, as the growing number of automated attacks will always be looking to take advantage of static infrastructure and other weaknesses.

It shouldn’t be surprising that, as financial institutions increase their use of automated processes, so too are cybercriminals. Financial organisations must therefore look to new solutions that will redefine the power balance between defenders and attackers. MTD is a promising approach to the equation, enabling them to protect their networks and their customers in the long-term.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

Five predictions set impact the finance teams in 2022

Published

on

By

By Rob Israch, GM Europe at Tipalti

 

The CFO now has a very different set of responsibilities in comparison to a few years ago; 2021 saw sustainability move up the C-suite agenda, Brexit was officially pushed through meaning new rules and regulations for industries, and pandemic uncertainty caused further disruption for businesses. Understandably then, 97% of UK CFOs believe their role has become more complex over the last two years, according to latest research by Tipalti. Finance leaders, who were already rushed off their feet, are now having to wear even more hats.

Operating in a new climate, with new challenges and circumstances, finance teams must be ready to innovate to find new solutions to changing business needs. From becoming more attuned to ESG ratings to fighting against the burden of manual processes and tasks, below we explore what finance teams can expect to experience in 2022.

 

  1. A tightening of CEO-CFO relationship

As opposed to solely managing financial operations and ensuring compliance, the CFOs relationship with the CEO will intensify in 2022. This shift will see the CFO become increasingly involved in looking at the strategic ways the business can grow and diversify.

Nearly two-fifths (39%) of CFOs have noted a larger demand to collaborate with the c-suite now than two years ago. However, organisations are still slowed down by old ways of working, as nearly a third (29%) of CFOs state they are having to deal with more manual finance operations. As a result, CFOs aren’t afforded time to support the business leader in the way that their job requires.

Rob Israch

By innovating financial processes through automation, finance teams can free up time for the strategic tasks that matter most to the business. In fact, UK CEOs believe that the ability to prioritise innovation (25%) and the ability to improve financial and business reporting accuracy and timeliness are the most important qualities for a successful CFO today.

 

  1. Invoice payments fraud will be harder to fight

Every year, defending against fraud gets increasingly challenging. As accounts payable complexities rise, finance teams will experience payments fraud at an alarming rate.

Finance teams today are tasked with managing more diverse payment methods, increasing cross-border transactions and dynamic tax compliance and financial reporting. Yet, teams struggle to cope when operations are processed manually. The most common perpetrator of payment fraud is manual processes. They are neither efficient nor airtight enough to ensure optimum financial control. Busy finance teams, escalating complexities in AP and error prone manual processing sets the perfect scene for fraudsters to take advantage.

To mitigate such risk, companies need to leverage people, processes and technology. This means investing in robust technologies such as automation to standardise procedures. Data entry will be minimised, end-to-end payments processing visibility will be optimised and policy compliance becomes automated. Not only does AP automation relieve workflows by minimising manual intervention, but the technology acts as a hub for enforcing strong financial controls as the number of people and systems involved in payment processing is reduced substantially.

In addition, 2022 will see more multi-entity businesses emerge as organisations recognise the value of the ‘work from anywhere’ model. It can be challenging to manage finance functions across these multiple entities, and that is often why different business units in geographical locations run their finances in isolation, with varying processes and approvals being managed in different ways. However, with no central control or oversight, you run the risk of internal fraud.

 

  1. Finance leaders will need to focus on ESG initiatives

Following COP26, business leaders are under pressure to set and meet green targets, and many are turning to their CFOs for solutions. In fact, CFOs ranked incorporating environmental, social and governance (ESG) and sustainability into the business and its operations as the greatest driver of complexity in their role (27%), above even the global pandemic (22%).

A key reason for this is that ESG ratings have become an important tool for asset managers and investors to evaluate and compare future investment prospects. Currently more than a quarter (28%) of UK business leaders rank international growth as a top priority for the year ahead, so a less than favourable ESG rating is not an option. So far, the challenge for CFOs has been finding the time to work on sustainable initiatives.

 

  1. Uncertainty will continue to loom over the UK post-Brexit

It has been over five years since the UK voted for Brexit – but it will most certainly be on the agenda in 2022 as new regulations emerge. There are a number of challenges that Brexit brings, and much uncertainty still remains in place.

In navigating the uncharted waters of Brexit, businesses will encounter new hurdles when looking to fill roles, as the Global Talent Visa makes competition for skilled employees more formidable than ever before. With the visa application deadline passed, some employees may have chosen to move back home contributing to headcount issues for finance teams.

Moreover, the UK is still yet to agree many key trade agreements. Businesses will need to stay vigilant – watching out for any changes at relatively short notice and be ready to adapt.

 

  1. Employee wellbeing will need to be prioritised

Along with many other departments, the Great Resignation period has meant finance is experiencing Churn. Whilst the wellbeing of all employees will be a key focus for the c-suite this year, CFOs will need to ensure the work of the finance team is engaging and talent is not wasted on tedious and time-consuming operations. Introducing automation to take care of those manual tasks will free up time to upskill employees, while making them feel valued in their role.

 

The future office of finance

2022 will see finance teams adapting the way they operate to combat new challenges. With agreements signed following COP26, implementing sustainable initiatives is no longer a choice, and in the wake of Brexit uncertainty, businesses will have to face new rules and regulations head on. On top of this, the CFO will need to pivot away from solely financial operations in order to drive strategy, fight against fraud threats while prioritising the wellbeing of their team.

It’s a complex set of responsibilities and will only be achieved if finance teams are able to move away from manual administrative work and towards new technologies and automation capability. A CFOs time is precious and needs to be reserved for the tasks that matter.

Continue Reading

Finance

Three ways to reduce uncertainty in financial services marketing

Published

on

By

By Patrick Costello, Senior Product Strategy Director, Optimizely 

 

According to Bain & Company, uncertainty is one of the key factors affecting marketing teams within financial services companies. For example, there’s a lot of uncertainty around when consumers will become less concerned about personal safety in favour of other product features. Similarly, it’s unclear whether marketers will be able to develop the agility needed to remain relevant in times of ever-changing consumer preferences.

Digital-first financial services are here to stay post-Covid, so financial services companies must manage change and reduce this current uncertainty by involving the whole business in improving the customer experience.

Our work with customers and partners has shown that there are three key approaches that enable marketers to move faster while reducing uncertainty and keeping pace with consumer expectations. These include the creation of content based on evidence, rolling out new features in a tightly controlled environment and continuous optimisation and personalisation of customer experiences.

 

Create content based on evidence

The research by Bain & Company noted above has found that successful marketing leaders tend to conduct tests more frequently, which helps the whole marketing team to learn how consumers behave and create content that drives engagement.

Leading digital companies like Amazon and Google have a well-established culture of experimentation, where they continuously test to determine how customers are behaving. In fact, a highly developed culture of testing adds certainty to the process of improving customer experiences.

Rapid testing and experimentation can reveal how customer habits are changing, and what features they highly value and interact with, in order to inform business decision-making.

By continuously experimenting with its quadrillions of landing pages, online travel company Booking.com successfully transformed from a small Dutch start-up to the world’s largest online accommodation platform in less than two decades.

 

Roll out new features with control and safety

Traditional software development cycles normally rely on fragmented data from a variety of sources instead of a single unified view of the customer. This means that new releases do not necessarily resonate with customers and require painful ‘rollbacks’, for example to previous versions of a website.

By putting customer data at the centre of product development and carrying out early exploratory testing, companies can establish if a feature is likely to resonate with customers before actually building out the full feature code. They can deliver frequent and small releases and rollback easily if needed, thereby reducing uncertainty and risk.

One of our customers, a major US airline, used an early exploratory test to validate customer demand for instalment payment options on its website. Rather than implementing this feature straight away — and risk losing revenue — the test included creating a minimal user experience, in this specific case measuring clicks on an icon.

The data collected allowed the team to develop a business case for the new feature and enabled informed decision making around resources and future potential. Ultimately, the new instalment payment option resulted in a significant uplift for the business.

 

Personalise and optimise experiences

What constitutes as a great experience differs significantly from person to person and also depends on the wider context. Over the past 18 months customer behaviour and expectations have changed profoundly, adding new complexities to the customer experience equation. A strong personalisation and optimisation strategy helps financial services marketers engage with users at an individual level by connecting the right message to the right user at the right time.

Such an approach requires continuous improvement and iteration, and the adoption of ever more sophisticated personalisation capabilities.

Any personalisation strategy is underpinned by core segmentation which includes identifying psychographic characteristics of audiences, their affinities and intents. One-to-one personalisation can be achieved with the help of machine learning (ML) capabilities, where businesses can map out who their audiences are and their needs at any given point in time.

Continuous personalisation and optimisation not only reduces risk and increases certainty, but also has a demonstrable impact on revenue. In fact, three in four companies have increased their digital revenue by over 5% through always-on optimisation and personalisation, according to Digital Experience Economy Research.

By releasing features in a controlled manner, creating new content based on evidence and introducing continuous personalisation, organisations can move fast while ensuring their relevance to each and every individual in the long term.

 

Continue Reading

Magazine

Trending

Finance4 mins ago

Five predictions set impact the finance teams in 2022

By Rob Israch, GM Europe at Tipalti   The CFO now has a very different set of responsibilities in comparison...

Finance11 mins ago

Three ways to reduce uncertainty in financial services marketing

By Patrick Costello, Senior Product Strategy Director, Optimizely    According to Bain & Company, uncertainty is one of the key factors affecting marketing...

Banking18 hours ago

Bringing Automation to Banking

Ron Benegbi, Founder & CEO, Uplinq Financial Technologies   Automation is everywhere you look these days; from supermarkets to warehouses...

Finance18 hours ago

Why financial services is stepping into a new era

by James Mingard, Head of Retail & Finance at Maintel   When comparing industries, financial services has arguably fallen behind when...

Business2 days ago

FINANCIAL MARKETS IN 2022: INFLATION, ENERGY PRICES, AND THE CONTRASTING PERFORMANCE OF STOCKS

Bob Jenkins, Head of Research, Refinitiv Lipper   Anyone hoping for a reprieve from the chaos and uncertainty of the...

Business3 days ago

FINTECH TRENDS TO LOOK OUT FOR IN 2022 WHICH WILL CHANGE THE WAY WE DEAL WITH FINANCE!

Embedded Finance is estimated to be a $3.6 trillion market opportunity (Matt Harris, Bain Capital Ventures) Embedded Finance means it’s...

Business3 days ago

THE GREEN REVOLUTION IN INVESTING

It can’t be denied how quickly environmental sustainability has become a focus among everyday consumers, whether they’ve become noticeable through...

Business3 days ago

INVESTMENT IN INNOVATION: 2022 TRENDS AND OPPORTUNITIES

Author: Michael Kodari, Founder and CEO of Kodari Securities (KOSEC)   Moving into 2022, while COVID is still front of...

Business4 days ago

HOW TO CONSOLIDATE INVESTMENT REPORTING OPERATIONS AFTER A MERGER OR ACQUISITION

By Andrew Sehulster and Abbey Shasore   The reason why senior management make an acquisition is to compete better or...

Business4 days ago

FUNDING R&D IS STILL A PRIORITY FOR COMPANIES DESPITE THE PANDEMIC

By Emma Lewis, Myriad Associates   HMRC regularly releases statistics that look at the numbers of R&D Tax Credit claims...

Business4 days ago

Mitigating the insurance risks of climate change through geospatial data visualisation

Richard Toomey, Senior Manager, Commercial Insurance at LexisNexis Risk Solutions UK and Ireland   In the lead up to the...

Top 104 days ago

From compliance to the metaverse: Investment trends to look out for during the year ahead

By Rami Cassis, Founder and CEO of Parabellum Investments   In the investment world, the old saying, knowledge is power,...

News4 days ago

NutreeLife triples production with finance from Siemens Financial Services

Plant-based snack manufacturer NutreeLife has massively increased its production capacity with the help of a hire purchase solution from Siemens...

News5 days ago

HYDR DEVELOPS INVOICE FINANCE PLATFORM TO INTEGRATE WITH MAJOR CLOUD ACCOUNTING SOFTWARE PROVIDERS

MANCHESTER – UK – 17th January 2022 – Fintech start-up, Hydr has developed its proprietary invoice finance platform to integrate...

Business5 days ago

What should you be know about PAN data in PCI DSS?

Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, CRISC) is the Founder and Director of VISTA InfoSec   Introduction PAN...

Finance6 days ago

GET READY FOR A LARGER-THAN-EXPECTED INTEREST RATE SPIKE IN 2022

By Nicholas Sargen As investors assess what is in store for 2022, they should not lose sight of what has transpired...

Banking6 days ago

MYTH BUSTING THE ROLE OF OPEN SOURCE IN FINANCIAL SERVICES

Nigel Abbott, Regional Director North EMEA, GitHub   There is no denying the financial services (FS) industry is under pressure to...

Business6 days ago

How Crypto Traders Can Avoid Unexpected Expenses

Have you been dabbling in cryptocurrency in 2021? Are you still relatively new to the world of crypto and feeling...

Finance6 days ago

Looking Ahead: 2022 Fintech Predictions and Reflections

Will Marwick, CEO of IFX Payments   2021 was the year of recovery and opportunity for many, following months of...

Business6 days ago

A systematic approach to stock selection finnCap’s Slide Rule

Raymond Greaves, Head of Research at finnCap   As an engineer by background, I love data and using it to...

Trending