Connect with us


How to future proof the financial industry against cyberattacks



Moshe Hayun, threat intelligence team leader at Deep Instinct 


The financial industry is the backbone of an economy- more specifically it is the building block of a digital economy. Offering a broad number of services to billions of users across the globe, including banking, loan, consultancy, and investment, the nature of modern finance provides consumers and businesses with endless opportunities.

However, the amount of data held in these organisations is why the financial industry has historically been one of the most popular domains for cybercriminals, as they typically have a larger attack surface to exploit. Consumers trust these organisations with some of their most private information, and the potential threat of leaking this data, and the subsequent consequences, can be a nightmare for financial institutions.

In 2021, banking institutions alone saw a 1318% increase in ransomware attacks with the average cost of a cyberattack in the financial sector reaching $5.7 million in 2021. Evidently, the finance industry is one that is going to continue to be seen as an attractive and lucrative target for cyber criminals, and it is therefore paramount that organisations within the sector do all that they can to prevent themselves from becoming the next victim.


Moshe Hayun

The biggest cybercriminal families targeting the financial industry

Certain malware families have been a prominent threat to financial institutions throughout 2021. Our recent research revealed that Dridex and TrickBot were the most frequent malware families targeting the industry, specifically the banking sector. Dridex accounted for most of the malware attacks (68%), while TrickBot was responsible for 11% of the attacks.

Both are highly sophisticated banking trojans. For example, Dridex is a trojan designed to sneak behind an organisation’s defences (or, more accurately, trick defenders into bringing it beyond the perimeter themselves). While TrickBot on the other hand, is used to target individuals, businesses, and large enterprises to steal financial data, personal information and bank account credentials. Once this information is obtained, it can be used to carry out financial fraud and identity theft.

IcedID is another modular banking trojan that has attacked banks, e-commerce and credit card companies. Much like a worm, it has been designed to replicate, spread and infect more systems as it travels. Once executed on one machine, it will then cultivate and use simple evasion techniques such as operating after the machine restarts, making it more difficult to identify and defeat.

Another of the top five financial malware families is Zloader, a banking trojan that is a variant of the i Zeus banking malware. It is distributed in phishing campaigns or spoofed emails designed to trick victims into downloading and executing the malware. QakBot is the fifth malware family which can cause chaos within the finance sector. It steals information and is adept at stealing online banking credentials or other financial information.


Tricky Techniques and Implications

The malware families targeting the finance industry have their own techniques to achieve their financial goals. The more data they steal, the bigger the monetary gain. As such, they use a series of devious and stealthy methods to avoid detection. One common tactic is the use of malicious macros. Threat actors hide malicious code insider Word documents or other files which executes once someone opens them. For example, a favored method by Dridex is a PDF laden with JavaScript, or a malicious email attachment containing Word documents comprising of dangerous macros.

Trickbot, on the other hand, harvests emails and offers a backdoor into their victims’ network. The malware family also possesses a screen-lock, ransomware-style option which is designed to steal system passwords.

With techniques by these malware groups designed to be devious and arguably, cunning, it is no surprise that they are successful. LOLBins and PowerShell are another common tactic being used by cyber criminals to launch their ransomware attacks. Both are pre-installed on a computer which makes them ideal for threat actors to hide behind and avoid detection. This type of deception is also used by IcedID. For example, they can manipulate a victim’s browser so that they think they are viewing a genuine banking website, when in actual fact, they have been redirected to a fake website designed to steal system passwords.

Zloader on the other hand, uses Excel macros and other techniques including keylogging to steal information from users, while Qakbot spreads through malspam (malicious spam) and exploit kits that are deployed through compromised websites. If a victim visits the site, QakBot delivers its payload and infects them.

So, in this growing field of cyber-threats, how can financial institutions future proof themselves against devastating cyberattacks?


Facilitating real-time threat detection and prevention using deep learning

Most financial institutions today are using Endpoint Detection and Response (EDR) solutions which implements are designed to improve security at entry points to networks and systems. However, they often lack accuracy and speed.

EDR only works post-execution, meaning that malware is detected after it’s deployed into the target’s system. This means it is useful for finding known threats. However, threats evolve rapidly, with some of the fastest known malware infecting endpoints in less than 15 seconds. As a result, EDR solutions are not useful when it comes to preventing immediate and unknown threats and cannot process data at a speed which can ensure they are found in a timely manner that actually prevents attacks from infecting the endpoint.

To strengthen their proactive stance, finance companies need to move away from conventional EDR and implement deep learning – a more effective and next-gen solution for threat prevention. Deep learning is an advanced subset of AI that uses neural networks to imitate how humans think and learn in real-time- independently studying millions of attack patterns, file systems, and threat vectors.

However, deep learning solutions work without any human intervention. This broad knowledge base is then used to project existing and evolving threat patterns. This mechanism allows deep learning tools to detect threats in milliseconds, with unparalleled accuracy. Thus, even the fastest and most advanced malware is detected and stopped before they reach the target network.

Deep learning technology attains predictive analytics automatically through its own process of examining, analysing, and breaking down existing threat patterns, which helps to detect unknown and zero-day threats. It also produces a 99.9 percent accuracy rate which means security teams don’t have to chase after false-positive security alerts.

Deep learning solutions take the focus away from the conventional threat mitigation approach of the financial industry and emphasises threat prevention. The technology addresses the most critical security concern of the financial industry, which is accurately detecting and preventing threats. By detecting advanced threats in milliseconds, security teams can gain the upper hand on the attackers and close down their attack paths before they wreak havoc on the finance industry.


Is your business ready for finance automation?




Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur


As managers continue to drive their businesses through these uncertain economic times, it is important for them to properly equip and guide their organisations. Small to medium-sized businesses (SMBs) are looking to save money during this inflation crisis. By looking carefully into different areas, there are many hidden costs that can be found to combat rising expenses and interest rates.

With 2023 approaching, it’s time for businesses to be more proactive towards improving their processes. Automating administratively heavy tasks can be hugely beneficial in saving time and resources, both of which can have a big impact on the bottom line.

Although travel logistics, expense tracking and invoice processing can sound like a lot of background noise, these processes can all be optimised through automation. This offers more visibility for finance leaders and helps free up valuable time and resources for employees within the organisation.

Identify which key areas need automation

The first step to adopting automation is highlighting which areas can be improved with specific technology. This includes auditing the business and identifying which areas are outdated. From this point, businesses need to determine which processes and procedures may benefit from digital transformation. High on the list are manual processes and data input — two areas that often are riddled with mistakes and delays. Automating these areas proves to be useful for both the organisation and its employees.

Another common issue that finance leaders face is lack of access into full spend visibility. To improve decision making, managers must be confident about the trusted insights, transparency and perspectives in their business. Reporting tools and automated processes can help verify expenses through integration with other vendors and systems.

Without automation, it is difficult for finance departments to ensure all data has been inputted and centralised. This can make it difficult to determine the most appropriate and potentially effective areas to target cost-saving measures. Spend management solutions can, however, provide finance leaders with full visibility into where their money is being spend, enabling any spend that does not correlate with policy to be flagged. This can help businesses to reduce non-compliant spend and increase policy and regulatory compliance.

Find the best solution for both business and employees

Once these areas are identified, the business must adjust for compliance requirements, infrastructure changes and spend changes. Finance leaders should select the best solution to streamline current processes, whilst also improving budgetary controls and employee safety and satisfaction.

It is important for companies to place employee experience and innovation at the forefront of decision making, with training and ongoing employee support. Expenses — the reimbursement process, specifically — often have an under-appreciated role in employee engagement.

In fact, the new SAP Concur Employee Experience study reveals that 70% of employees in the UK are concerned about the impact of cost-of-living increases on their personal finances. And it’s late reimbursements for expenses that are causing employees to worry, with 56% worried about delayed reimbursements impacting their personal finances. This is why it is crucial for organisations to adopt automation to help accelerate processes and relieve reimbursement worry.

We worked with Brother UK (Printing and technology solutions) to automate their processes within their internal finance department. Brother has many employees who have worked for the company for more than two decades, with many processes identical to the day they started. Unsurprisingly, these employees were reluctant to making big changes, as they were used to carrying out their work in very specific ways. And with the obvious talent crisis, Brother realised that it was more important than ever to focus on the employee experience.

Brother put their employees first, ensuring communication remained transparent during the entire project. The company also brought staff directly into the decision-making process, elevating buy-in and a sense of ownership over forthcoming changes.

Now that Bother has automated many financial tasks, employees within the finance department are able to spend more time on strategic and rewarding work, rather than menial and time-consuming tasks. This improvement has been a positive experience for all. It has also helped employees to progress further in their careers.

Plan for the unpredictable future

Do you work for an SMB considering such changes? Don’t hesitate — now is the time to take the proactive step to streamline and grow your business. Overall, SMBs are being faced with the unknown and are being forced to adapt or pivot their business models. Finance automation will help futureproof your business during these uncertain times, bringing a level of stability to your organisation. This will allow employees to focus on future growth ambitions and make more informed decisions without having to worry about laborious tasks.

It’s important to remember a key part of running any business is relationship management — both with customers and employees. It’s important to choose solutions that will help drive profit margins whilst also acknowledging employee needs. For small businesses, maintaining clear communication with employees will not only help to ensure solution implementation is successful, but will also help to soften any resistance to automation.

And there’s so much more beyond basic finance automation. By taking an even deeper dive into invoices and expenses, businesses can find key data to help underpin certain goals such as reducing carbon emissions for business travel or enabling employees to submit expenses from anywhere at any time.

In the long run, digitising tired manual processes makes it more affordable for all businesses, no matter the size, to offer a competitive advantage during this era of change.

Continue Reading


What is the True Cost of SMS Phishing?



Gemma Staite, Threat Analytics Lead


Cybercriminals will recycle attack strategies for as long as they are effective. In Fraud scammers will keep using a method for as long as victims continue to fall for it. SMS phishing is no exception, as shown by a recent wave of attacks globally, particularly in Asia that caused millions of dollars in financial damages.

SMS phishing, often known as smishing, is a type of social engineering assault that preys on victims through their mobile devices. Smishing attacks use texts that appear to be sent by reputable sources. The messages contain links that drive unsuspecting victims to a phishing site where they are asked to divulge personal information, download malware onto their mobile device, or provide a one-time passcode that will allow a criminal to bypass multi-factor authentication (MFA).

Smishing has increased significantly across the globe and complaints about SMS spam increased over 140% last year. Smishing remains a big concern as users spend so much time on their mobile devices – an average of five hours per day in 2021. In addition, users are much more likely to open a text message. According to, SMS recipients open 98% of their text messages while email recipients only open about 20% of their messages.

The ability to launch attacks has also gotten easier for criminals. There are SMS bots that can be used to intercept the one-time passcode (OTP) most banks use for step-up authentication. There are bots that can reach thousands of potential victims at a time with messages that appear to come from a victim’s bank or other trusted brand. Netflix, the most popular streaming service in the world, was recently exploited to serve as the face of a massive smishing campaign that attempted to divert users to a phishing site.


Beyond SMS Fraud Losses: A Case From Singapore

A smishing attack’s fraud losses are scarcely insignificant. An alleged recent attack in Singapore cost a bank S$13.7 million over 790 victims. That works out to an average of S$17,300 ($12,800 USD) per person. The business is required to pay around $4 for every dollar the customer loses due to fraud. This high cost excludes reputational damages and any potential clients lost as a result of people associating the institutions with higher scam risk.

Direct fraud losses can be quantified, but other costs are not so easy to put a price tag on. First, there is the operational costs such as an increase in calls to the contact centre. This one attack reportedly caused calls to surge 40% in one week. Second, there is the reputational costs of negative headlines from such an attack being reported to the media and the potential customer attrition that may result. Finally, there are potential regulatory costs when such incidents catch the attention of regulators.

The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) released a set of guidelines in response to the recent string of smishing attacks targeting banking customers. Some of the security measures make sense, such as removing clickable links in emails and SMS messages sent to customers. However, others seem to be counterintuitive and go against the very premise of convenience offered by digital banking. For example, requiring notifications and confirmation from customers for every transfer that exceeds S$100. This adds unnecessary friction for customers who have come to rely on the ease of digital transactions on the go.

Increasing friction doesn’t make fraud issues disappear. Additionally, it can cause customers to lose track of messages and become confused, leading them to miss important alerts when fraud may be present.
Increasing current fraud controls

Because fraud can be prevented via device, IP, and network-based restrictions, scammers have developed ways to get around these. Cybercriminals will always find new cunning ways to social engineer around authentication restrictions. Banks must examine users’ behaviour patterns, including how they type, move the mouse, and explore a website, in addition to the device they are using. With the addition of behavioural biometrics to their existing fraud controls, several sizeable financial institutions are already achieving better fraud detection outcomes for a variety of use cases, such as account takeover, account opening, social engineering fraud, and mule account identification.

Continue Reading



Business4 hours ago

Hidden channel costs: how to find and tackle them

By Mark Wass, Strategic Sales Director, UK and North EMEA at CloudBlue     Growth for businesses will always be a...

Finance10 hours ago

Is your business ready for finance automation?

Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur   As managers continue to drive their...

Top 1010 hours ago

The power of a proactive customer service

By Delia Pedersoli, COO, MultiPay   2023 is shaping up to be another challenging period for B2C businesses. While the...

Business10 hours ago

Automation nation: Liberating workers from desks, data entry and the doldrums

Gert-Jan Wijman, VP of EMEA at Celigo.   Just when businesses thought the tough times were over, even more challenges...

News10 hours ago

Protean and Fino Payments Bank tie-up to expand PAN card issuance services in India

Fino Payments Bank has tied up with Protean eGov Technologies (formerly NSDL e-Governance Infrastructure Limited), a market leader in universal,...

Business18 hours ago

What is the True Cost of SMS Phishing?

Gemma Staite, Threat Analytics Lead   Cybercriminals will recycle attack strategies for as long as they are effective. In Fraud...

Technology1 day ago

Digital Asset Management (DAM) To Transform Enterprise Brand Management

Alexander Rich, Co-founder and CEO – Desygner    Rapid digital transformation fuelled by the pandemic has undoubtedly proven beneficial to...

Finance1 day ago

Cost of living: How to identify vulnerable customers

Ellie Engley is account director at REaD Group   In the current climate, the cost of living crisis is a...

Banking1 day ago

Is traditional business banking the best option for SME finance squeezes?

Airto Vienola, CEO, AREX Markets  The pressures facing business and personal finances alike have been well documented. Stories are now starting...

Business1 day ago

Breaking down communications silos to streamline the customer experience

Dave Tidwell, Head of Technical Pre-sales, DigitalWell   The pandemic has, without doubt, moved the goalposts when it comes to...

Business1 day ago

How growth can be a big challenge when a business becomes multiple entities

By Paul Sparkes, Commercial Director of award-winning accounting software developer, iplicit. Organisations don’t just grow in size – they also...

Wealth Management1 day ago

Keeping Cyber Insurance Premiums Down with Deep Observability

By Mark Coates, VP EMEA, Gigamon There is no doubt that the cyber insurance industry has experienced something of an...

Business1 day ago

When it comes to innovation, ignore your CEO and listen to your customer

 By Alex Hammond, Partner, Airwalk   At its core, the 2008 financial crisis was a result of banks incorrectly managing...

Business1 day ago

Netflix-style ransomware makes your organisation’s data the prize in a dark subscription economy

By John Davis, UK & Ireland Director, SANS Institute. Today’s subscription economy makes accessing nearly any service as easy as hitting enter....

Banking1 day ago


By Alex Kwiatkowski, Director of Global Financial Services, SAS. From shifting market dynamics and mounting geopolitical tensions, to skyrocketing cyber threats...

Banking1 day ago

Why traditional banks need to embrace the agility of fintech competitors

Paul Higgins, EMEA Banking Lead, Mendix   Tech has long played a role in the finance space. The legacy applications running...

Technology1 day ago

SaaS Procurement’s Silver Bullet – How Automation is Changing the Game

Sven Lackinger, Co-Founder, Sastrify   Sven Lackinger is Co-Founder at Sastrify, the digital procurement platform for Software-as-a-Service products. Founded in...

News1 day ago

Tata Motors partners with IndusInd Bank to offer exclusive Electric Vehicle Dealer Financing

Key Highlights:   One-of-its kind Electric Vehicle Inventory Financing program for Tata Motors’ dealers  Limits extended towards EVs will be over...

Finance1 day ago

astrantiaPay Selects SaaScada to Enrich Swiss Landscape of Business Payments and Fill Market Gap

Swiss financial firm, astrantiaPay, to use SaaScada’s cloud-native core banking engine to simplify cross-border payments for SMEs and facilitate international...

Business2 days ago

How Big Data is Transforming Bilateral Trading

By Stuart Smith, Co-Head Business Development – Data & Risk at Acadia   Since its inception, Big Data has been...