Fraudsters Have Always Used Deception. It’s a Key Tool for Cybersecurity, Too
Originally posted June 4, 2018
Wells Fargo has had a very public battle with fraud. Just last month, the bank agreed to pay $480 million to settle a lawsuit from investors accusing Well Fargo of securities fraud related to its fake-account scandal from 2011 to 2016 in which 2 million fake accounts were set up.
“We have alerting to try to prevent that type of fraud from happening but so often our customers get duped into thinking, ‘No this is real, the vendor did call me. This is their new account number.’ Only to find out later it was a fraudulent payment,” Secil Watson, Wells Fargo executive vice president and head of digital solutions, told Bank Innovation.
“Even if we stop fraudulent payments from going through, it’s still a big hassle for our customers. If no harm is done you still feel victimized, which is not a good emotion,” said Watson.
Fraud talent is rare — and in high demand.
Mounting threats make a sound cybersecurity defense vitally important. Financial institutions’ security along with fraud schemes have evolved. Fraud is at the forefront of banking execs minds’ — some 71% are focusing their digital investment on cybersecurity. There has been a shift to banks investing in early fraud detection technologies, but being able to act on alerts is key.
“If you want to outmaneuver the advisory you need to set traps within the network and set up a high-fidelity detection mechanism, and make it actionable,” said Carolyn Crandall, chief deception officer at Attivo Networks, a cybersecurity company.
Old systems relied on building a fence to keep fraudsters out. “These tools would raise alerts on anything is saw an anomalous, it would overwhelm the security team, “said Crandall, who acknowledges that 100% of attackers can’t be intercepted. Detection mechanisms that work by picking up on the way fraudsters move through a system will prevent alarm systems from sounding from authorized users.
“Coming up with a detection mechanism that will raise high fidelity alert — it’s about using deception tech that will lure the attacker. Only someone who is trying to run recognizance or trying to steal credentials will trip these alarms,” said Crandall.
Once a fraudster is in the network, limiting dwell time and reporting breaches to other institutions are steps to take to stop fraud sooner. Institutions can also set booby traps.
“In deception, you’re setting up a decoy,” said Crandall. “Even using fake data in the network, if you want to reset that synthetic network, it’s going to slow or derail the attack to where you can build your halls of confusion.”
Running a synthetic network for fraudsters to interact with is a safe way for banks to engage an attacker, and learn who is attacking, why, and what methods they’re using, according to Crandall.
Institutions rigging their systems to ensnare fraudsters is only part of what financial institutions can do to mitigate fraud…