Data Mining an Antidote to Cyber Frauds
Agnelo D’souza, Executive Vice President & CISO at Kotak Mahindra Bank, discusses the top cyber frauds and the measures that are being adopted:
Ravi Lalwani: Given the massive shift towards mobile banking during the pandemic, what kinds of cyber frauds have increased the most?
Agnelo D’souza: The adoption of digital payments has gotten accelerated by the covid pandemic. This has also increased the risk of digital frauds on online channels, including mobile banking. Some examples of frauds on mobile banking channels are:
Vishing Frauds: This is the most common type of fraud where the fraudster calls up the customer pretending to be a bank representative and deceives him into giving away his PIN, OTP etc.
Fake Banking Apps: Fake banking apps are designed to look like real banking apps. Consumers are tricked into downloading these apps by fraudsters. The fraudsters then capture the login credentials and other information of the customers to commit fraud.
Banking Malware: Banking malware are malicious programs that disguise themselves as l egitimate ones. They are generally designed to steal sensitive information such as login credentials, account numbers, etc, from customers.
UPI Frauds: One common UPI fraud is where fraudsters send a ‘request money’ link to the customer. The customer clicks on the link and authorizes the transaction thinking he will receive money but the amount gets deducted from his account. It is important to note that a UPI PIN is entered only when one wants to send money to someone and not to receive money.
Remote Access Frauds: Software such as Any Desk are legitimate programs used by IT professionals to solve technical issues faced by their clients. However, these programs can also be misused by fraudsters to gain remote access to the mobile device and steal customer login credentials and other information.
What kinds of data points have proven to be the most useful in detecting cyber fraud?
Hackers are finding innovative ways to commit frauds and hence there is a need
to continuously evolve and improve fraud detection methods, which is a priority area for the banking industry. Three methods that can prove effective in detecting cyber frauds are:
Data mining to classify, cluster and segment the data.
Testing hypothesis based on associations and patterns found in the data.
Pattern recognition to detect suspicious behaviour algorithms, prudent statistical methods and machine learning models.
How are hackers targeting WFH e mpl o y e e s ? How a r e financial organizations securing such employees effectively?
During the pandemic, the majority of the workforce transitioned to working from home (WFH) and this is likely to continue post-pandemic. Hackers are constantly on the lookout for newer ways of targeting victims and WFH has given them this opportunity. Innovative phishing emails related to covid, video conferencing etc are being used to target employees and gain access to their computers.
There are several ways to secure the workforce. Some of these are:
Employee training and awareness about phishing, vishing, etc.
Organisations are using Virtual Private Network (VPN) with multi-factor authentication to provide secure access to the IT infrastructure.
Device authentication to ensure that only endpoints that are updated with the security controls such as anti-virus, security patches etc are allowed access. Virtual Device Interface (VDI) is used for providing additional security whenever personal laptops are used.
Newer technologies such as Zero Trust Network Access (ZTNA) are emerging.
How can an organization ensure that its protection systems are up-to-date against emerging patterns of phishing and malware? Do you have to change solutions more frequently these days compared to earlier years?
Cyberattacks are becoming more and more sophisticated. An organization needs to ensure that security is addressed across all the 3 pillars, namely, people, process and technology. Speaking about technology, traditionally the focus has been on preventive measures. However, organizations have realized that one cannot protect against all cyberattacks. Detection and response are equally important. Budgets are getting directed towards better detection techniques such as the use of machine learning to identify user behaviour anomalies, threat intelligence gathering, etc. Security automation to respond faster to cyberattacks is another area that organizations are exploring.