CS Mar-Apr 2024

More documents

Recommendations

Info

iometric cybersecurity STOPPING THE REMOTE ACCESS SCAM PANDEMIC SCAMMERS ARE STRIPPING UNTOLD SUMS OF MONEY FROM VICTIMS' BANK ACCOUNTS. TAMAS ZELCZER, CEO AND CO-FOUNDER OF CURSOR INSIGHT, PICTURED BELOW, DISCUSSES HOW BIOMETRIC CYBERSECURITY CAN PREVENT SUCH FRAUD Hello? I'm calling from your bank's tech support. Your account has been hacked. I need your urgent help to stop criminals stealing your money.' This is one of the typical dreaded opening lines actual cybercriminals use on unsuspecting victims before tricking them into handing over control of their online banking session and inflicting damages equal to. or even surpassing. all the assets on the account. The professional fraudsters dismantle the victims' instinctive defences by exploiting the strong fear of financial loss and a sense of urgency. They also quickly build some level of trust over the phone, usually by quoting personal details like the victim's name, address and contact details that were perhaps gathered from hacked databases or even public sources. What happens next is that the hacker asks the victim to download and install a remote desktop tool, such as Anydesk, log into their own account and then hand over the control to the criminal impersonating a helpful tech support agent. This scam might sound like something few people would fall for, but, in fact, this is one of the fastestgrowing and most effective types of financial cyber fraud. It's being referred to as a 'remote access scam', 'tech support scam' or 'Anydesk scam' after the name of the most widely used remote desktop application and, according to ScamWatch research, is just as widespread as Phishing Scams, where fraudsters coerce or dupe victims into sharing online banking login credentials and 2FA codes. Approved push payment (APP) fraud - where victims are tricked into executing, thus 'approving', a fraudulent transaction themselves - and classic online credit card scams are still the most common types of digital fraud by the number of cases. However, remote access scams may represent up to a staggering 80% of the financial damages sustained by victims in some markets or financial institutions. In many cases, the ruthless remote access hackers, exploiting a lengthy remote access session, liquidate the victim's investments, even apply for a personal loan in the name of the victim, then pool all the money together and transfer everything to the fraudster's account, where the money typically instantly disappears in an untraceable crypto wallet. LOSSES SOAR 130% The spreading of remote access scams seems to be unstoppable for now. Statista reported total losses of $806 million in 2022 in the USA, a soaring 130% increase, compared to 22 computing security March/April 2024 @CSMagAndAwards www.computingsecurity.co.uk
iometric cybersecurity the previous year, making it the fastest-growing fraud category. How can banks effectively protect their clients from these kinds of financial losses and minimise losses for themselves, as obligatory fraud reimbursement regulations are being introduced in the UK and around the world? Traditional user authentication and fraud detection tools, deployed by many banks, typically use various device fingerprinting techniques that are quite effective against scams where the fraudster is in an unusual location or accesses the online banking application from a browser or device that is not recognised as the standard for a specific user. The problem is that when the user hands over the cursor and keyboard control to someone else who is remotely transacting in the victim's account on the victim's own device, through the usual browser, and from the usual IP address, device fingerprinting becomes completely useless in spotting the fraud. During a remote desktop session, the cursor movements and typing of the remote agent are instantly mirrored on the user's screen, and these cannot be differentiated by a human observer from the interactions of the user working locally on their own computer. A few years ago, there used to be a slight time lag and some skipping cursor movements, but the latest versions of the common remote desktop tools are free from these issues. Luckily, there are still some very subtle data patterns that can be detected by the most sophisticated AI systems, such as Cursor Insight's patentpending Remote Access Detection solution, which is part of the Graboxy Cybersecurity Platform. SUSPICIOUS ACTIVITY FLAGGED Cursor Insight has been for years at the forefront of innovation in the field of biometric cybersecurity, with the Graboxy Continuous Authentication tool winning prestigious awards, including the 'Cyber Product of the Year' at the National Cyber Awards and the 'Remote Monitoring Security Solution of the Year' at the Computing Security Awards in 2023. A fundamental feature of Graboxy is the continuous monitoring of user interactions and the use of AI to analyse data transmitted through the user's web browser. The data is only monitored and analysed on the server side, so nothing has to be installed by the client. The technology is capable of building accurate biometric profiles by finding behavioural patterns that can be associated with individual users. Graboxy can passively authenticate users in the background by comparing real-time interactions, including mouse movements, to the biometric profile belonging to the user. Suspicious sessions with a high likelihood of an ongoing account takeover or other types of unauthorised access can be quickly flagged for further security checks or additional re-authentication. This solution can be effectively used to detect a fraudster controlling the user account through a remote desktop session. The Graboxy Remote Access Detection Solution adds an additional security layer on top of passive continuous authentication. It is able to, within a few seconds and in real time identify any remote access session, which is almost always a sign of a scam attempt in online banking and payment applications. The unique advantage of this solution is that it uses predefined machine learning models trained specifically to differentiate between local and remote users. It means that no individual profiles need to be built over time, and no rule or algorithm calibration is required, unlike most AI-based solutions. It works straight out of the box and can easily be combined with already deployed fraud detection solutions through its API. WINNING THE BATTLE Fighting against cybercrime and online financial fraud is a dynamic race where both the attackers and the defenders tirelessly innovate and try to outsmart the other side. The stakes are high, especially with remote access scams, where, unlike with the most common types of scams, the hackers could potentially steal complete life savings in a matter of minutes. Educating banking clients not to hand over the control of their devices to strangers who are offering unwanted help during a phone call is, of course, essential; awareness can and should be raised to help people protect themselves. But, just like many customers still often voluntarily share their login credentials, PINs and SMS one-time passwords with scammers, the human factor remains the weakest link that fraudsters exploit in the case of remote access scams as well. Investing in technologies that offer protection from the latest forms of cyber fraud remains a necessary tool to win the fight. www.computingsecurity.co.uk @CSMagAndAwards March/April 2024 computing security 23
Page 1: Computing Security Secure systems,
Page 4 and 5: Secure systems, secure data, secure
Page 6 and 7: news TORSION ANNOUNCES FILING OF PA
Page 8: news Greg Wetmore, Entrust. TIME TO
Page 11 and 12: legal focus GETTING YOUR ACT TOGETH
Page 13 and 14: artificial intelligence stratospher
Page 15 and 16: artificial intelligence "In an intr
Page 17 and 18: Computing Security Secure systems,
Page 19 and 20: 2024 predictions ?? ? actors can so
Page 21: 2024 predictions ?? ? security is t
Page 25 and 26: data management NEW DATA STATS ARE
Page 27 and 28: energy industry incidents in 2020 -
Page 29 and 30: ansomware NEW THREAT ACTORS SEND RA
Page 31 and 32: penetration testing I.T. SYSTEMS RE
Page 33 and 34: endpoint protection GETTING STRAIGH

CS Mar-Apr 2024

Create successful ePaper yourself

Delete template?

Save as template?