Every industry experiences cybercrime, but possibly none more than the financial services space, with an average annualized cost of $13.5 million.
In last month’s newsletter, the Financial Services Information Sharing and Analysis Center (FS-ISAC) shared several threats to look out for in 2016. While most are not new, the number of occurrences continue to increase.
Here are four threats to watch out for:
- Business E-mail Compromise (BEC) | BEC is a method of fraud that uses a business executive’s (e.g., CEO or CFO) legitimate or spoofed email address to send wire transfer instructions to employees of the same company, in an effort to extort money. There have also been incidents in which a vendor’s or supplier’s email address has been compromised, requesting a last-minute modification to a bank account number.
- Manipulation of Data | Changing dollar amounts owed to a client and routing the funds to a criminal is just the beginning. Hackers and individuals with insider information are stealing, deleting, or simply manipulating data, resulting in significant financial losses.
- Malvertising | The use of online or mobile advertising to spread intrusive software continues to threaten financial services firms. Once victims are infected with a virus or another form of malware, cybercriminals can obtain access to consumer accounts.
- DDoS Attacks | Distributed denial-of-service, more often referred to a DDoS, causes a disruption to systems and business operations. Wikipedia compares it to “a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations.” According to FS-ISAC, DDoS attacks are now regularly expected and even reaching the level of “business as usual.” Many of the top financial institutions have been targets of DDoS attacks, which have led to paying out ransoms and other forms of revenue loss.
For help navigating and mitigating these threats at your organization, drop us a line.