The world is becoming more dependent on mobile phones, and criminals are taking note. Everywhere you look, people are on smartphones to check emails, send texts, download apps and even do their banking. As mobile banking becomes more popular, criminals are finding new ways to attack smartphones. Mobile fraud occurs when the bad guys hijack apps and hack networks to steal critical information and carry out fraudulent activity.
The government recognizes the new challenges that banks face regarding cyber security, including mobile banking issues. In June, 2013, the Federal Financial Institutions Examination Council (FFIEC) formed the Cybersecurity and Critical Infrastructure Working Group, including members from the federal and state banking regulatory agencies, to support the work of other groups fighting cyber crimes. “These efforts are important in light of the growing sophistication and volume of cyber attacks and the global importance of critical financial infrastructure,” according to a FFIEC press release.
How Mobile Fraud Occurs
Attacks on mobile phones occur in many ways, putting financial institutions and bank customers using mobile apps at risk. Customers may download fake apps. Text messages and Facebook may become highways for malware, infecting unsuspecting bank customers along the way. The apps themselves may be infected with a virus — whether the actual banking app or the end-point security app. Wily criminals may infiltrate WiFi networks to gain access to online banking user names and passwords, carry out fraudulent transactions and erase security protocols.
A critical point for bank information security leaders to communicate to their colleagues is that mobile crimes are usually part of a sophisticated multichannel attack that may include fake emails and fake online banking sites. Once bank clients respond to the emails and enter valid personal information online or through texting, the criminals have the information they need to carry out the fraud.
Behavioral Analytics Help Combat Mobile Fraud
One of the tools financial institutions use effectively to combat mobile fraud is behavioral analytics. Banks generate a ton of data having to do with their customers’ transactions, data containing useful information. Analyzing it reveals usage patterns and typical behavior. Behavioral analytics uses automated transaction monitoring and typical fraudulent behavior to detect anomalies in online banking sessions. Basically, if user behavior during an online banking session differs significantly from typical user behavior, it sends up a red flag and warrants investigation.
Using behavioral analytics to combat fraud benefits both the financial institutions and their customers because it helps find suspicious behavior and prevent potentially fraudulent activity. It also provides more big data to flesh out user profiles, information which can then be used to strengthen online and mobile security practices.
It appears that mobile banking is here to stay, and that means mobile bank fraud is not going to go away anytime soon. Combined with professional financial services solutions, including joint paper and electronic records management systems, behavioral analytics helps banks and financial institutions fight growing cyber security issues, including mobile fraud.