Community
No matter how much emphasis is placed on creating safe passwords, avoiding phishing attempts, and safeguarding sensitive personal data, the risk of account takeover (ATO) fraud remains ever-present. This type of fraud, where criminals brazenly steal account credentials and personal identifiable information, including social security numbers, addresses, and banking details, poses a real threat, leading to scams, reputation damage, and selling data to third parties. Shockingly, in the U.S., about 22% of adults have fallen victim to ATO fraud, averaging losses of $12,000 per case.
The alarming growth of ATO fraud was further exacerbated during the pandemic's digital surge. Financial institutions' innovations inadvertently paved the way for cybercriminals to exploit vulnerabilities as they pivoted to meet the increasing demand for remote access and innovative communication channels. The use of application programming interfaces (APIs) and cloud environments to cater to customer demands for personalized, real-time services also led to significant challenges for information technology and security operations teams. As security teams pivoted to respond to security risks and threats fueled by the escalating need for remote access and innovative communication channels, cybercriminals swooped in to exploit increased vulnerabilities presented by larger attack surfaces.
Another factor affecting the increase in ATO attacks is the growing customer demand for personalized, real-time services. Financial institutions are increasingly relying on application programming interfaces (known as APIs) and cloud environments to better serve customers and grow revenues. They are rapidly adopting new multicloud architectures and integrating with third-party service providers, resulting in significant challenges for information technology and security operations teams as they work to keep pace. Too often, financial institutions’ cybersecurity frameworks are disjointed, lacking real-time visibility, situational awareness, and integrated security controls.
Fortunately, chief information officers and chief information security officers at financial institutions can get ahead of these attacks by making a plan. Here are some of the top cybersecurity essentials for banks and financial institutions:
An ATO attack is a cat-and-mouse game; as attackers evolve their tactics, security teams must also evolve their defenses to stay ahead of threats. It might not always be possible to completely stop an attacker in every case. But by simultaneously focusing on mitigating your financial institution’s risk, making it harder for attackers to get in, and making it more expensive for attackers, you are more likely to protect your customers, employees, and assets from the potentially devastating consequences of an ATO attack.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Roman Eloshvili Founder and CEO at XData Group
02 August
Konstantin Rabin Head of Marketing at Kontomatik
Denys Boiko Founder at Erglis
01 August
Michael Zetser CEO at Flyfish
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.