This latest Opinion piece from BAE Systems looks at the benefits of sharing expertise and anti-hacking techniques globally. The more data that can be analysed by large companies, the better the defence will be against fraud, denial of service, ransomware and many other threats.
If financial crime was an economy, it would comfortably sit alongside the likes of USA, Brazil and the UK in terms of comparative size. Against this shocking backdrop, BAE Systems last year launched the Intelligence Network to bring together a global community of experts to fight cyber crime.
Within a year it had grown into a coalition of almost 2000 members from industry and academia, and launched an action plan to protect individuals and businesses around the world from the constantly evolving threat from cyber fraudsters.
The Network, whose steering committee of global influencers includes members from Microsoft, CyLon and the CBI as well as BAE Systems, is constantly gathering and evaluating intelligence and experience to help inform counter-fraud battle plans.
They’ve identified social engineering as one of the biggest areas of focus, and a working group from BAE Systems Applied Intelligence has been evaluating the tactics fraudsters are using – a key one being false trust created via the telephone.
Gareth Evans, who works on fraud prevention for BAE Systems Applied Intelligence (BAE AI), said: “Social media tends to steal the spotlight in headlines, but it’s dangerous to overlook traditional channels like the telephone – there are many cases of elderly or vulnerable people targeted by scammers this way.”
And Simon Viney, cyber security financial services sector lead for BAE Systems Applied Intelligence, points to the issue of “two way trust” as a key challenge for insurers.
“There’s a lot of emphasis on making sure companies identify the customer they’re talking to, but it’s just as important that the customer can feel safe that they’re talking to the company they think they’re talking to,” he said. “How can they be sure? Is enough being done to make these two-way communications as secure as they can be? I’m not convinced that’s always the case.”
This type of attack is currently being highlighted by the Channel 5 drama Cold Call.
EMAIL REMAINS A BIG RISK AREA
Email interception is another high risk area. “The implicit trust that an apparently genuine email address carries can also be exploited by scammer,” says Evans. “We’ve found cases where fraudsters gain access to mailboxes with relative ease and then use a simple combination of cloned addresses and rules to deceive the email account owner.”
In this way criminals can appear to be genuine insurance claimants, giving false account details to insurers and diverting settlement payments from the real claimant.
Then there’s the disturbing trend of money laundering via mules, where those in need of cash are being offered a payment – as little as £50 to £100 in some cases – to provide their log-in details. Fraudsters can then not only evade the checks in place when opening an account, but use a number of mule accounts to transfer and launder money.
“These illicit innovations showcase the sophistication and the extent that fraudsters are going to in order to capitalize on consumers’ misplaced trust,” says Evans.
“Individuals can reduce their vulnerability by understanding the risk of fraud and keeping aware. But ultimately The Intelligence Network aims to make it more difficult for fraudsters to carry out such attacks.”
The Network is now assessing how easy it is to establish false trust through different digital channels, and exploring the possibility of simpler two-way authentication between individuals and organizations. The aim is to present some best practice recommendations to industry and will be reporting its findings in the coming months.
This article is sponsored content, produced in partnership with BAE Systems