Skip to content

Don't Underestimate the Online Fraudster

From the beginning, banks have protected their online banking businesses with basic authentication methods that required users to log-in with a username / ID number and a password to verify their identity. However, fraudsters quickly started to evade these early online fraud prevention methods by obtaining users’ passwords using social engineering techniques, keyloggers, or any number of other tools.

As a result, banks moved to multifactor authentication that required users to apply more than one form of authentication to verify the legitimacy of their log-on. However, ‘man-in-the-middle’ attacks allowed fraudsters to intercept traffic and route funds to accounts controlled to them. To combat this, banks turned to tools such as IP profiling which identified the actual IP address of the computer being used to access an online bank account, to check it against a known blacklist of suspicious addresses, and also to see if it matches the user’s standard pattern of access.

Once fraudsters realised they couldn’t connect directly with a banks system without being detected, they began to focus more on hijacking a legitimate user’s machine by implanting code in the user’s browser to gain control of the banking session. These ‘man-in-the-browser’ attacks are capable of moving funds out of a customer’s account without the bank or the user being aware. The attacker also uses techniques to spoof windows in the real browser on a given computer meaning that the user can be completely fooled into believing their actual transaction has occurred. The presence of the Trojan is not visible to the user, as it does not interfere with normal use of the browser when visiting websites and engaging in transactions on those sites.

Banks can tackle this threat through a layered fraud prevention approach – one that analyses the log-in, the transactions, and risky sequences of events. This gives them the best chance to minimise online banking fraud and enables them to capture a broader view of customer activity to gain a complete understanding of a particular customer’s profile. This expanded view, coupled with additional fraud prevention techniques such as out-of-band communication with customers, allows institutions to better detect and prevent fraud. Only by staying one step ahead of the fraudsters will banks be able to live happily ever after.

David Divitt

Fraud & Risk Solutions Consultant