Are you an emotional treasurer? If so, you might be at more risk of giving away sensitive security information. An experiment conducted by NatWest Bank shows how fraudsters often use our natural human responses (often known as emotions) to gain sensitive data, which many of us use in authentication processes for financial platforms – in effect putting money at risk.
The NatWest Bank experiment set up a speed-dating event, planting two actors in the room. The actors proved it was quite easy to get complete strangers to divulge potentially sensitive information, such as date of birth, mother's maiden name, birth place or first pet's name (often used as security questions during authentication processes).
Fraudsters exploit our emotions
The key message of the experiment is that fraudsters exploit our emotions for their own purposes. In the speed-dating scenario, that's the desire to please and impress. In other situations, those emotional weak-points could be a fear of missing out on an opportunity, a desire to please someone in authority, a client, or do the 'right' thing, as well as trust.
For corporate treasury professionals, this study could act as a warning that, while we are all human, those with responsibility for sensitive financial data and security information need to be especially careful, especially in moments when we might be letting our guard down.
Financial phishing on the rise
Another growing area of financial fraud is phishing attacks that specifically target financial data and platforms. A report from Kaspersky Lab says that, in 2017, its anti-phishing technologies detected over 246 million user attempts to visit different kinds of phishing pages. And 53 per cent of those attempts were on financial-related websites. The company says it's the first time it has recorded attempts to target financial websites in more than half of all phishing attempts.
Kaspersky Lab stated: “Financial phishing attacks are fraudulent messages which link to copycat websites that appear legitimate. They aim to gain users’ credentials for banking and credit accounts, and data to access online banking or money transfer accounts – all for the purpose of stealing the victims’ money afterwards. With 53% of phishing attacks taking this form, more than every second attack across the world is looking to steal a victims’ money.”
Again, the message here is that everyone – but particularly financial professionals – need to be aware of the dangers of these types of fraud attempts.
Fraud update: the nightmare continues, but new technologies offer hope
Verizon: Almost half of companies fail on payment security; New techologies: use machine learning combined with AI, and behavioural analytics enable companies to fully understand and minimise cyberfraud
Fraud bad news keeps on coming: the simple structures and processes to protect you
CIFAS: UK Identity fraud at epidemic levels; Symantec: major security breaches record; BELLIN: simple structures and processes that protect the corporate treasury department
Fraud prevention: latest research and tips
Telltale signs; contactless fraud; eyetracking technology; money laundering; cutting off terrorist funding; cost of fraud prevention