Win, Lose, or Draw: The Great Fraud Chess Match Continues
Fraudsters evade two-factor authentication, while Apple moves to better detect bots, and more. This Week in Fraud Trends.
Fraud prevention in the digital age can often seem like an endless game of chess — their move, our move, their move, our move; each side desperately seeking out the key advantage or weakness that will reveal a path to definitive victory.
This week, we learned of some interesting moves emerging from each side of the fraud chess board.
Fortune magazine reported on a new way hackers can now bypass two-factor authentication:
“Security experts have demonstrated an automated phishing attack that can cut through that added layer of security — also called 2FA — potentially tricking unsuspecting users into sharing their private credentials.”
While from The Verge, we learned of a new bot detection solution coming from Apple:
“Apple says it’s building a new tool it calls Real User Indicator that could cut down on the number of bots secretly signing up for new accounts with mobile, desktop, and web services. The feature … is designed to check for traits more consistent with bots than people. It then informs an app developer of the situation, so the developer can then take further action to verify the authenticity of the new account.”
Neither of these moves is likely to prove definitive in the great fraud chess match, and meanwhile, the stakes keep getting higher as the breaches keep getting bigger. ZDnet reported this week on a troubling breach impacting health care patients:
“On Monday, the US clinical laboratory said that American Medical Collection Agency (AMCA), a billing collections provider that works with Quest, informed the company that an unauthorized user had managed to obtain access to AMCA systems. Through the Quest contractor, the unknown individual was able to access — and potentially steal — Quest patient data including Social Security numbers, medical information, and financial data.”
In light of stories like these, it may be tempting to see fraudsters as having the advantage. There is certainly no question losses on the other side are piling up. As reported by Dark Reading, 2018 saw record-breaking losses:
“In 2018, 2.8 billion consumer data records in the US were exposed, with personally identifiable information (PII) making up 97% of the total information. Those compromised records led to losses totaling more than $654 billion for US businesses.”
As these incidents play out, the chess game continues. Organizations know what they’re up against, and sometimes, companies are their own worst enemies:
“A global survey of over 1,000 IT security decision makers…reveals that 64 percent believe they’ve had either a direct or indirect breach due to employee access in the last year, and 62 percent believe they’ve had a breach due to vendor access.”
But hope abounds as well, and there is growing recognition that, in AI, we have a genuinely momentum-shifting tool at our disposal — if only more companies would adopt it!
“The survey also reveals that SMEs have been slow to implement AI solutions, despite the vast majority of SMEs surveyed (81 percent) thinking that AI will be fundamental to the future of cyber security.”
After thorough review of the week’s news, it’s safe to say the chess game continues, so please check in with us again next week for another edition of This Week in Fraud Trends!
~
If you or your organization is interested in implementing AI-powered solutions for your business, make sure to attend our upcoming webinar!
