• Armen Najarian, CMO & Chief Identity Officer at Outseer


• 31.05.2022 11:00 am
#banking #fraud

Rising online and mobile banking fraud in the United Kingdom has become more than just a royal nightmare. A recent report from UK Finance finds that the level of fraud in the UK is now a bonafide national security threat.

Just as in most major economies, the COVID-19 pandemic accelerated the consumer shift to digital channels for most financial transactions. Today, 76% of adults in the UK use some form of online banking, with popularity rising by the day.

But while the convenience of digital banking is undeniable, its defences are not. Over the past two years, the UK has been struck by an unprecedented flood of phishing schemes, cryptocurrency swindles, sham banking apps, authorised push payment (APP) rackets, and other cons designed to trick customers into revealing payment details or login credentials.

The price tag topped £754m in losses for British bank customers in just the first half of last year alone —making the UK the bank scam “capital of the world”. More than £29,000 is lost to bank transfer fraud alone every hour of the day. The sophistication of these attacks is astonishing – but worst of all, the rest of the world should consider itself on notice.

Powering a Malicious Masquerade

Gone are the days of typo-laden bank impersonation schemes – today, phishing scams are highly personalised and extremely convincing. Email and SMS scams claiming to be from your bank may point to a site that looks exactly like the real deal, followed up by a phone call from a "service rep" from a phone number that matches the banks. Some fraudsters even successfully upload bogus banking apps to legitimate app stores in a bid to gain access to victims’ login credentials and personal information.

Increasingly, these groups are even using advanced forms of artificial intelligence in their efforts to fool or impersonate FIs and their customers. Where once fraudsters needed to manually compile intel on targets to create phishing attacks, for instance, they now use "adversarial AI" to automate the entire process. 

This technology is able to mimic the writing style of the person or institution being impersonated, and can even be used to create deepfake voices of senior executives for use in wire transfer scams. It can also generate accurate password lists for account takeover (ATO) attacks, or automate the creation of synthetic identities used to open new credit cards and bank accounts.

Online transactions are unavoidable in today’s hyper-digital world, so businesses need to find a way to improve their detection of fraudulent payments.

Stopping Scammers, Not Customers

Fraud prevention is imperative to protect both banks and their customers, so FIs are advised to boost their fraud controls. AI and machine learning (ML) technology enables firms to scan URLs, scour social media, and monitor app stores to identify and stop fraudsters before they can do harm to customers and banks. Leveraging AI/ML solutions – paired with global fraud intelligence – enables organisations to accurately differentiate legitimate customers from fraudsters and provide a frictionless user experience for genuine customers.

Providing a frictionless flow is critical as efforts to stop fraud have sometimes led to overly-aggressive policies and additional identity-proofing requirements. Customers dash when they’re faced with irritating step-up challenges, transaction declines, and hoops to jump through just to complete a simple transaction.

It's also wise to source a comprehensive cyber attack detection and takedown service capable of identifying and shutting down phishing sites, phoney mobile apps, and fraudulent social media accounts before they can cause serious financial and reputational harm.

If Britain's battle against banking fraud is any indication, FIs may need all the help they can get.