Shining light on the dark shadow of online financial fraud


    Online fraud continues to be a growing problem for organisations in the financial sector. In their latest state of the nation report, the Anti-Phishing Working Group highlighted that attempted fraud through phishing targeted at Online Payment providers alone had risen to 42% of all reported cases, whilst those aimed directly at financial institutions was over 15%. In a digital world where cyber security is fast becoming the number one headache for C-Level staff, what can be done to reduce the threat to a brand holder, their customers and ultimately their revenues?

    Despite radical changes in technology in the financial sector, Banking, as we know it today, can trace its roots back to 14th century Italy. However, the concepts of lending money dates back even further, into the ancient worlds of the Greeks and the Romans. The oldest existing retail bank is Monte dei Paschi di Siena, founded in 1472. Most of the banking brands we see on our high street today have come about through mergers and acquisitions, although somewhere in their linage will be a link back to the Renaissance period in Italy.

    Unfortunately, the provision of money and credit has always attracted individuals with nefarious intentions and the dark shadow of fraud and crime. The virtual world is no different to real world, and there have been many high-profile and audacious attempts to commit the crimes of the century using technology. However, one of the most successful crimes against the financial sector comes in the form of a simple email. Ever since email became the most widespread and popular communication channel, cyber criminals have realised how easy and cheap it is to dupe not only innocent victims but also major financial institutes. Welcome to the world of the financial phishing scam.

    We've all seen the emails. "Your account is temporarily blocked. Please click here to verify your identity". Clicking on the link will take you to a webpage that depending on the skill of the cyber-criminal will look like a bank's website (or in most cases a very poor attempt at one) where you will be encouraged to enter your details. Now here's the clever bit. Irrespective of the details you put in (and most people who have reached this stage will put in correct details), the page will refresh to one that says "sorry, incorrect details. Click here to try again". You click, and this time the page refreshes, this time to the genuine page where of course your login details will work. The fraudsters now have your bank login details. Guess what they do with those?

    The law on who is liable in these instances is still unclear. Customers of financial institutions have a duty of care, which means that they should always be suspicious of any such emails and take reasonable (and that's the key word here) steps to check the legitimacy of any such emails. Likewise, the financial institution has a duty of care to protect its customers and their assets through security and authentication systems as well as trying to detect any such illegal activities. Despite the fact the financial institution may have no awareness of any maleficent activity, the damage can be cancerous, causing reputational damage every hour the problem exists.

    But how much can an organisation really do? Whilst the vast majority of targeted organisations, as reported in the APWG review of Q4 2017, will have some cybercrime protection mechanisms in place, the need for a formalised brand protection strategy is more important than ever.

    For a financial institution the minimum defensive measure they should employ is a domain name monitoring report. Whilst there has been a significant rise in cybercrime using Social Media networks as the entry vector, many criminals will base their activity on cyber or typo squatted domain names. Therefore, the need to have a strategy in place that first scans the domain name landscape for potential infringements and then creates an alert if any further ones are registered is imperative. Speed is of the essence in taking down any phishing attacks and that can only happen with knowledge of any infringing domain names.

    The introduction of Internationalised Domain Names has added another dimension to the need for domain name monitoring. To the average internet user, a ‘í’ looks identical to a ‘i’ but when used within a domain name, they are very different. Likewise, the German ‘ö’ in the domain name “mydö” will actually map to “” which could go to a very different website.

    Domain name monitoring provides that initial brand protection layer for financial institutions that both protects their customers but also their reputation and potentially any financial loss. It obviously gives brand holders the insight into identifying infringers, whether through direct (cybersquatting) registration of domain names using the organisation’s IP, or confusingly similar (typosquatting) using close misspellings or non-Latin characters within the string. It may also pick up on negative sentiment campaigns where domain names using phrases such as “boycott” or “I hate” and allow the organisation to engage in dialogue to prevent any protest escalating.

    For many organisations, including those in the financial sector, using a blanket registration policy (a single keyword registered in every available TLD) is simply not possible and so a domain name monitoring solution will enable them to combine proactive registrations and reactive monitoring, forming a strong bond against would-be infringers.

    BrandShelter specializes in providing online brand protection solutions for financial institutions as well as other brands who see the Internet as a key market. Our expertise in the intellectual property world enables us to advise brands on the best approach to protecting their digital assets today and in the future. Domain Name Monitoring is a key part of that strategy, with the BrandShelter solution scanning over 1,000 TLD zones every day, looking for infringing registrations for clients and ultimately delivering light into the darkest corners of the Internet.