It makes for slightly dispiriting reading but a report called The 2017 Faces of Fraud Survey reveals that 52 percent of surveyed banks believe today’s fraud schemes are too sophisticated and evolve too quickly to keep pace.

Only 38 percent of banking/security leaders have high confidence in their organization’s ability to detect and prevent fraud.

Further, and this isn’t too surprising 66 percent say the number of fraud incidents has stayed steady or risen in the past year.

This survey was conducted online in the summer of 2017 and garnered more than 250 responses from banking institutions of all sizes mainly in the US. The surveyed banks have assets that range from under $500 million to more than $20 billion, so there are some biggish boys in there.

Other key findings include:
  • 48% of banks believe customers and/or partners lack sufficient awareness to protect themselves from socially engineered fraud schemes
  • 39% say fraudsters have too much valid customer information at their fingertips that enables them to easily get around controls to prevent account takeover

Alarmingly 31% said they lack the technology tools to properly detect and respond to fraud, while 29% said their employees lack sufficient awareness to protect themselves from socially engineered fraud schemes.

Given the tidal wave of online fraud directed at banks and their customers some of these findings are a bit glum.

They suggest that many banks are having trouble fending off attacks and protecting their customers.
That said, a small majority 53% said they do have a moderate confidence in their fraud tools and despite their
best efforts at combatting fraud only occasionally miss fraud.

The most common types of fraud banks experience are:
  • 47% - credit and debit card fraud
  • 42% - phishing attacks (non-business email compromises)
  • 37% - business email compromise
  • 34% - cheque fraud
  • 31% - wire fraud
  • 28% - account takeover
  • 24% - information loss, theft and attack
  • 21% - new application fraud

Of course defrauding, or robbing banks, is as old as banks themselves and there isn’t a country in the world that hasn’t had its share of bank robbers. As an interesting aside here are some of the quirkiest and boldest:
  • In early 2007 the Agricultural Bank of China had its vaults lightened to the tune of 51 million Yuan [US$6.7 million] thanks to two vault managers and security guards clearly tempted by the sight of all that loot. It was the largest bank robbery in China.
  • In communist Romania the Ioanid Gang carried out the most famous bank robbery in a Communist state.
  • Unlike your average bank blagging crew this gang consisted of Jewish Romanian intellectuals and Romanian Communist Party cadres. When they were eventually caught all but one were executed.
  • In Brazil during 2005, a gang rented a commercial property in the middle of the city and posing as landscapers spent three months digging a 256-foot tunnel to a position beneath the bank. Then, over a weekend in August, they tunnelled up through reinforced concrete into the vault of the Banco Central branch and managed to remove 3.5 tons of Brazilian notes worth about $70 million.

BullGuard protects your devices from malware


Cyber age

In the cyber age the physical act of bank robbery has in many cases become redundant, a relic of a fading era. Why would villains run the risk of arrest and incarceration when they can engage a team of cyber crooks to plunder banks? This is today’s norm as the 2017 Faces of Fraud Survey reveals.

Glimpses of the future?

Gartner VP and analyst Avivah Litan commenting on the report’s findings said there are developments currently taking place that ultimately promise to cut online banking fraud:
  • Fine-tuning of machine learning models and other forms of advanced analytics applied to fraud cases
  • The use of mega global sets of shared data to inform machine learning models
  • Continuous behavioural biometric authentication, along with other continuous identity assessment measures, that create confidence in the user being who they claims to be.

The outstanding point about these measures is that criminals can’t actually see these security measures which means it is much harder for them to map out the technologies with the aim of cracking them.

Protecting personal identity information

That said, and as this report vividly illustrates we are living in an era of heavily compromised personal identification information.

Hackers have numerous ways of stealing identity data from phishing techniques to malware that secretly inserts itself into computers. However, many organisations also can’t be trusted to protect your information.
This report was compiled before the mega Equifax hack took place and in an irony of ironies Equifax has a service that offers to protect personal data.

This is why security software such as BullGuard Premium Protection is so important:
  • Safeguards your personal information from being exploited by hackers and cyber criminals
  • Scans the entire web for your usernames, email and postal addresses, phone numbers, credit card numbers, passwords and any other details you want to protect 
  • If any of your registered details are made public online (for instance offered for sale on the dark web) you immediately receive an email or text message with advice of steps to take