Cybercrime and fraudulent payment risks are on the rise – and financial institutions are the new targets. Cyber attackers exploit the fact that payments move faster than ever, and their strategies are becoming more innovative and sophisticated.
How do cyber attackers operate?
Introducing a new initiative to empower banks to fight back, SWIFT fraud detection manager, Roy Belchamber, warns that the modus operandi of attackers and criminals depends on their targets being unaware of their activities, and so unable to take defensive action until it is too late. But as the incidence of attacks soars and their sophistication increases, financial institutions need a more proactive approach to defence.
“Cyber-attackers don’t want you to understand what they’re doing. The less you know, the more opportunity they have to extract fraudulent funds from your organisation. What they don’t want you to do is identify what they’re doing in real time, and so be able to block their transactions,” says Belchamber.
Cyber-attackers don’t want you to understand what they’re doing. The less you know, the more opportunity they have to extract fraudulent funds from your organisation.
A wake-up call
This year’s Global Risks Report from the World Economic Forum identifies cyberattacks as the third biggest risk in terms of likelihood, trailing only natural disasters and extreme weather events, and the sixth biggest risk in terms of impact. Attacks against businesses of all kinds have nearly doubled in five years and incidents once considered extraordinary are increasingly commonplace.
Cyberattacks are now the third biggest risk in terms of likelihood, trailing only natural disasters and extreme weather events.
Once attackers have accessed an organisation’s internal network – whether through malware, phishing or some other form of approach designed to compromise security – they will often keep a low profile for some time. This allows them to observe internal behaviours and payment patterns, effectively gathering intelligence before discreetly seizing operator credentials to submit fraudulent transactions that appear legitimate.
“Because attackers use valid operator credentials, these transactions appear to be legitimate payments made by valid accounts, so the challenge is to identify fraud quickly and separate the good from the bad. Once they’ve made those payments, they will try to gain time by manipulating your transaction records, and if they fail they will just use brute force to make computing environments unrecoverable,” explains Belchamber.
Ready to fight fraud
Announced as part of SWIFT’s Customer Security Programme in April 2017, SWIFT Payment Controls was launched on the first day of Sibos 2018. This SWIFT-hosted solution is an important contribution to the efforts of banks to defend themselves against fraud, through alerts and automatic blocks on suspicious transactions using pre-configured rules. And the solution learns and understands correspondent banking behaviours over time.
SWIFT Payment Controls can be set to flag, hold, release or reject high-risk or ‘out-of-policy’ payments in real time to help users prevent fraudulent activity before it occurs. Users can choose to receive an alert if payment messages are sent at a certain time (e.g. outside standard business hours), in a certain currency or geography, or to a certain account.
At its core, SWIFT Payment Controls simply and effectively flags and intercepts suspicious payments to protect you and your counterparties.
“At its core, SWIFT Payment Controls simply and effectively flags and intercepts suspicious payments to protect you and your counterparties. The service is highly configurable and allows you to build in granular rules relative to past behaviour,” explains Thomas Preston, head of the Go To Market for SWIFT’s financial crime compliance screening solutions. “The overall goal is to reduce fraud and build trust between institutions across the SWIFT community.”
Find out more about SWIFT Payment Controls.